static char* ext_vars[MAX_ARGS_EXT_VAR + 1]; static int ignore_warnings = FALSE; static int show_version = FALSE; static int show_help = FALSE; static int fail_on_warnings = FALSE; static int max_strings_per_rule = DEFAULT_MAX_STRINGS_PER_RULE; #define USAGE_STRING \ "Usage: yarac [OPTION]... [NAMESPACE:]SOURCE_FILE... OUTPUT_FILE" args_option_t options[] = { OPT_STRING_MULTI('d', NULL, &ext_vars, MAX_ARGS_EXT_VAR, "define external variable", "VAR=VALUE"), OPT_BOOLEAN('w', "no-warnings", &ignore_warnings, "disable warnings"), OPT_BOOLEAN(0, "fail-on-warnings", &fail_on_warnings, "fail on warnings"), OPT_INTEGER(0, "max-strings-per-rule", &max_strings_per_rule, "set maximum number of strings per rule (default=10000)", "NUMBER"), OPT_BOOLEAN('v', "version", &show_version, "show version information"), OPT_BOOLEAN('h', "help", &show_help, "show this help and exit"),
int fast_scan = FALSE; int negate = FALSE; int count = 0; int limit = 0; int timeout = 1000000; int stack_size = DEFAULT_STACK_SIZE; int threads = 8; #define USAGE_STRING \ "Usage: yara [OPTION]... RULES_FILE FILE | DIR | PID" args_option_t options[] = { OPT_STRING_MULTI('t', "tag", &tags, MAX_ARGS_TAG, "print only rules tagged as TAG", "TAG"), OPT_STRING_MULTI('i', "identifier", &identifiers, MAX_ARGS_IDENTIFIER, "print only rules named IDENTIFIER", "IDENTIFIER"), OPT_BOOLEAN('n', "negate", &negate, "print only not satisfied rules (negate)", NULL), OPT_BOOLEAN('D', "print-module-data", &show_module_data, "print module data"), OPT_BOOLEAN('g', "print-tags", &show_tags, "print tags"), OPT_BOOLEAN('m', "print-meta", &show_meta, "print metadata"),