feat: add pyperscan support #5228
Conversation
doc/MANUAL.md
Outdated
| @@ -887,6 +889,17 @@ This option allows one to skip (disable) a comma-separated list of checkers and | |||
|
|
|||
| This option allows one to enable a comma-separated list of checkers. | |||
|
|
|||
| ### --pyperscan | |||
|
|
|||
| The pyperscan flag enables pyperscan support in the CVE Bin Tool. [pyperscan](https://github.com/vlaci/pyperscan) is an opinionated Python binding for [Hyperscan](https://www.hyperscan.io) focusing on easy of use and safety. | |||
There was a problem hiding this comment.
I've checked a bit more, and looks like pyperscan uses Vectorscan fork by default, not Hyperscan (see vlaci/pyperscan#35 and e.g., the build container configs). You might want to change that, too.
There was a problem hiding this comment.
Good catch, I added a note in the README file to add this information.
Yes, the hyperscan database is built every time cve-bin-tool is run and is not stored anywhere. As it is not saved anywhere, it doesn't make sense to add an option to rebuild it.
I added a simple test, tell me if more is needed. |
ffontaine
force-pushed
the
add-hyperscan
branch
2 times, most recently
from
8daf170 to
cced951
Compare
hyperscan will run simultaneously all version checkers on a file which reduce processing time. pyperscan package is used instead of the most well-known hyperscan package as pyperscan allows to add a tag for each pattern. This feature will allow to retrieve easily the checker associated to the matched pattern. On my local machine, running a scan on an embedded firmware takes 220 seconds with pyperscan instead of 326 seconds. However, pyperscan is slower on a single file and unsupported on Windows, so add a --pyperscan option (disabled by default) Fix intel#2485 Signed-off-by: Fabrice Fontaine <[email protected]>
ffontaine
force-pushed
the
add-hyperscan
branch
from
cced951 to
9812b2e
Compare
hyperscan will run simultaneously all version checkers on a file which reduce processing time.
pyperscan package is used instead of the most well-known hyperscan package as pyperscan allows to add a tag for each pattern. This feature will allow to retrieve easily the checker associated to the matched pattern.
On my local machine, running a scan on an embedded firmware takes 220 seconds with pyperscan instead of 326 seconds.
However, pyperscan is slower on a single file and unsupported on Windows, so add a --pyperscan option (disabled by default)
Fix #2485