YARA-X 1.10.0 Release: Fix Warnings

Published: 2025-11-23. Last Updated: 2025-11-23 10:50:02 UTC
by Didier Stevens (Version: 1)
0 comment(s)

YARA-X's 1.10.0 release brings a new command: fix warnings.

If you have a rule that would generate a warning with a help section (explaining how to fix it), like this example rule:

 

rule FixableCountWarning
{
    strings:
        $a1 = "malicious"
        $a2 = "badstuff"

    condition:
        0 of ($a*)
}

Then YARA-X from version 1.10.0 on can fix this for you

You will get a warning when you use this rule:

The suggested fix is to replace 0 with none.

This can be done automatically with command fix warnings:

Remark that this command alters your original rule file, and doesn't make a backup of the unaltered file:

 

 

Didier Stevens
Senior handler
blog.DidierStevens.com

Keywords:
0 comment(s)

Comments

Login here to join the discussion.


Top of page
Diary Archives