Added warning on unknown escape sequences

[TommYDeeee]

Whenever user makes a mistake in escape sequence it is being silently ignored.
For example if user writes
C:\Users\\[^\\]+\\test.txt
instead of
C:\\Users\\[^\\]+\\test.txt
YARA takes \U as an escape sequence and ignores it as there is not a rule to match (U is returned), therefore this would match strings starting with C:Users instead of C:\Users.
Another case where this problem would rise is even within YARA tests. There is \0x5A value being escaped in range test. YARA does not support leading 0 in escaping, therefore it escapes only \0, returns 0 and continues with the rest being treated as a normal string. We would then get range 65-93(65 is a decimal value for ASCII A and 93 for \x5D) instead of desired range 91-93 in decimal values. The test is not failing as the tested value is within both ranges but if you try something that should fail as a \x4F it still passes.

• I have added an CLI argument that would turn on this feature and generate warning whenever user writes invalid escape sequence.
• I have also modified tests and added new test suite to tests those cases.

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.