Parsing of incomplete rules #159
Conversation
… add new such attribute.
… new DictionarySymbol.
| : _type(type), _name(name), _documentation(documentation), _dataType(dataType) | ||
| { | ||
| } | ||
| /// @} |
There was a problem hiding this comment.
I needed this constructor public, so I could construct a new Symbol instance in parser_driver.cpp on line 1635.
src/parser/parser_driver.cpp
Outdated
| @@ -12,6 +12,8 @@ | |||
| #include "yaramod/types/token_type.h" | |||
| #include "yaramod/utils/filesystem_operations.h" | |||
|
|
|||
| #include <iostream> | |||
There was a problem hiding this comment.
I started printing through std::cerr instead of throwing ParserError when parsing fails in IncompleteMode.This only happens if a YARA rule is not finished (missing }, etc.). It prints the error as Warning but we can still access the TokenStream as we can see in ParseIncompleteRuleNotFinished cpp parser test.
There was a problem hiding this comment.
Printing from libraries is generally bad practice. It's much better if library returns the errors/warnings to the user and they can decide what to do with them. Imagine a situation that you don't want to print to stderr or simply stderr is missing because the application is daemon. How would you know about such error/warning?
| const auto& parentTokenText = parentExpr->getSymbolToken()->getText(); | ||
| parentExpr->setSymbol(std::make_shared<ArraySymbol>(parentTokenText, ExpressionType::Undefined)); | ||
| } | ||
| } |
There was a problem hiding this comment.
Why so complicated? I needed the tormatted text to still look nice, which means I had to replace some Symbol base class instances with instances of particular derived classes. Also it was necessary to determine correct types of some Token instances (not everywhere).
There was a problem hiding this comment.
Good thing is, that the IdExpression::setSymbol method also updates the pointer stored in the Token associated with this Symbol instance.
| else | ||
| { | ||
| std::cerr << "Warning: '" << e.getErrorMessage() << "'\nThis Warning would be an Error if not parsing in Incomplete mode." << std::endl; | ||
| return true; |
There was a problem hiding this comment.
I would appreciate any reviewer's opinien on if this printout is actually wanted. Thank you in advance.
There was a problem hiding this comment.
As I said earlier, let the user handle the prints themselves. But I'd argue here that it's pointless to show something like this to an user. Incomplete mode is opt-in so user must know what they are doing.
There was a problem hiding this comment.
I decided to stop printing these Warnings, thank you for the suggestion.
| } | ||
|
|
||
| TEST_F(ParserTests, | ||
| ParseIncompleteRuleNotFinished) { |
There was a problem hiding this comment.
This is how incomplete rule can be parsed. The TokenStream instance is still accessible.
| ''' | ||
| self.assertEqual(expected, yara_file.text_formatted) | ||
|
|
||
| def test_include_undefined_file_in_incomplete_mode(self): |
There was a problem hiding this comment.
I already had some file including tests in this file so I added it here in Python.
src/parser/parser_driver.cpp
Outdated
| @@ -12,6 +12,8 @@ | |||
| #include "yaramod/types/token_type.h" | |||
| #include "yaramod/utils/filesystem_operations.h" | |||
|
|
|||
| #include <iostream> | |||
There was a problem hiding this comment.
Printing from libraries is generally bad practice. It's much better if library returns the errors/warnings to the user and they can decide what to do with them. Imagine a situation that you don't want to print to stderr or simply stderr is missing because the application is daemon. How would you know about such error/warning?
| else | ||
| { | ||
| std::cerr << "Warning: '" << e.getErrorMessage() << "'\nThis Warning would be an Error if not parsing in Incomplete mode." << std::endl; | ||
| return true; |
There was a problem hiding this comment.
As I said earlier, let the user handle the prints themselves. But I'd argue here that it's pointless to show something like this to an user. Incomplete mode is opt-in so user must know what they are doing.
|
Thank you for your comments. I removed the Warning when ParsingError for the reason you stated. |
This PR solves issue #45 and allows parsing of: