Compile simple-yara.go when it's copied to another directory with yara 3.9.0

[fieldsplum]

I copied _examples/simple-yara/simple-yara.go to another directory for testing.

uname -a
Linux test 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u1 (2019-09-20) x86_64 GNU/Linux

apt-get install libyara3
apt-get install libyara-dev

ls /usr/lib/x86_64-linux-gnu/libyara* -l
-rw-r--r-- 1 root root 802980 Feb 23  2019 /usr/lib/x86_64-linux-gnu/libyara.a
lrwxrwxrwx 1 root root     16 Feb 23  2019 /usr/lib/x86_64-linux-gnu/libyara.so -> libyara.so.3.9.0
lrwxrwxrwx 1 root root     16 Feb 23  2019 /usr/lib/x86_64-linux-gnu/libyara.so.3 -> libyara.so.3.9.0
-rw-r--r-- 1 root root 373496 Feb 23  2019 /usr/lib/x86_64-linux-gnu/libyara.so.3.9.0

export CGO_CFLAGS="-I/usr/include/yara"
export CGO_LDFLAGS="-L/usr/lib/x86_64-linux-gnu/ -lyara -lm"

go build simple-yara.go 
# github.com/hillu/go-yara
In file included from /usr/include/yara.h:33,
                 from ../../../go/pkg/mod/github.com/hillu/go-yara@v1.2.2/compiler.go:17:
/usr/include/yara/types.h:530:27: error: 'CHAR_BIT' undeclared here (not in a function)
   unsigned char tidx_mask[YR_BITARRAY_NCHARS(YR_MAX_THREADS)];
                           ^~~~~~~~~~~~~~~~~~
/usr/include/yara/types.h:530:27: note: 'CHAR_BIT' is defined in header '<limits.h>'; did you forget to '#include <limits.h>'?
/usr/include/yara/types.h:41:1:
+#include <limits.h>
 
/usr/include/yara/types.h:530:27:
   unsigned char tidx_mask[YR_BITARRAY_NCHARS(YR_MAX_THREADS)];
                           ^~~~~~~~~~~~~~~~~~

/usr/include/limits.h exists, I checked /usr/include/yara.h, it includes #include "yara/utils.h"
/usr/include/yara.h includes #include <limits.h>

I can't find the reason.

[fieldsplum]

I tried apt-get install golang-github-hillu-go-yara-dev, it doesn't work.

[fieldsplum]

cat go.mod
module simple-yara

go 1.14

require github.com/hillu/go-yara v1.2.2

[hillu]

@fieldsplum So, I tried to replicate your error using a Debian/buster chroot environment (as that's what seems to be the base of your installation).

You don't need to explicitly set CGO_CFLAGS and CGO_LDFLAGS, those are picked up by pkg-config if you use distribution packages.

Not sure how you installed go 1.14, but go 1.11 which can be installed using apt (apt install golang-go) works just fine, except that build tags for yara 3.9 are missing from errors_yara311.go. (Fixing that right now for another release.) Your problems seems to involve your C compiler setup. Please install Debian's build-essential package and try again.

[fieldsplum]

build-essential had already been installed.

apt-get install build-essential
Reading package lists... Done
Building dependency tree       
Reading state information... Done
build-essential is already the newest version (12.6).
The following packages were automatically installed and are no longer required:
  ldap-utils libnss-ldapd libpam-ldapd nscd nslcd
Use 'apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 250 not upgraded.

I downloaded go1.14.linux-amd64.tar.gz, and set it to GOROOT

 go evn
go evn: unknown command
Run 'go help' for usage.
forrest@test:~/work/code/testYara$ go env
GO111MODULE="on"
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/forrest/.cache/go-build"
GOENV="/home/forrest/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/forrest/go"
GOPRIVATE=""
GOPROXY="https://goproxy.cn,direct"
GOROOT="/home/forrest/Downloads/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/home/forrest/Downloads/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/forrest/work/code/testYara/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build310268625=/tmp/go-build -gno-record-gcc-switches"
forrest@test:~/work/code/testYara$ go env
GO111MODULE="on"
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/forrest/.cache/go-build"
GOENV="/home/forrest/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/forrest/go"
GOPRIVATE=""
GOPROXY="https://goproxy.cn,direct"
GOROOT="/home/forrest/Downloads/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/home/forrest/Downloads/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/forrest/work/code/testYara/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build205659043=/tmp/go-build -gno-record-gcc-switches"

 cat /usr/lib/x86_64-linux-gnu/pkgconfig/yara.pc 
prefix=/usr
exec_prefix=${prefix}
includedir=${prefix}/include
libdir=${prefix}/lib/x86_64-linux-gnu

Name: yara
Description: YARA library
URL: https://virustotal.github.io/yara/
Version: 3.9.0
Requires.private:  jansson libcrypto
Cflags: -I${includedir}
Libs: -L${libdir} -lyara
Libs.private:  -lmagic 

If I don't set CGO_CFLAGS and CGO_LDFLAGS:

go build -tags yara3.9 simple-yara.go 
# github.com/hillu/go-yara
../../../go/pkg/mod/github.com/hillu/go-yara@v1.2.2/error_yara311.go:18:15: could not determine kind of name for C.ERROR_DUPLICATED_MODIFIER
../../../go/pkg/mod/github.com/hillu/go-yara@v1.2.2/error_yara311.go:17:15: could not determine kind of name for C.ERROR_INVALID_MODIFIER

go build  simple-yara.go 
# github.com/hillu/go-yara
../../../go/pkg/mod/github.com/hillu/go-yara@v1.2.2/error_yara311.go:18:15: could not determine kind of name for C.ERROR_DUPLICATED_MODIFIER
../../../go/pkg/mod/github.com/hillu/go-yara@v1.2.2/error_yara311.go:17:15: could not determine kind of name for C.ERROR_INVALID_MODIFIER

[hillu]

If you don't set CGO_CFLAGS and CGO_LDFLAGS, you get the error mesage that I fixed in the 1.3.0 release I pushed last night. Please check if upgrading to that version fixes the issue for you.

My best guess is that setting CGO_CFLAGS might have caused the C compiler (the preprocessor, really) to read a different limits.h. This happens when autogenerating the CGO interface code, before the Go code is compiled. (Unfortunately go build is not particularly good at telling the user what it is doing behind the scenes.)

[fieldsplum]

go get
go: finding module for package github.com/hillu/go-yara
go: downloading github.com/hillu/go-yara v1.3.0
go: found github.com/hillu/go-yara in github.com/hillu/go-yara v1.3.0
# github.com/hillu/go-yara
../../../go/pkg/mod/github.com/hillu/go-yara@v1.3.0/error_yara311.go:18:15: could not determine kind of name for C.ERROR_DUPLICATED_MODIFIER
../../../go/pkg/mod/github.com/hillu/go-yara@v1.3.0/error_yara311.go:17:15: could not determine kind of name for C.ERROR_INVALID_MODIFIER

go build simple-yara.go 
# github.com/hillu/go-yara
../../../go/pkg/mod/github.com/hillu/go-yara@v1.3.0/error_yara311.go:18:15: could not determine kind of name for C.ERROR_DUPLICATED_MODIFIER
../../../go/pkg/mod/github.com/hillu/go-yara@v1.3.0/error_yara311.go:17:15: could not determine kind of name for C.ERROR_INVALID_MODIFIER

Doesn't work.
Maybe libyara version is 3.9, but error_yara is error_yara311.go.

I will change libyara to 3.11, then have a try .

[hillu]

Doesn't work.
Maybe libyara version is 3.9, but error_yara is error_yara311.go.

Right. Set the appropriate build tag as described in the Build Tags section of the README.

[fieldsplum]

Doesn't work.
Maybe libyara version is 3.9, but error_yara is error_yara311.go.

Right. Set the appropriate build tag as described in the Build Tags section of the README.

Setting -tags works.

[hillu]

Cool. I suppose, we can close the issue then.