Warn user if they're trying to hurt themselves (#75)

CERT-Polska · May 24, 2022 · c8c3d38 · c8c3d38
1 parent addb808
commit c8c3d38
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/malduck/extractor/extract_manager.py b/malduck/extractor/extract_manager.py
@@ -92,9 +92,18 @@ def __init__(self, modules_path: Optional[str] = None) -> None:
         # Load Yara rules
         self.rules: Yara = Yara.from_dir(modules_path)
         # Preload modules
-        load_modules(modules_path, onerror=self.on_error)
+        loaded_modules = load_modules(modules_path, onerror=self.on_error)
         self.extractors: List[Type[Extractor]] = Extractor.__subclasses__()
 
+        loaded_extractors = [x.__module__ for x in self.extractors]
+
+        for module in loaded_modules.values():
+            module_name = module.__name__
+            if not any(x.startswith(module_name) for x in loaded_extractors):
+                warnings.warn(
+                    f"The extractor engine couldn't import any Extractors from module {module_name}. Make sure the Extractor class is imported into __init__.py",
+                )
+
     def on_error(self, exc: Exception, module_name: str) -> None:
         """
         Handler for all exceptions raised during module load
@@ -313,6 +322,12 @@ def push_procmem(
         # For each extractor...
         for ext_class in self.parent.extractors:
             extractor = ext_class(self)
+
+            if type(extractor.yara_rules) is str:
+                raise TypeError(
+                    f'"{extractor.__class__.__name__}.yara_rules" cannot be a string, convert it into a list of strings'
+                )
+
             # For each rule identifier in extractor.yara_rules...
             for rule in extractor.yara_rules:
                 if rule in matches: