VirusTotal
Add function to parse rules from raw buffer
There are some cases where we need to load rules not only from files, but directly from memory. One of these is updating over the network and (re)parsing without dropping to disk.
yr_compiler_add_string() is not suitable because buffers in-memory are not null-terminated, and strlen() is time consuming.
Here we add the ability to work with the most portable form of raw data: pointer + size.
@plusvic can it be merged? The code is quite simple and tested on the performance-optimized Yara engine.
@plusvic can you merge this PR? This is not even a "feature", but just one "wrapper" function (one in the lexer and one in the compiler) that uses an already existing API.