Efficient Binary File Scanner

A system that scans large binary files for specific patterns using pre-compiled pattern matching rules. The scanner must handle files efficiently without unnecessary memory copies.

Capabilities

Scans large binary data efficiently

The scanner should process large binary files using memory-efficient techniques that avoid duplicating data in memory.

• Given a 10 MB binary file and compiled rules, the scanner processes the file and returns match results @test
• Given a 50 MB binary file with multiple pattern matches, all matches are found correctly @test

Processes data buffers directly

The scanner should work with buffer objects representing binary data, allowing efficient processing of pre-loaded data.

• Given a memoryview of a binary buffer containing 1 MB of data, the scanner matches patterns without copying the buffer @test
• Given a bytearray buffer wrapped in memoryview, pattern matching works correctly @test

Implementation

@generates

API

def scan_file(rules, filepath: str) -> list:
    """
    Scans a file using the provided compiled rules.

    Args:
        rules: Compiled pattern matching rules
        filepath: Path to the file to scan

    Returns:
        A list of match results
    """
    pass

def scan_buffer(rules, buffer) -> list:
    """
    Scans a buffer containing binary data using the provided compiled rules.
    Should efficiently handle memoryview objects without copying data.

    Args:
        rules: Compiled pattern matching rules
        buffer: A buffer-like object (bytes, bytearray, memoryview) containing data to scan

    Returns:
        A list of match results
    """
    pass

Dependencies { .dependencies }

yara { .dependency }

Provides pattern matching and scanning capabilities.