Skip to content

Add CL_TYPE_PYTHON_COMPILED and associated file type magic signatures#1111

Merged
val-ms merged 2 commits intoCisco-Talos:mainfrom
val-ms:CLAM-1744-pyc-ftm
Dec 14, 2023
Merged

Add CL_TYPE_PYTHON_COMPILED and associated file type magic signatures#1111
val-ms merged 2 commits intoCisco-Talos:mainfrom
val-ms:CLAM-1744-pyc-ftm

Conversation

@val-ms
Copy link
Contributor

@val-ms val-ms commented Dec 13, 2023

It may be necessary to differentiate between *.pyc and other binary types in case additional processing is needed.

Outside of being able to differentiate the by file type, the scanner will treat CL_TYPE_PYTHON_COMPILED the same as CL_TYPE_BINARY_DATA. That is - we're not adding parser at this time to further break down .pyc files.

@val-ms
Add CL_TYPE_PYTHON_COMPILED and associated file type magic signatures
e19ac74 
It may be necessary to differentiate between *.pyc and other binary
types in case additional processing is needed.

Outside of being able to differentiate the by file type, the scanner
will treat CL_TYPE_PYTHON_COMPILED the same as CL_TYPE_BINARY_DATA.
That is - we're not adding parser at this time to further break down
.pyc files.
@val-ms val-ms requested a review from ragusaa December 13, 2023 03:31
@val-ms val-ms merged commit 1132209 into Cisco-Talos:main Dec 14, 2023
@val-ms val-ms deleted the CLAM-1744-pyc-ftm branch December 14, 2023 17:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@ragusaa ragusaa ragusaa approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@val-ms @ragusaa