get_all_matched_strings_function added

common_helper_yara/__init__.py

 from .yara_scan import scan
 from .yara_compile import compile_rules
+from .yara_interpretation import get_all_matched_strings
 
 __all__ = [
     'scan',
-    'compile_rules'
+    'compile_rules',
+    'get_all_matched_strings'
     ]

common_helper_yara/yara_interpretation.py

+def get_all_matched_strings(yara_result_dict):
+    '''
+    returns a set of all matched strings
+
+    :param yara_result_dict: a result dict
+    :type yara_result_dict: dict
+    :return: set
+    '''
+    matched_strings = set()
+    for matched_rule in yara_result_dict:
+        matched_strings.update(_get_matched_strings_of_single_rule(yara_result_dict[matched_rule]))
+    return matched_strings
+
+
+def _get_matched_strings_of_single_rule(yara_match):
+    matched_strings = set()
+    print(yara_match['strings'])
+    for string_item in yara_match['strings']:
+        matched_strings.add(string_item[2])
+    return matched_strings

tests/test_interpretation.py

+import unittest
+from common_helper_yara.yara_interpretation import get_all_matched_strings
+
+
+class TestYaraInterpretation(unittest.TestCase):
+
+    def test_get_all_matched_strings(self):
+        test_data = {
+            'test_rule': {'rule': 'test_rule', 'meta': {}, 'strings': [(0, '$a', b'test_1'), (10, '$b', b'test_2')], 'matches': True},
+            'test_rule2': {'rule': 'test_rule2', 'meta': {}, 'strings': [(0, '$a', b'test_1'), (10, '$b', b'test_3')], 'matches': True},
+            }
+        result = get_all_matched_strings(test_data)
+        self.assertEqual(result, set([b'test_1', b'test_2', b'test_3']), "resulting strings not correct")