summaryrefslogtreecommitdiff
path: root/tests/analysis/scan
diff options
context:
space:
mode:
Diffstat (limited to 'tests/analysis/scan')
-rw-r--r--tests/analysis/scan/functions.py16
1 files changed, 16 insertions, 0 deletions
diff --git a/tests/analysis/scan/functions.py b/tests/analysis/scan/functions.py
index 96f029f..e936263 100644
--- a/tests/analysis/scan/functions.py
+++ b/tests/analysis/scan/functions.py
@@ -108,6 +108,7 @@ rule test {
self.check_rule_success(rule)
+
rule = '''
rule test {
@@ -119,6 +120,7 @@ rule test {
self.check_rule_success(rule)
+
rule = '''
rule test {
@@ -134,6 +136,19 @@ rule test {
self.check_rule_success(rule)
+ rule = r'''
+rule test {
+
+ condition:
+ "A\x00B\x00C\x00D\x00" endswith string.wide("CD")
+ and "A\x00B\x00C\x00D\x00" contains string.wide("BC")
+
+}
+'''
+
+ self.check_rule_success(rule)
+
+
def testTime(self):
"""Check current time."""
@@ -150,6 +165,7 @@ rule test {
self.check_rule_success(rule)
+
rule = '''
rule test {