binary search matching strings: show if max number was reached

also add max string len and monospaced font

src/helperFunctions/yara_binary_search.py

@@ -51,7 +51,9 @@ def _get_file_paths_of_files_included_in_fw(self, fw_uid: str) -> list[str]:
         return [self.fs_organizer.generate_path_from_uid(uid) for uid in self.db.get_all_files_in_fw(fw_uid)]
 
     @staticmethod
-    def _parse_raw_result(raw_result: str, match_limit: int = 10) -> dict[str, dict[str, list[dict]]]:
+    def _parse_raw_result(
+        raw_result: str, match_limit: int = 20, match_len_limit: int = 50
+    ) -> dict[str, dict[str, list[dict]]]:
         """
         YARA scan results have the following structure:
         <rule_name> <matching_file_path>
@@ -77,6 +79,8 @@ def _parse_raw_result(raw_result: str, match_limit: int = 10) -> dict[str, dict[
         }
 
         :param raw_result: raw yara scan result
+        :param match_limit: maximum number of stored strings per rule
+        :param match_len_limit: maximum length of stored strings
         :return: dict of matching files, rules and strings
         """
         results = {}
@@ -92,6 +96,8 @@ def _parse_raw_result(raw_result: str, match_limit: int = 10) -> dict[str, dict[
             for match_line in match_lines:
                 offset, condition, match_str = match_line.split(':', maxsplit=2)
                 match_str = match_str[1:]  # remove the space at the beginning
+                if len(match_str) > match_len_limit:
+                    match_str = match_str[:match_len_limit] + '...'
                 results[uid][rule].append({'offset': offset, 'condition': condition, 'match': match_str})
                 if len(results[uid][rule]) >= match_limit:
                     # only collect at most <match_limit> matching strings to avoid storing loads of unnecessary data

src/web_interface/templates/database/database_browse.html

@@ -28,6 +28,9 @@
             padding: 0;
             background: white;
         }
+        .mono {
+            font-family: "Deja Vu Sans Mono", monospace;
+        }
         {% if search_parameters.yara_match_data %}
             .list-group-item {
                 border: 0;
@@ -146,12 +149,16 @@ <h3 class="mb-3">Browse Firmware Database</h3>
                                         {% for rule, match_list in search_parameters.yara_match_data[firmware.uid].items() %}
                                             {% for match in match_list %}
                                                 <tr>
-                                                    <td>{{ rule | safe }}</td>
-                                                    <td>{{ match.offset | safe }}</td>
-                                                    <td>{{ match.condition | safe }}</td>
-                                                    <td>{{ match.match | safe }}</td>
+                                                    <td class="mono">{{ rule | safe }}</td>
+                                                    <td class="mono">{{ match.offset | safe }}</td>
+                                                    <td class="mono">{{ match.condition | safe }}</td>
+                                                    <td class="mono">{{ match.match | safe }}</td>
                                                 </tr>
                                             {% endfor %}
+                                            {# if there are more matches than can be displayed... #}
+                                            {% if (match_list | length) == 20 %}
+                                                <td colspan="4" data-toggle="tooltip" data-placement="bottom" title="Only the first 20 matches are displayed">...</td>
+                                            {% endif %}
                                         {% endfor %}
                                     </table>
                                 </div>