From 4dc5527c1a74586a4fd97a646559844cfdbc8da9 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Tue, 8 Aug 2023 11:26:16 +0200
Subject: [PATCH] fix: [module extractor] fix invalid yara offset

---
 bin/lib/module_extractor.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/lib/module_extractor.py b/bin/lib/module_extractor.py
index cdb67ab6..681d666e 100755
--- a/bin/lib/module_extractor.py
+++ b/bin/lib/module_extractor.py
@@ -106,11 +106,11 @@ def convert_byte_offset_to_string(b_content, offset):
     byte_chunk = b_content[:offset + 1]
     try:
         string_chunk = byte_chunk.decode()
+        offset = len(string_chunk) - 1
+        return offset
     except UnicodeDecodeError as e:
-        logger.error(f'Yara offset converter error, {e.reason}\n{byte_chunk}\n{offset}')
-        string_chunk = byte_chunk
-    offset = len(string_chunk) - 1
-    return offset
+        logger.error(f'Yara offset converter error, {str(e)}\n{offset}/{len(b_content)}')
+        return convert_byte_offset_to_string(b_content, offset)
 
 
 # TODO RETRO HUNTS