yara.Match unexpected incompatibility

[seb-acsc]

Looks like 1.2.0 breaks compatibility for extractors that inspect yara rules.

Running maco with the demo extractors causes the following issue:

$ maco demo_extractors/ demo_extractors/
...
path: demo_extractors/complex/__pycache__/complex.cpython-312.pyc
run Complex extractor from rules ['Complex', 'ComplexAlt']
extractor error with demo_extractors/complex/__pycache__/complex.cpython-312.pyc ('StringMatch' object is not subscriptable)
Traceback (most recent call last):
  File ".../Maco/maco/cli.py", line 60, in process_file
    resp = collected.extract(stream, hits, extractor_name)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File ".../Maco/maco/collector.py", line 118, in extract
    resp = extractor["module"]().run(stream, matches)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File ".../Maco/demo_extractors/complex/complex.py", line 53, in run
  File "/home/seb/work/Maco/demo_extractors/complex/complex.py", line 53, in run
    strings = {y[2].decode("utf8") for x in matches for y in x.strings}
               ~^^^
TypeError: 'StringMatch' object is not subscriptable
...

[seb-acsc]

Appears that it should now be something like strings = {z.plaintext().decode("utf8") for x in matches for y in x.strings for z in y.instances}

[seb-acsc]

Assuming this is intentional, I can put together a PR to update the demo extractors and try to make a unit test for them

[cccs-rs]

Well the maco.yara module is meant to contain a bunch of interfaces that are meant to replicate the behaviour of matches from yara-python (while running yara-x under the hood).

If this is an action that you can perform in yara-python normally, then I think we should extend that functionality to the interface classes

[seb-acsc]

I've confirmed that this issue was originally raised with Yara (non x) v4.3.0, and that the maco interfaces are correct. I'll submit a PR with the updated demo extractor, and add testing of the demo extractor run so we can pick this up next time