Bug fix to malwaregen anycode detector in keyword using

[aishwaryap]

Bug fix: The regexes for C# and cpp in the malwaregen.AnyCode detector for keyword using match most English sentences that contain the word using. These have been updated to be more specific covering all uses of this keyword listed in:

• https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/keywords/using
• https://en.cppreference.com/w/cpp/keyword/using.html

Examples of uses that the updated regex is capable of detecting:

[
    "using System;", # C#
    "using (var file = new System.IO.StreamWriter(\"example.txt\"))", # C#
    "using Project = MyCompany.ProjectNamespace;", # C#
    "using static System.Math;",  # C#
    "using var file = new System.IO.StreamWriter(\"example.txt\");" # C#
    "using namespace std;", # cpp
    "using Base::show;", # cpp
    "using IntVector = vec::vector<int>;" # cpp
    "using ::f;" # cpp
    "using enum EE<E>;" # cpp
    "using Vec = vector<T, Alloc<T>>;" # cpp
    "using B = typename A<T>::U;" # cpp
    "using A = decltype([] {});" # cpp
]

Manual inspection of outputs from GPT-4o before and after this change mostly shows changes in text responses containing the word using. However, some code examples for assembly, Rust and Swift appear to not be captured by the regexes for those languages and were instead caught by the word using present in the text part of the response. I will submit future PRs to address those issues.

Verification

• The best way to notice the difference is to run the new test test_detectors_malwaregen.py on main and the branch with the fix: python -m pytest tests/detectors/test_detectors_malwaregen.py.
• GPT-4o config used for manual verification. Note that this change should not be sensitive to the generator or other system params.

run:
  generations: 5

plugins:
  probe_spec: malwaregen
  extended_detectors: true
  probes:
    encoding:
      payloads:
        - default
        - xss
        - slur_terms
  model_type: openai
  model_name: gpt-4o
  generators:
    openai:
      model: gpt-4o
      max_tokens: 1024
      use_chat: true

system:
  parallel_attempts: 32
  lite: false```

• Run the tests and ensure they pass python -m pytest tests/
• Verify the thing does what it should: Added test cases in test_detectors_malwaregen.py.
• Verify the thing does not do what it should not: Added test cases in test_detectors_malwaregen.py. Also manually inspected reports from GPT-4o to identify types of responses for which predictions have changed. Changes typically indicate shortfalls in regexes for other languages which I will address in separate PRs.

[erickgalinkin]

Minor comment, otherwise LGTM.

[erickgalinkin]

LGTM. Will merge once tests pass.