Discard partial or expressions

[nazywam]

Your checklist for this pull request

• I've read the contributing guideline.
• I've tested my changes by building and running mquery, and testing changed functionality (if applicable)
• I've added automated tests for my change (if applicable, optional)
• I've updated documentation to reflect my change (if applicable)

What is the current behaviour?
Yara "or" expressions that have one of the two branches rejected (due to lack of query support) are still passed to the ursa engine resulting in possible false negativies (which is a big no no for us)

The included test case should explain this pretty clearly:

rule or_corner_case
{
    meta:
        description = "description"
        date = "2020-05-19"
    strings:
        $a = "this is a legit string"
        $b = /[a-f]{10}/
    condition:
        $a or $b
}

Will result in a "this is a legit string" ursa query, which can lead to matching files being dropped.

What is the new behaviour?
All partially-converted "or" expressions are dropped

Test plan
Run lib/yaraparse.py on the included test file

Closing issues

fixes #issuenumber

[nazywam]

(venv) ➜  src git:(master) ✗ python lib/yaraparse.py /tmp/or_corner_case.yar                                                                                                                               14:54:57
or_corner_case {746869732069732061206c6567697420737472696e67}
(venv) ➜  src git:(master) ✗ git checkout bugfix/or-expressions                                                                                                                                            14:55:01
M	ursadb
Switched to branch 'bugfix/or-expressions'
(venv) ➜  src git:(bugfix/or-expressions) ✗ python lib/yaraparse.py /tmp/or_corner_case.yar                                                                                                                14:55:18
or_corner_case {}

[msm-code]

🦭

Perfectly, bugfix just after a release.