RuleEvaluator matcher.Values doesn't handle "Attribute: null"

[veramine]

I hit an issue today with this rule:

https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_susp_non_exe_image.yml

Because one of the matchers is :

    filter_optional_null:
        Image: null

This matcher hits the 'default' case in this switch statement:

func (rule *RuleEvaluator) getMatcherValues(ctx context.Context, matcher sigma.FieldMatcher) ([]string, error) {
	matcherValues := []string{}
	for _, abstractValue := range matcher.Values {
		value := ""

		switch abstractValue := abstractValue.(type) {
		case string:
			value = abstractValue
		case int, float32, float64, bool:
			value = fmt.Sprintf("%v", abstractValue)
		default:
			return nil, fmt.Errorf("expected scalar field matching value got: %v (%T)", abstractValue, abstractValue)
		}

Here's my code:

			eventmap := match.Event
			ctx := ctx.Background()
			result, err := rule_evaluator.Matches(ctx, eventmap)
			if err != nil {
				fmt.Printf("** ERROR evaluating match with ID [%v], err %v\n", match.MatchId, err)
...

Here's what the error returned from rule_evaluator.Matches:

** ERROR evaluating match with ID [30], err error evaluating search filter_optional_null: expected scalar field matching value got: <nil> (<nil>)

[veramine]

I didn't hit this using sigma-go v0.5.0 or v0.4.2. But I do hit it consistently on v0.6.3. I will revert back to v0.5.0 for now.