[Forensics-changes] [SCM] debian-forensics/ssdeep branch, debian, updated. debian/2.2-1-7-gf71c974

Christophe Monniez christophe.monniez at fccu.be
Tue May 25 06:43:32 UTC 2010


The following commit has been merged in the debian branch:
commit f71c974d3315fa717380884dfa549f817f678864
Author: Christophe Monniez <christophe.monniez at fccu.be>
Date:   Tue May 25 08:36:20 2010 +0200

    Merging upstream version  2.5.

diff --git a/ChangeLog b/ChangeLog
index 02d9a40..f55b38a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,34 @@
+2010-05-05 Jesse Kornblum
+
+	* Changed logic for reading files of known hashes to look for
+	  the header this version of the program writes instead of 
+	  the v1 header. This was done for the DC3 branch of the code.
+
+	* Updated README documentation and published version 2.5.
+	
+
+2010-03-20 Jesse Kornblum
+
+	* Fixed define in fuzzy.h to only allow one compilation
+	
+
+2010-03-19 Jesse Kornblum
+
+	* Added 'extern "C"' definitions to fuzzy.h for C++ compatibility
+	
+	* Added return values indicating errors to API functions.
+
+	* Modified sample program to use errors on return values
+	
+	* Added Doxygen documentation for API function.
+
+	* Added inttypes.h include to fuzzy.h.
+
+	* Added error checking for NULL strings in API functions.
+
+	* Version bump to 2.5
+	
+
 2010-02-24 Jesse Kornblum
 
 	* Experimenting with mode to compare unknown hashes to known
diff --git a/NEWS b/NEWS
index ea9539e..c794506 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,20 @@
+** Version 2.5 - 6 May 2010
+
+* New Features
+
+  - Added API documentation
+
+  - Added return values indicating errors in API functions
+
+  - Added compatibility for compiling with C++
+
+* Bug Fixes
+
+  - Added parameter validation to API functions
+
+  - Fixed some cosmetic errors in error handling
+
+
 ** Version 2.4 - 25 Feb 2010
 
 * New Features
diff --git a/README b/README
index 9764c79..b3f1ed0 100644
--- a/README
+++ b/README
@@ -24,7 +24,7 @@ the following:
 
 * Fuzzy hashing a buffer of text:
 
-int fuzzy_hash_buf(unsigned char *buf,
+int fuzzy_hash_buf(const unsigned char *buf,
 		   uint32_t      buf_len,
 	           char          *result);
 
@@ -52,7 +52,7 @@ The function returns zero on success, one on error.
 
 The other function to hash a file takes a file name:
 
-int fuzzy_hash_filename(char * filename,
+int fuzzy_hash_filename(const char * filename,
 			char * result);
 
 Like the function above, this function stores the fuzzy hash result
diff --git a/configure b/configure
index facc05f..8ca1729 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.63 for SSDEEP 2.4.
+# Generated by GNU Autoconf 2.63 for SSDEEP 2.5.
 #
 # Report bugs to <research at jessekornblum.com>.
 #
@@ -745,8 +745,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
 # Identity of this package.
 PACKAGE_NAME='SSDEEP'
 PACKAGE_TARNAME='ssdeep'
-PACKAGE_VERSION='2.4'
-PACKAGE_STRING='SSDEEP 2.4'
+PACKAGE_VERSION='2.5'
+PACKAGE_STRING='SSDEEP 2.5'
 PACKAGE_BUGREPORT='research at jessekornblum.com'
 
 # Factoring default headers for most tests.
@@ -1467,7 +1467,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures SSDEEP 2.4 to adapt to many kinds of systems.
+\`configure' configures SSDEEP 2.5 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1537,7 +1537,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of SSDEEP 2.4:";;
+     short | recursive ) echo "Configuration of SSDEEP 2.5:";;
    esac
   cat <<\_ACEOF
 
@@ -1636,7 +1636,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-SSDEEP configure 2.4
+SSDEEP configure 2.5
 generated by GNU Autoconf 2.63
 
 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1650,7 +1650,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by SSDEEP $as_me 2.4, which was
+It was created by SSDEEP $as_me 2.5, which was
 generated by GNU Autoconf 2.63.  Invocation command line was
 
   $ $0 $@
@@ -2499,7 +2499,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='ssdeep'
- VERSION='2.4'
+ VERSION='2.5'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -13278,7 +13278,7 @@ exec 6>&1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by SSDEEP $as_me 2.4, which was
+This file was extended by SSDEEP $as_me 2.5, which was
 generated by GNU Autoconf 2.63.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -13341,7 +13341,7 @@ Report bugs to <bug-autoconf at gnu.org>."
 _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_version="\\
-SSDEEP config.status 2.4
+SSDEEP config.status 2.5
 configured by $0, generated by GNU Autoconf 2.63,
   with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
 
diff --git a/configure.ac b/configure.ac
index eae7511..2770aea 100755
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-AC_INIT([SSDEEP],[2.4],[research at jessekornblum.com])
+AC_INIT([SSDEEP],[2.5],[research at jessekornblum.com])
 AM_INIT_AUTOMAKE
 
 AC_CONFIG_FILES([Makefile])
diff --git a/fuzzy.c b/fuzzy.c
index 7f28f3e..5925b34 100644
--- a/fuzzy.c
+++ b/fuzzy.c
@@ -2,7 +2,7 @@
 /* ssdeep
    Copyright (C) 2006 ManTech International Corporation
 
-   $Id: fuzzy.c 78 2009-07-11 20:17:05Z jessekornblum $
+   $Id: fuzzy.c 97 2010-03-19 15:10:06Z jessekornblum $
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -125,6 +125,9 @@ static void ss_destroy(ss_context *ctx)
 
 static int ss_init(ss_context *ctx, FILE *handle)
 {
+  if (NULL == ctx)
+    return TRUE;
+
   ctx->ret = (char *)malloc(sizeof(char) * FUZZY_MAX_RESULT);
   if (ctx->ret == NULL)
     return TRUE;
@@ -142,10 +145,15 @@ static int ss_init(ss_context *ctx, FILE *handle)
 
 static const char *b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 
-static void ss_engine(ss_context *ctx, unsigned char *buffer, uint32_t buffer_size)
+static void ss_engine(ss_context *ctx, 
+		      const unsigned char *buffer, 
+		      uint32_t buffer_size)
 {
   uint32_t i;
 
+  if (NULL == ctx || NULL == buffer)
+    return;
+
   for ( i = 0 ; i < buffer_size ; ++i)
   {
 
@@ -199,6 +207,9 @@ static int ss_update(ss_context *ctx, FILE *handle)
   uint32_t bytes_read;
   unsigned char *buffer; 
 
+  if (NULL == ctx || NULL == handle)
+    return TRUE;
+
   buffer = (unsigned char *)malloc(sizeof(unsigned char) * BUFFER_SIZE);
   if (buffer == NULL)
     return TRUE;
@@ -235,13 +246,19 @@ static int ss_update(ss_context *ctx, FILE *handle)
 int fuzzy_hash_file(FILE *handle,
 		    char *result)
 {
-  uint64_t filepos = ftello(handle);
-  int done         = FALSE;
-  ss_context *ctx  = (ss_context *)malloc(sizeof(ss_context));
+  ss_context *ctx;  
+  uint64_t filepos;
+  int done = FALSE;
   
+  if (NULL == handle || NULL == result)
+    return TRUE;
+  
+  ctx = (ss_context *)malloc(sizeof(ss_context));
   if (ctx == NULL)
     return TRUE;
 
+  filepos = ftello(handle);
+
   ss_init(ctx, handle);
 
   while (!done)
@@ -251,7 +268,7 @@ int fuzzy_hash_file(FILE *handle,
 
     ss_update(ctx,handle);
 
-    /* our blocksize guess may have been way off - repeat if necessary */
+    // our blocksize guess may have been way off - repeat if necessary
     if (ctx->block_size > MIN_BLOCKSIZE && ctx->j < SPAMSUM_LENGTH/2) 
       ctx->block_size = ctx->block_size / 2;
     else
@@ -260,23 +277,24 @@ int fuzzy_hash_file(FILE *handle,
 
   strncpy(result,ctx->ret,FUZZY_MAX_RESULT);
 
-  // 'Never check for an error condition you don't know how to handle'
-  // If the fseeko call fails we have a valid result but can't reset
-  // the file pointer.
-  fseeko(handle,filepos,SEEK_SET);
-
   ss_destroy(ctx);
-
   free(ctx);
+
+  if (fseeko(handle,filepos,SEEK_SET))
+    return TRUE;
+
   return FALSE;
 }
 
 
-extern int fuzzy_hash_filename(char * filename,
+extern int fuzzy_hash_filename(const char * filename,
 			       char * result)
 {
   int status;
 
+  if (NULL == filename || NULL == result)
+    return TRUE;
+
   FILE * handle = fopen(filename,"rb");
   if (NULL == handle)
     return TRUE;
@@ -289,13 +307,17 @@ extern int fuzzy_hash_filename(char * filename,
 }
 
 
-int fuzzy_hash_buf(unsigned char *buf,
+int fuzzy_hash_buf(const unsigned char *buf,
 		   uint32_t      buf_len,
 		   char          *result)
 {
+  ss_context *ctx;
   int done = FALSE;
-  ss_context *ctx  = (ss_context *)malloc(sizeof(ss_context));
-  
+
+  if (NULL == buf || NULL == result)
+    return TRUE;
+
+  ctx = (ss_context *)malloc(sizeof(ss_context));  
   if (ctx == NULL)
     return TRUE;
 
@@ -403,18 +425,17 @@ static int has_common_substring(const char *s1, const char *s2)
 }
 
 
-/*
-  eliminate sequences of longer than 3 identical characters. These
-  sequences contain very little information so they tend to just bias
-  the result unfairly
-*/
+// eliminate sequences of longer than 3 identical characters. These
+// sequences contain very little information so they tend to just bias
+// the result unfairly
 static char *eliminate_sequences(const char *str)
 {
   char *ret;
   int i, j, len;
   
   ret = strdup(str);
-  if (!ret) return NULL;
+  if (!ret) 
+    return NULL;
   
   len = strlen(str);
   
@@ -503,39 +524,43 @@ int fuzzy_compare(const char *str1, const char *str2)
   char *s1_1, *s1_2;
   char *s2_1, *s2_2;
   
-  /* each spamsum is prefixed by its block size */
+  if (NULL == str1 || NULL == str2)
+    return -1;
+
+  // each spamsum is prefixed by its block size
   if (sscanf(str1, "%u:", &block_size1) != 1 ||
       sscanf(str2, "%u:", &block_size2) != 1) {
-    return 0;
+    return -1;
   }
   
-  /* if the blocksizes don't match then we are comparing
-     apples to oranges ... */
+  // if the blocksizes don't match then we are comparing
+  // apples to oranges. This isn't an 'error' per se. We could
+  // have two valid signatures, but they can't be compared. 
   if (block_size1 != block_size2 && 
       block_size1 != block_size2*2 &&
       block_size2 != block_size1*2) {
     return 0;
   }
   
-  /* move past the prefix */
+  // move past the prefix
   str1 = strchr(str1, ':');
   str2 = strchr(str2, ':');
   
   if (!str1 || !str2) {
-    /* badly formed ... */
-    return 0;
+    // badly formed ... 
+    return -1;
   }
   
-  /* there is very little information content is sequences of
-     the same character like 'LLLLL'. Eliminate any sequences
-     longer than 3. This is especially important when combined
-     with the has_common_substring() test below. */
+  // there is very little information content is sequences of
+  // the same character like 'LLLLL'. Eliminate any sequences
+  // longer than 3. This is especially important when combined
+  // with the has_common_substring() test below. 
   s1 = eliminate_sequences(str1+1);
   s2 = eliminate_sequences(str2+1);
   
   if (!s1 || !s2) return 0;
   
-  /* now break them into the two pieces */
+  // now break them into the two pieces 
   s1_1 = s1;
   s2_1 = s2;
   
@@ -543,7 +568,7 @@ int fuzzy_compare(const char *str1, const char *str2)
   s2_2 = strchr(s2, ':');
   
   if (!s1_2 || !s2_2) {
-    /* a signature is malformed - it doesn't have 2 parts */
+    // a signature is malformed - it doesn't have 2 parts 
     free(s1); free(s2);
     return 0;
   }
@@ -551,9 +576,9 @@ int fuzzy_compare(const char *str1, const char *str2)
   *s1_2++ = 0;
   *s2_2++ = 0;
   
-  /* each signature has a string for two block sizes. We now
-     choose how to combine the two block sizes. We checked above
-     that they have at least one block size in common */
+  // each signature has a string for two block sizes. We now
+  // choose how to combine the two block sizes. We checked above
+  // that they have at least one block size in common 
   if (block_size1 == block_size2) {
     uint32_t score1, score2;
     score1 = score_strings(s1_1, s2_1, block_size1);
diff --git a/fuzzy.h b/fuzzy.h
index 0c7db5d..a21a9c0 100644
--- a/fuzzy.h
+++ b/fuzzy.h
@@ -1,44 +1,115 @@
+// Fuzzy Hashing by Jesse Kornblum
+// Copyright (C) ManTech International Corporation 2010
+//
+// $Id: fuzzy.h 100 2010-05-06 12:08:12Z jessekornblum $ 
 
-/* Fuzzy Hashing by Jesse Kornblum
-   Copyright (C) ManTech International Corporation 2008
+/// @mainpage
+/// This is the documentation for the fuzzy hashing API from ssdeep.
+///
+/// There is a complete function reference in fuzzy.h.
+///
+/// The most recent version of this documentation can be found
+/// at http://ssdeep.sourceforge.net/. 
+///
+/// @copydoc fuzzy.h
+///
+/// @version 2.5
+/// @date May 2010
+///
+/// @author Jesse Kornblum, research {at jessekornblum dot} com. 
 
-   $Id: fuzzy.h 75 2009-01-01 14:15:56Z jessekornblum $ */
+/// @file fuzzy.h
+/// @brief
+/// These functions allow a programmer to compute the fuzzy hashes
+/// (also called the context-triggered piecewise hashes) of 
+/// @link fuzzy_hash_buf() a buffer
+/// of text @endlink, 
+/// @link fuzzy_hash_filename() the contents of a file on the disk @endlink, 
+/// and 
+/// @link fuzzy_hash_file() the contents of
+/// an open file handle @endlink . 
+/// There is also a function to 
+/// @link fuzzy_compare() compute the
+/// similarity between any two fuzzy signatures @endlink.
 
+#ifdef __cplusplus
+extern "C" {
+#endif
 
-/* Compute the fuzzy hash of buf. The resulting block size is stored in 
-   block_size. You must pass the length of buf in buf_len.
-   result MUST be allocated to hold up to FUZZY_MAX_RESULT
-   characters. It is the user's responsibility to append the filename,
-   if any, to result after computation. */
-extern int fuzzy_hash_buf(unsigned char *buf,
+#ifndef _INTTYPES_H_
+# include <inttypes.h>
+#endif
+
+#ifndef _FUZZY_H_
+# define _FUZZY_H_
+
+
+/// @brief Compute the fuzzy hash of a buffer
+///
+/// The computes the fuzzy hash of the first buf_len bytes of the buffer.
+/// It is the caller's responsibility to append the filename,
+/// if any, to result after computation. 
+/// @param buf The data to be fuzzy hashed
+/// @param buf_len The length of the data being hashed
+/// @param result Where the fuzzy hash of buf is stored. This variable
+/// must be allocated to hold at least FUZZY_MAX_RESULT bytes.
+/// @return Returns zero on success, non-zero on error.
+extern int fuzzy_hash_buf(const unsigned char *buf,
 			  uint32_t      buf_len,
 			  char          *result);
 
 
-/* Works like the above, but hashes a file instead of a buffer.
-   It is the user's responsibility to append the filename,
-   if any, to result after computation. */
+/// @brief Compute the fuzzy hash of a file using an open handle
+///
+/// Computes the fuzzy hash of the contents of the open file, starting
+/// at the beginning of the file. When finished, the file pointer is
+/// returned to its original position. If an error occurs, the file 
+/// pointer's value is undefined.
+/// It is the callers's responsibility to append the filename
+/// to the result after computation.
+/// @param handle Open handle to the file to be hashed
+/// @param result Where the fuzzy hash of the file is stored. This 
+/// variable must be allocated to hold at least FUZZY_MAX_RESULT bytes.
+/// @return Returns zero on success, non-zero on error
 extern int fuzzy_hash_file(FILE *handle,
 			   char *result);
 
-/* Opens, reads, and hashes the contents of the file 'filename' 
-   The result must be allocated to hold FUZZY_MAX_RESULT characters. 
-   Returns 0 on success, non-zero on error. */
-extern int fuzzy_hash_filename(char * filename,
+/// @brief Compute the fuzzy hash of a file
+///
+/// Opens, reads, and hashes the contents of the file 'filename' 
+/// The result must be allocated to hold FUZZY_MAX_RESULT characters. 
+/// It is the caller's responsibility to append the filename
+/// to the result after computation. 
+/// @param filename The file to be hashed
+/// @param result Where the fuzzy hash of the file is stored. This 
+/// variable must be allocated to hold at least FUZZY_MAX_RESULT bytes.
+/// @return Returns zero on success, non-zero on error. 
+extern int fuzzy_hash_filename(const char * filename,
 			       char * result);
 
 
 
-/* Returns a value from 0 to 100 indicating the match score of the 
-   two signatures. A match score of zero indicates the sigantures
-   did not match. */
+/// Computes the match score between two fuzzy hash signatures.
+/// @return Returns a value from zero to 100 indicating the
+/// match score of the 
+/// two signatures. A match score of zero indicates the sigantures
+/// did not match. When an error occurs, such as if one of the
+/// inputs is NULL, returns -1.
 extern int fuzzy_compare(const char *sig1, const char *sig2);
 
 
-/* -----------------------------------------------------------------
-   You shouldn't have to mess with anything below this line         */
 
+/// The longest possible length for a fuzzy hash signature (without the filename)
+#define FUZZY_MAX_RESULT    (SPAMSUM_LENGTH + (SPAMSUM_LENGTH/2 + 20))
 
-/* the output is a string of length 64 in base64 */
+/// Length of an individual fuzzy hash signature component
 #define SPAMSUM_LENGTH 64
-#define FUZZY_MAX_RESULT    (SPAMSUM_LENGTH + (SPAMSUM_LENGTH/2 + 20))
+
+
+// To end our 'extern "C" {'
+#ifdef __cplusplus
+} 
+#endif
+
+
+#endif   // ifndef _FUZZY_H_
diff --git a/helpers.c b/helpers.c
index 0437764..b3a4e4d 100644
--- a/helpers.c
+++ b/helpers.c
@@ -2,7 +2,7 @@
 /* ssdeep
    (C) Copyright 2006 ManTech International Corporation
 
-   $Id: helpers.c 61 2008-02-22 23:18:59Z jessekornblum $
+   $Id: helpers.c 97 2010-03-19 15:10:06Z jessekornblum $
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -21,7 +21,7 @@
 
 #include "ssdeep.h"
 
-void try(void)
+void try_msg(void)
 {
   fprintf (stderr,"Try `%s -h` for more information.%s", __progname, NEWLINE);
 }
@@ -34,7 +34,7 @@ void sanity_check(state *s, int condition, char *msg)
       if (!(s->mode & mode_silent))
 	{
 	  print_status("%s: %s", __progname, msg);
-	  try();
+	  try_msg();
 	}
       exit (EXIT_FAILURE);
     }
diff --git a/main.c b/main.c
index ebe4977..c5dac85 100644
--- a/main.c
+++ b/main.c
@@ -1,7 +1,7 @@
 // Fuzzy Hashing by Jesse Kornblum
 // Copyright (C) 2010 ManTech International Corporation
 //
-// $Id: main.c 92 2010-02-25 03:11:09Z jessekornblum $
+// $Id: main.c 97 2010-03-19 15:10:06Z jessekornblum $
 //
 // This program is licensed under version 2 of the GNU Public License.
 // See the file COPYING for details. 
@@ -136,7 +136,7 @@ static void process_cmd_line(state *s, int argc, char **argv)
       exit (EXIT_SUCCESS);
       
     default:
-      try();
+      try_msg();
       exit (EXIT_FAILURE);
     }
   }
diff --git a/main.h b/main.h
index c95de11..28a5118 100644
--- a/main.h
+++ b/main.h
@@ -1,7 +1,7 @@
 // ssdeep
 // Copyright (C) 2010 ManTech International Corporation.
 //
-// $Id: main.h 92 2010-02-25 03:11:09Z jessekornblum $
+// $Id: main.h 97 2010-03-19 15:10:06Z jessekornblum $
 //
 // This program is free software; you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -229,7 +229,7 @@ int hash_file(state *s, TCHAR *fn);
 // *********************************************************************
 // Helper functions
 // *********************************************************************
-void try(void);
+void try_msg(void);
 void sanity_check(state *s, int condition, char *msg);
 
 // The basename function kept misbehaving on OS X, so I rewrote it.
diff --git a/match.c b/match.c
index 2e0d6f0..1a103ea 100644
--- a/match.c
+++ b/match.c
@@ -1,7 +1,7 @@
 // ssdeep
 // (C) Copyright 2010 ManTech International Corporation
 //
-// $Id: match.c 92 2010-02-25 03:11:09Z jessekornblum $
+// $Id: match.c 100 2010-05-06 12:08:12Z jessekornblum $
 //
 // This program is free software; you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -130,7 +130,7 @@ int sig_file_open(state *s, char * fn, file_info_t * info)
     return TRUE;
   }
 
-  if (strncmp(str,SSDEEPV1_HEADER,strlen(SSDEEPV1_HEADER)))
+  if (strncmp(str,OUTPUT_FILE_HEADER,strlen(OUTPUT_FILE_HEADER)))
   {
     if (!MODE(mode_silent))
       print_error(s,"%s: invalid file header", fn);
@@ -254,16 +254,22 @@ int match_compare(state *s, char * match_file, TCHAR *fn, char *sum)
     }
 
     score = fuzzy_compare(sum,tmp->hash);
-    if (score > s->threshold || MODE(mode_display_all))
+    if (-1 == score)
     {
-      if (s->mode & mode_csv)
+      print_error(s, "%s: Bad hashes in comparison", __progname);
+    }
+    else
+    {
+      if (score > s->threshold || MODE(mode_display_all))
+      {
+	if (s->mode & mode_csv)
 	{
 	  display_filename(stdout,fn);
 	  printf(",");
 	  display_filename(stdout,tmp->fn);
 	  print_status(",%"PRIu32, score);
 	}
-      else
+	else
 	{
 	  if (match_file != NULL)
 	    printf ("%s:", match_file);
@@ -275,9 +281,10 @@ int match_compare(state *s, char * match_file, TCHAR *fn, char *sum)
 	  print_status(" (%"PRIu32")", score);
 	}
       
-      // We don't return right away as this file could match more than
-      // one signature. 
-      status = TRUE;
+	// We don't return right away as this file could match more than
+	// one signature. 
+	status = TRUE;
+      }
     }
     
     tmp = tmp->next;
@@ -328,7 +335,7 @@ int match_load(state *s, char *fn)
     {
       // If we can't insert this value, we're probably out of memory.
       // There's no sense trying to read the rest of the file.
-      print_error(s,fn,"unable to insert hash");
+      print_error(s,"%s: unable to insert hash", fn);
       status = TRUE;
       break;
     }
diff --git a/sample.c b/sample.c
index 841a2c6..1d385c7 100644
--- a/sample.c
+++ b/sample.c
@@ -1,6 +1,5 @@
-
 /* Fuzzy Hashing by Jesse Kornblum
-   Copyright (C) 2008 ManTech International Corporation
+   Copyright (C) 2010 ManTech International Corporation
 
    This program demonstrates some of the capabilities of 
    the fuzzy hashing library.
@@ -35,7 +34,7 @@
    SPECIFICALLY DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR
    HIGH RISK ACTIVITIES.   */
 
-/* $Id: sample.c 61 2008-02-22 23:18:59Z jessekornblum $ */
+// $Id: sample.c 97 2010-03-19 15:10:06Z jessekornblum $
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -57,7 +56,9 @@ void generate_random(unsigned char *buf, uint32_t sz)
 }
 
 
-int write_data(unsigned char *buf, uint32_t sz, char *fn)
+int write_data(const unsigned char *buf, 
+	       const uint32_t sz, 
+	       const char *fn)
 {
   printf ("Writing to %s\n", fn);
   FILE * handle = fopen(fn,"wb");
@@ -82,10 +83,10 @@ int main(int argc, char **argv)
   result  = (char *)malloc(FUZZY_MAX_RESULT);
   result2 = (char *)malloc(FUZZY_MAX_RESULT);
   if (NULL == result || NULL == buf || NULL == result2)
-    {
-      fprintf (stderr,"%s: Out of memory\n",argv[0]);
-      return -1;
-    }
+  {
+    fprintf (stderr,"%s: Out of memory\n", argv[0]);
+    return EXIT_FAILURE;
+  }
 
   generate_random(buf,SIZE);
 
@@ -126,10 +127,15 @@ int main(int argc, char **argv)
     printf ("%s\n", result2);
 
   i = fuzzy_compare(result,result2);
-  if (i != 0)
-    printf ("MATCH: score = %d\n", i);
+  if (-1 == i)
+    printf ("An error occured during matching\n");
   else
-    printf ("did not match\n");
+  {
+    if (i != 0)
+      printf ("MATCH: score = %d\n", i);
+    else
+      printf ("did not match\n");
+  }
 
   return EXIT_SUCCESS;
 }
diff --git a/ssdeep.1 b/ssdeep.1
index d033612..6d80423 100644
--- a/ssdeep.1
+++ b/ssdeep.1
@@ -1,4 +1,4 @@
-.TH SSDEEP "1" "Version 2.4 \- 25 Feb 2010" "ManTech International" "ManTech International"
+.TH SSDEEP "1" "Version 2.5 \- 6 May 2010" "ManTech International" "ManTech International"
 
 .SH NAME
 ssdeep - Computes context triggered piecewise hashes

-- 
debian-forensics/ssdeep



More information about the forensics-changes mailing list