[Forensics-changes] [yara] 23/415: Implemented yy_compile_string. No more temporary files to compile rules from memory buffers
Hilko Bengen
bengen at moszumanska.debian.org
Thu Apr 3 05:42:39 UTC 2014
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch debian
in repository yara.
commit 96afe1211a13ec8a3e4274a38db00621b1b9a4f8
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Wed Mar 18 10:03:39 2009 +0000
Implemented yy_compile_string. No more temporary files to compile rules from memory buffers
---
libyara/lex.c | 193 +++++++++++++++++++--------------
libyara/lex.l | 45 +++++++-
libyara/libyara.c | 31 +++---
libyara/libyara.tmproj | 240 +++++++++++++++++++++++++----------------
libyara/yara.h | 37 ++++---
windows/libyara/libyara.vcproj | 8 +-
yara-python/yara-python.c | 55 ++++++----
7 files changed, 373 insertions(+), 236 deletions(-)
diff --git a/libyara/lex.c b/libyara/lex.c
index 4a7aff0..3f3ff00 100644
--- a/libyara/lex.c
+++ b/libyara/lex.c
@@ -521,19 +521,56 @@ char *yytext;
#include "xtoi.h"
#include "mem.h"
#include "sizedstr.h"
+#include "yara.h"
+
+int line_number;
+const char* file_name;
+RULE_LIST* rule_list;
+
+char string_buf[256];
+char* string_buf_ptr;
+unsigned short string_buf_len;
+
+
+int parse_string(const char* string, RULE_LIST* rules)
+{
+ YY_BUFFER_STATE state;
+
+ rule_list = rules;
+
+ state = yy_scan_string(string);
+
+ yyparse();
+
+ yy_delete_buffer(state);
+
+ return yynerrs;
+}
+
+int parse_file(FILE* rules_file, RULE_LIST* rules)
+{
+ rule_list = rules;
+ yyin = rules_file;
+
+ if (yyin != NULL)
+ {
+ //yydebug = 1;
+ line_number = 1;
+ yyparse();
+ }
+
+ return yynerrs;
+}
+
-extern int line_number;
-char string_buf[256];
-char *string_buf_ptr;
-unsigned short string_buf_len;
#define str 1
#define regexp 2
-#line 537 "lex.c"
+#line 574 "lex.c"
/* Macros after this point can all be overridden by user definitions in
* section 1.
@@ -684,10 +721,10 @@ YY_DECL
register char *yy_cp, *yy_bp;
register int yy_act;
-#line 32 "lex.l"
+#line 69 "lex.l"
-#line 691 "lex.c"
+#line 728 "lex.c"
if ( yy_init )
{
@@ -772,207 +809,207 @@ do_action: /* This label is used only to access EOF actions. */
case 1:
YY_RULE_SETUP
-#line 34 "lex.l"
+#line 71 "lex.l"
{ return _LT_; }
YY_BREAK
case 2:
YY_RULE_SETUP
-#line 35 "lex.l"
+#line 72 "lex.l"
{ return _GT_; }
YY_BREAK
case 3:
YY_RULE_SETUP
-#line 36 "lex.l"
+#line 73 "lex.l"
{ return _LE_; }
YY_BREAK
case 4:
YY_RULE_SETUP
-#line 37 "lex.l"
+#line 74 "lex.l"
{ return _GE_; }
YY_BREAK
case 5:
YY_RULE_SETUP
-#line 38 "lex.l"
+#line 75 "lex.l"
{ return _EQ_; }
YY_BREAK
case 6:
YY_RULE_SETUP
-#line 39 "lex.l"
+#line 76 "lex.l"
{ return _NEQ_; }
YY_BREAK
case 7:
YY_RULE_SETUP
-#line 40 "lex.l"
+#line 77 "lex.l"
{ return _PRIVATE_; }
YY_BREAK
case 8:
YY_RULE_SETUP
-#line 41 "lex.l"
+#line 78 "lex.l"
{ return _GLOBAL_; }
YY_BREAK
case 9:
YY_RULE_SETUP
-#line 42 "lex.l"
+#line 79 "lex.l"
{ return _RULE_; }
YY_BREAK
case 10:
YY_RULE_SETUP
-#line 43 "lex.l"
+#line 80 "lex.l"
{ return _STRINGS_; }
YY_BREAK
case 11:
YY_RULE_SETUP
-#line 44 "lex.l"
+#line 81 "lex.l"
{ return _ASCII_; }
YY_BREAK
case 12:
YY_RULE_SETUP
-#line 45 "lex.l"
+#line 82 "lex.l"
{ return _WIDE_; }
YY_BREAK
case 13:
YY_RULE_SETUP
-#line 46 "lex.l"
+#line 83 "lex.l"
{ return _FULLWORD_; }
YY_BREAK
case 14:
YY_RULE_SETUP
-#line 47 "lex.l"
+#line 84 "lex.l"
{ return _NOCASE_; }
YY_BREAK
case 15:
YY_RULE_SETUP
-#line 48 "lex.l"
+#line 85 "lex.l"
{ return _CONDITION_; }
YY_BREAK
case 16:
YY_RULE_SETUP
-#line 49 "lex.l"
+#line 86 "lex.l"
{ return _TRUE_; }
YY_BREAK
case 17:
YY_RULE_SETUP
-#line 50 "lex.l"
+#line 87 "lex.l"
{ return _FALSE_; }
YY_BREAK
case 18:
YY_RULE_SETUP
-#line 51 "lex.l"
+#line 88 "lex.l"
{ return _NOT_; }
YY_BREAK
case 19:
YY_RULE_SETUP
-#line 52 "lex.l"
+#line 89 "lex.l"
{ return _AND_; }
YY_BREAK
case 20:
YY_RULE_SETUP
-#line 53 "lex.l"
+#line 90 "lex.l"
{ return _OR_; }
YY_BREAK
case 21:
YY_RULE_SETUP
-#line 54 "lex.l"
+#line 91 "lex.l"
{ return _AT_; }
YY_BREAK
case 22:
YY_RULE_SETUP
-#line 55 "lex.l"
+#line 92 "lex.l"
{ return _IN_; }
YY_BREAK
case 23:
YY_RULE_SETUP
-#line 56 "lex.l"
+#line 93 "lex.l"
{ return _OF_; }
YY_BREAK
case 24:
YY_RULE_SETUP
-#line 57 "lex.l"
+#line 94 "lex.l"
{ return _THEM_; }
YY_BREAK
case 25:
YY_RULE_SETUP
-#line 58 "lex.l"
+#line 95 "lex.l"
{ return _FOR_; }
YY_BREAK
case 26:
YY_RULE_SETUP
-#line 59 "lex.l"
+#line 96 "lex.l"
{ return _ALL_; }
YY_BREAK
case 27:
YY_RULE_SETUP
-#line 60 "lex.l"
+#line 97 "lex.l"
{ return _ANY_; }
YY_BREAK
case 28:
YY_RULE_SETUP
-#line 61 "lex.l"
+#line 98 "lex.l"
{ return _ENTRYPOINT_; }
YY_BREAK
case 29:
YY_RULE_SETUP
-#line 62 "lex.l"
+#line 99 "lex.l"
{ return _SIZE_; }
YY_BREAK
case 30:
YY_RULE_SETUP
-#line 63 "lex.l"
+#line 100 "lex.l"
{ return _RVA_; }
YY_BREAK
case 31:
YY_RULE_SETUP
-#line 64 "lex.l"
+#line 101 "lex.l"
{ return _OFFSET_; }
YY_BREAK
case 32:
YY_RULE_SETUP
-#line 65 "lex.l"
+#line 102 "lex.l"
{ return _FILE_; }
YY_BREAK
case 33:
YY_RULE_SETUP
-#line 66 "lex.l"
+#line 103 "lex.l"
{ return _IS_; }
YY_BREAK
case 34:
YY_RULE_SETUP
-#line 67 "lex.l"
+#line 104 "lex.l"
{ return _SECTION_; }
YY_BREAK
case 35:
YY_RULE_SETUP
-#line 68 "lex.l"
+#line 105 "lex.l"
{ return _UINT8_; }
YY_BREAK
case 36:
YY_RULE_SETUP
-#line 69 "lex.l"
+#line 106 "lex.l"
{ return _UINT16_; }
YY_BREAK
case 37:
YY_RULE_SETUP
-#line 70 "lex.l"
+#line 107 "lex.l"
{ return _UINT32_; }
YY_BREAK
case 38:
YY_RULE_SETUP
-#line 71 "lex.l"
+#line 108 "lex.l"
{ return _INT8_; }
YY_BREAK
case 39:
YY_RULE_SETUP
-#line 72 "lex.l"
+#line 109 "lex.l"
{ return _INT16_; }
YY_BREAK
case 40:
YY_RULE_SETUP
-#line 73 "lex.l"
+#line 110 "lex.l"
{ return _INT32_; }
YY_BREAK
case 41:
YY_RULE_SETUP
-#line 77 "lex.l"
+#line 114 "lex.l"
{ /* skip comments */
char* line_break = strchr( yytext, '\n' );
@@ -986,7 +1023,7 @@ YY_RULE_SETUP
YY_BREAK
case 42:
YY_RULE_SETUP
-#line 88 "lex.l"
+#line 125 "lex.l"
{ /* skip single-line comments */
line_number++;
@@ -994,7 +1031,7 @@ YY_RULE_SETUP
YY_BREAK
case 43:
YY_RULE_SETUP
-#line 93 "lex.l"
+#line 130 "lex.l"
{
yylval.c_string = (char*) yr_strdup(yytext);
return _STRING_IDENTIFIER_WITH_WILDCARD_;
@@ -1002,7 +1039,7 @@ YY_RULE_SETUP
YY_BREAK
case 44:
YY_RULE_SETUP
-#line 98 "lex.l"
+#line 135 "lex.l"
{
yylval.c_string = (char*) yr_strdup(yytext);
return _STRING_IDENTIFIER_;
@@ -1010,7 +1047,7 @@ YY_RULE_SETUP
YY_BREAK
case 45:
YY_RULE_SETUP
-#line 104 "lex.l"
+#line 141 "lex.l"
{
yylval.c_string = (char*) yr_strdup(yytext);
yylval.c_string[0] = '$'; /* replace # by $*/
@@ -1019,7 +1056,7 @@ YY_RULE_SETUP
YY_BREAK
case 46:
YY_RULE_SETUP
-#line 110 "lex.l"
+#line 147 "lex.l"
{
yylval.c_string = (char*) yr_strdup(yytext);
yylval.c_string[0] = '$'; /* replace @ by $*/
@@ -1028,7 +1065,7 @@ YY_RULE_SETUP
YY_BREAK
case 47:
YY_RULE_SETUP
-#line 116 "lex.l"
+#line 153 "lex.l"
{
if (strlen(yytext) > 128)
{
@@ -1042,7 +1079,7 @@ YY_RULE_SETUP
YY_BREAK
case 48:
YY_RULE_SETUP
-#line 127 "lex.l"
+#line 164 "lex.l"
{
yylval.integer = (unsigned int) atoi(yytext);
@@ -1060,7 +1097,7 @@ YY_RULE_SETUP
YY_BREAK
case 49:
YY_RULE_SETUP
-#line 142 "lex.l"
+#line 179 "lex.l"
{
yylval.integer = xtoi(yytext + 2);
return _NUMBER_;
@@ -1068,7 +1105,7 @@ YY_RULE_SETUP
YY_BREAK
case 50:
YY_RULE_SETUP
-#line 147 "lex.l"
+#line 184 "lex.l"
{ /* saw closing quote - all done */
SIZED_STRING* s;
@@ -1096,22 +1133,22 @@ YY_RULE_SETUP
YY_BREAK
case 51:
YY_RULE_SETUP
-#line 172 "lex.l"
+#line 209 "lex.l"
{ *string_buf_ptr++ = '\t'; string_buf_len++; }
YY_BREAK
case 52:
YY_RULE_SETUP
-#line 173 "lex.l"
+#line 210 "lex.l"
{ *string_buf_ptr++ = '\"'; string_buf_len++; }
YY_BREAK
case 53:
YY_RULE_SETUP
-#line 174 "lex.l"
+#line 211 "lex.l"
{ *string_buf_ptr++ = '\\'; string_buf_len++; }
YY_BREAK
case 54:
YY_RULE_SETUP
-#line 176 "lex.l"
+#line 213 "lex.l"
{
int result;
@@ -1123,7 +1160,7 @@ YY_RULE_SETUP
YY_BREAK
case 55:
YY_RULE_SETUP
-#line 185 "lex.l"
+#line 222 "lex.l"
{
char *yptr = yytext;
@@ -1136,7 +1173,7 @@ YY_RULE_SETUP
YY_BREAK
case 56:
YY_RULE_SETUP
-#line 195 "lex.l"
+#line 232 "lex.l"
{
yyerror("unterminated string");
yyterminate();
@@ -1145,7 +1182,7 @@ YY_RULE_SETUP
YY_BREAK
case 57:
YY_RULE_SETUP
-#line 201 "lex.l"
+#line 238 "lex.l"
{
yyerror("illegal escape sequence");
yynerrs++;
@@ -1153,7 +1190,7 @@ YY_RULE_SETUP
YY_BREAK
case 58:
YY_RULE_SETUP
-#line 207 "lex.l"
+#line 244 "lex.l"
{
SIZED_STRING* s;
@@ -1180,7 +1217,7 @@ YY_RULE_SETUP
YY_BREAK
case 59:
YY_RULE_SETUP
-#line 231 "lex.l"
+#line 268 "lex.l"
{
*string_buf_ptr++ = '/';
string_buf_len++ ;
@@ -1188,7 +1225,7 @@ YY_RULE_SETUP
YY_BREAK
case 60:
YY_RULE_SETUP
-#line 236 "lex.l"
+#line 273 "lex.l"
{
*string_buf_ptr++ = yytext[0];
*string_buf_ptr++ = yytext[1];
@@ -1197,7 +1234,7 @@ YY_RULE_SETUP
YY_BREAK
case 61:
YY_RULE_SETUP
-#line 242 "lex.l"
+#line 279 "lex.l"
{
char *yptr = yytext;
@@ -1210,7 +1247,7 @@ YY_RULE_SETUP
YY_BREAK
case 62:
YY_RULE_SETUP
-#line 252 "lex.l"
+#line 289 "lex.l"
{
yyerror("unterminated regular expression");
yyterminate();
@@ -1219,7 +1256,7 @@ YY_RULE_SETUP
YY_BREAK
case 63:
YY_RULE_SETUP
-#line 258 "lex.l"
+#line 295 "lex.l"
{
string_buf_ptr = string_buf;
string_buf_len = 0;
@@ -1228,7 +1265,7 @@ YY_RULE_SETUP
YY_BREAK
case 64:
YY_RULE_SETUP
-#line 264 "lex.l"
+#line 301 "lex.l"
{
string_buf_ptr = string_buf;
string_buf_len = 0;
@@ -1237,7 +1274,7 @@ YY_RULE_SETUP
YY_BREAK
case 65:
YY_RULE_SETUP
-#line 271 "lex.l"
+#line 308 "lex.l"
{
int len = strlen(yytext);
@@ -1254,12 +1291,12 @@ YY_RULE_SETUP
YY_BREAK
case 66:
YY_RULE_SETUP
-#line 286 "lex.l"
+#line 323 "lex.l"
/* skip whitespace */
YY_BREAK
case 67:
YY_RULE_SETUP
-#line 288 "lex.l"
+#line 325 "lex.l"
{
line_number++;
@@ -1267,17 +1304,17 @@ YY_RULE_SETUP
YY_BREAK
case 68:
YY_RULE_SETUP
-#line 293 "lex.l"
+#line 330 "lex.l"
{
return yytext[0];
}
YY_BREAK
case 69:
YY_RULE_SETUP
-#line 296 "lex.l"
+#line 333 "lex.l"
ECHO;
YY_BREAK
-#line 1281 "lex.c"
+#line 1318 "lex.c"
case YY_STATE_EOF(INITIAL):
case YY_STATE_EOF(str):
case YY_STATE_EOF(regexp):
@@ -2165,7 +2202,7 @@ int main()
return 0;
}
#endif
-#line 296 "lex.l"
+#line 333 "lex.l"
diff --git a/libyara/lex.l b/libyara/lex.l
index 53f4a8b..e53e764 100644
--- a/libyara/lex.l
+++ b/libyara/lex.l
@@ -10,12 +10,49 @@
#include "xtoi.h"
#include "mem.h"
#include "sizedstr.h"
+#include "yara.h"
+
+int line_number;
+const char* file_name;
+RULE_LIST* rule_list;
+
+char string_buf[256];
+char* string_buf_ptr;
+unsigned short string_buf_len;
+
+
+int parse_string(const char* string, RULE_LIST* rules)
+{
+ YY_BUFFER_STATE state;
+
+ rule_list = rules;
+
+ state = yy_scan_string(string);
+
+ yyparse();
+
+ yy_delete_buffer(state);
+
+ return yynerrs;
+}
+
+int parse_file(FILE* rules_file, RULE_LIST* rules)
+{
+ rule_list = rules;
+ yyin = rules_file;
+
+ if (yyin != NULL)
+ {
+ //yydebug = 1;
+ line_number = 1;
+ yyparse();
+ }
+
+ return yynerrs;
+}
+
-extern int line_number;
-char string_buf[256];
-char *string_buf_ptr;
-unsigned short string_buf_len;
%}
diff --git a/libyara/libyara.c b/libyara/libyara.c
index 99f97d5..ac76628 100644
--- a/libyara/libyara.c
+++ b/libyara/libyara.c
@@ -23,16 +23,15 @@ GNU General Public License for more details.
#include "error.h"
#include "eval.h"
-extern FILE *yyin;
-extern int yydebug;
+extern FILE* yyin;
+extern int yydebug;
-int yylex (void);
-int yyparse (void);
-
-int line_number;
-const char* file_name;
-RULE_LIST* rule_list;
+extern int line_number;
+extern const char* file_name;
+extern RULE_LIST* rule_list;
+int parse_string(const char* string, RULE_LIST* rules);
+int parse_file(FILE* rules_file, RULE_LIST* rules);
void yr_set_file_name(const char* rules_file_name)
{
@@ -132,17 +131,13 @@ void yr_free_rule_list(RULE_LIST* rule_list)
int yr_compile_file(FILE* rules_file, RULE_LIST* rules)
{
- rule_list = rules;
- yyin = rules_file;
+ return parse_file(rules_file, rules);
+}
- if (yyin != NULL)
- {
- //yydebug = 1;
- line_number = 1;
- yyparse();
- }
-
- return yynerrs;
+
+int yr_compile_string(const char* rules_string, RULE_LIST* rules)
+{
+ return parse_string(rules_string, rules);
}
diff --git a/libyara/libyara.tmproj b/libyara/libyara.tmproj
index e426db7..75b7375 100644
--- a/libyara/libyara.tmproj
+++ b/libyara/libyara.tmproj
@@ -3,7 +3,7 @@
<plist version="1.0">
<dict>
<key>currentDocument</key>
- <string>lex.l</string>
+ <string>libyara.c</string>
<key>documents</key>
<array>
<dict>
@@ -13,7 +13,7 @@
<key>filename</key>
<string>scan.c</string>
<key>lastUsed</key>
- <date>2009-03-14T13:44:29Z</date>
+ <date>2009-03-18T00:04:58Z</date>
</dict>
<dict>
<key>filename</key>
@@ -25,57 +25,57 @@
<key>filename</key>
<string>filemap.c</string>
<key>lastUsed</key>
- <date>2009-03-13T14:12:00Z</date>
+ <date>2009-03-17T23:10:46Z</date>
</dict>
<dict>
<key>filename</key>
<string>eval.c</string>
<key>lastUsed</key>
- <date>2009-03-14T13:50:05Z</date>
+ <date>2009-03-17T23:10:52Z</date>
</dict>
<dict>
<key>filename</key>
<string>error.c</string>
<key>lastUsed</key>
- <date>2009-03-14T13:49:57Z</date>
- </dict>
- <dict>
- <key>filename</key>
- <string>compile.c</string>
- <key>lastUsed</key>
- <date>2009-03-14T13:49:55Z</date>
+ <date>2009-03-17T23:41:27Z</date>
</dict>
<dict>
<key>filename</key>
<string>ast.c</string>
<key>lastUsed</key>
- <date>2009-03-13T14:11:01Z</date>
+ <date>2009-03-17T23:31:13Z</date>
</dict>
<dict>
<key>filename</key>
<string>lex.l</string>
<key>lastUsed</key>
- <date>2009-03-14T13:50:16Z</date>
- <key>selected</key>
- <true/>
+ <date>2009-03-18T09:33:23Z</date>
</dict>
<dict>
<key>filename</key>
<string>grammar.y</string>
<key>lastUsed</key>
- <date>2009-03-14T13:50:16Z</date>
+ <date>2009-03-18T08:57:44Z</date>
</dict>
<dict>
<key>filename</key>
<string>../yara.c</string>
<key>lastUsed</key>
- <date>2009-03-14T13:50:08Z</date>
+ <date>2009-03-18T00:06:42Z</date>
</dict>
<dict>
<key>filename</key>
<string>mem.c</string>
<key>lastUsed</key>
- <date>2009-03-14T13:17:04Z</date>
+ <date>2009-03-18T09:16:01Z</date>
+ </dict>
+ <dict>
+ <key>filename</key>
+ <string>libyara.c</string>
+ <key>lastUsed</key>
+ <date>2009-03-18T09:38:57Z</date>
+ <key>selected</key>
+ <true/>
</dict>
</array>
<key>expanded</key>
@@ -90,67 +90,67 @@
<key>filename</key>
<string>yara.h</string>
<key>lastUsed</key>
- <date>2009-03-14T13:49:50Z</date>
+ <date>2009-03-18T09:38:57Z</date>
</dict>
<dict>
<key>filename</key>
<string>pefile.h</string>
<key>lastUsed</key>
- <date>2009-02-04T13:08:06Z</date>
+ <date>2009-03-18T09:33:23Z</date>
</dict>
<dict>
<key>filename</key>
<string>pe.h</string>
<key>lastUsed</key>
- <date>2009-02-09T12:28:30Z</date>
+ <date>2009-03-17T23:42:04Z</date>
</dict>
<dict>
<key>filename</key>
<string>grammar.h</string>
<key>lastUsed</key>
- <date>2009-02-07T15:44:18Z</date>
+ <date>2009-03-18T08:53:19Z</date>
</dict>
<dict>
<key>filename</key>
<string>filemap.h</string>
<key>lastUsed</key>
- <date>2009-03-14T13:49:49Z</date>
+ <date>2009-03-18T08:53:24Z</date>
</dict>
<dict>
<key>filename</key>
<string>eval.h</string>
<key>lastUsed</key>
- <date>2009-02-07T16:40:22Z</date>
+ <date>2009-03-18T09:15:59Z</date>
</dict>
<dict>
<key>filename</key>
<string>error.h</string>
<key>lastUsed</key>
- <date>2009-03-14T13:49:59Z</date>
+ <date>2009-03-17T23:42:15Z</date>
</dict>
<dict>
<key>filename</key>
- <string>compile.h</string>
+ <string>ast.h</string>
<key>lastUsed</key>
- <date>2009-03-14T13:49:58Z</date>
+ <date>2009-03-18T09:05:10Z</date>
</dict>
<dict>
<key>filename</key>
- <string>ast.h</string>
+ <string>sizedstr.h</string>
<key>lastUsed</key>
- <date>2009-03-06T13:29:58Z</date>
+ <date>2009-03-18T09:05:08Z</date>
</dict>
<dict>
<key>filename</key>
- <string>sizedstr.h</string>
+ <string>mem.h</string>
<key>lastUsed</key>
- <date>2009-03-14T13:49:52Z</date>
+ <date>2009-03-17T23:48:15Z</date>
</dict>
<dict>
<key>filename</key>
- <string>mem.h</string>
+ <string>scan.h</string>
<key>lastUsed</key>
- <date>2009-03-13T14:11:04Z</date>
+ <date>2009-03-17T23:46:33Z</date>
</dict>
</array>
<key>expanded</key>
@@ -168,28 +168,28 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>3</integer>
+ <integer>14</integer>
<key>line</key>
- <integer>478</integer>
+ <integer>465</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>0</integer>
+ <integer>2</integer>
</dict>
<key>ast.c</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>20</integer>
+ <integer>7</integer>
<key>line</key>
- <integer>844</integer>
+ <integer>676</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>594</integer>
+ <integer>720</integer>
</dict>
<key>ast.h</key>
<dict>
@@ -221,56 +221,28 @@
<integer>56</integer>
</dict>
</dict>
- <key>compile.c</key>
- <dict>
- <key>caret</key>
- <dict>
- <key>column</key>
- <integer>19</integer>
- <key>line</key>
- <integer>39</integer>
- </dict>
- <key>firstVisibleColumn</key>
- <integer>0</integer>
- <key>firstVisibleLine</key>
- <integer>0</integer>
- </dict>
- <key>compile.h</key>
- <dict>
- <key>caret</key>
- <dict>
- <key>column</key>
- <integer>28</integer>
- <key>line</key>
- <integer>21</integer>
- </dict>
- <key>firstVisibleColumn</key>
- <integer>0</integer>
- <key>firstVisibleLine</key>
- <integer>0</integer>
- </dict>
<key>error.c</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>26</integer>
+ <integer>16</integer>
<key>line</key>
- <integer>23</integer>
+ <integer>20</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>0</integer>
+ <integer>6</integer>
</dict>
<key>error.h</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>0</integer>
+ <integer>27</integer>
<key>line</key>
- <integer>33</integer>
+ <integer>24</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -289,16 +261,16 @@
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>0</integer>
+ <integer>301</integer>
</dict>
<key>eval.h</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>0</integer>
+ <integer>21</integer>
<key>line</key>
- <integer>0</integer>
+ <integer>30</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -347,7 +319,7 @@
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>4</integer>
+ <integer>3</integer>
</dict>
<key>grammar.h</key>
<dict>
@@ -368,51 +340,111 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>32</integer>
+ <integer>30</integer>
<key>line</key>
- <integer>363</integer>
+ <integer>156</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>0</integer>
+ <integer>81</integer>
</dict>
<key>lex.l</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>18</integer>
+ <integer>47</integer>
<key>line</key>
- <integer>8</integer>
+ <integer>23</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
+ <integer>13</integer>
+ </dict>
+ <key>libyara.c</key>
+ <dict>
+ <key>caret</key>
+ <dict>
+ <key>column</key>
+ <integer>0</integer>
+ <key>line</key>
+ <integer>137</integer>
+ </dict>
+ <key>columnSelection</key>
+ <false/>
+ <key>firstVisibleColumn</key>
<integer>0</integer>
+ <key>firstVisibleLine</key>
+ <integer>10</integer>
+ <key>selectFrom</key>
+ <dict>
+ <key>column</key>
+ <integer>65</integer>
+ <key>line</key>
+ <integer>137</integer>
+ </dict>
+ <key>selectTo</key>
+ <dict>
+ <key>column</key>
+ <integer>0</integer>
+ <key>line</key>
+ <integer>137</integer>
+ </dict>
</dict>
<key>mem.c</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>1</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>41</integer>
+ <integer>22</integer>
</dict>
+ <key>columnSelection</key>
+ <false/>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>15</integer>
+ <integer>4</integer>
+ <key>selectFrom</key>
+ <dict>
+ <key>column</key>
+ <integer>20</integer>
+ <key>line</key>
+ <integer>22</integer>
+ </dict>
+ <key>selectTo</key>
+ <dict>
+ <key>column</key>
+ <integer>0</integer>
+ <key>line</key>
+ <integer>22</integer>
+ </dict>
</dict>
<key>mem.h</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
+ <integer>20</integer>
+ <key>line</key>
+ <integer>20</integer>
+ </dict>
+ <key>firstVisibleColumn</key>
+ <integer>0</integer>
+ <key>firstVisibleLine</key>
+ <integer>0</integer>
+ </dict>
+ <key>pe.h</key>
+ <dict>
+ <key>caret</key>
+ <dict>
+ <key>column</key>
<integer>0</integer>
<key>line</key>
- <integer>16</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -438,9 +470,9 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>0</integer>
+ <integer>11</integer>
<key>line</key>
- <integer>0</integer>
+ <integer>16</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -452,14 +484,28 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>7</integer>
+ <integer>0</integer>
+ <key>line</key>
+ <integer>540</integer>
+ </dict>
+ <key>firstVisibleColumn</key>
+ <integer>0</integer>
+ <key>firstVisibleLine</key>
+ <integer>524</integer>
+ </dict>
+ <key>scan.h</key>
+ <dict>
+ <key>caret</key>
+ <dict>
+ <key>column</key>
+ <integer>2</integer>
<key>line</key>
- <integer>720</integer>
+ <integer>14</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>826</integer>
+ <integer>0</integer>
</dict>
<key>sizedstr.h</key>
<dict>
@@ -480,32 +526,36 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>5</integer>
+ <integer>26</integer>
<key>line</key>
- <integer>195</integer>
+ <integer>179</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>146</integer>
+ <integer>160</integer>
</dict>
</dict>
<key>openDocuments</key>
<array>
<string>filemap.c</string>
<string>filemap.h</string>
+ <string>grammar.h</string>
+ <string>pe.h</string>
<string>yara.h</string>
+ <string>scan.h</string>
<string>sizedstr.h</string>
- <string>compile.c</string>
<string>error.c</string>
- <string>compile.h</string>
+ <string>pefile.h</string>
<string>error.h</string>
<string>pefile.c</string>
<string>eval.c</string>
<string>../yara.c</string>
+ <string>libyara.c</string>
<string>grammar.y</string>
<string>lex.l</string>
<string>scan.c</string>
+ <string>eval.h</string>
<string>mem.h</string>
<string>mem.c</string>
<string>ast.c</string>
diff --git a/libyara/yara.h b/libyara/yara.h
index daa8451..e76163e 100644
--- a/libyara/yara.h
+++ b/libyara/yara.h
@@ -167,33 +167,32 @@ typedef struct _RULE_LIST
} RULE_LIST;
-RULE* lookup_rule(RULE_LIST* rules, char* identifier);
-
-STRING* lookup_string(STRING* string_list_head, char* identifier);
-
-TAG* lookup_tag(TAG* tag_list_head, char* identifier);
+typedef int (*YARACALLBACK)(RULE* rule, unsigned char* buffer, unsigned int buffer_size, void* data);
+typedef void (*YARAREPORT)(const char* file_name, int line_number, const char* error_message);
-void yr_init();
-RULE_LIST* yr_alloc_rule_list();
-void yr_free_rule_list(RULE_LIST* rule_list);
+RULE* lookup_rule(RULE_LIST* rules, char* identifier);
+STRING* lookup_string(STRING* string_list_head, char* identifier);
+TAG* lookup_tag(TAG* tag_list_head, char* identifier);
-void yr_set_file_name(const char* rules_file_name);
+void yr_init();
-int yr_compile_file(FILE* rules_file, RULE_LIST* rules);
+RULE_LIST* yr_alloc_rule_list();
+void yr_free_rule_list(RULE_LIST* rule_list);
-int yr_prepare_rules(RULE_LIST* rule_list);
+void yr_set_file_name(const char* rules_file_name);
-typedef int (*YARACALLBACK)(RULE* rule, unsigned char* buffer, unsigned int buffer_size, void* data);
+int yr_compile_file(FILE* rules_file, RULE_LIST* rules);
+int yr_compile_string(const char* rules_string, RULE_LIST* rules);
-int yr_scan_mem(unsigned char* buffer, unsigned int buffer_size, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
-int yr_scan_file(const char* file_path, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
+int yr_prepare_rules(RULE_LIST* rule_list);
-typedef void (*YARAREPORT)(const char* file_name, int line_number, const char* error_message);
+int yr_scan_mem(unsigned char* buffer, unsigned int buffer_size, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
+int yr_scan_file(const char* file_path, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
-int yr_get_last_error();
-int yr_get_error_line_number();
-char* yr_get_last_error_message();
-void yr_set_report_function(YARAREPORT fn);
+int yr_get_last_error();
+int yr_get_error_line_number();
+char* yr_get_last_error_message();
+void yr_set_report_function(YARAREPORT fn);
#endif
diff --git a/windows/libyara/libyara.vcproj b/windows/libyara/libyara.vcproj
index 3df77bd..5ea0d1a 100644
--- a/windows/libyara/libyara.vcproj
+++ b/windows/libyara/libyara.vcproj
@@ -155,10 +155,6 @@
>
</File>
<File
- RelativePath="..\..\libyara\compile.c"
- >
- </File>
- <File
RelativePath="..\..\libyara\error.c"
>
</File>
@@ -179,6 +175,10 @@
>
</File>
<File
+ RelativePath="..\..\libyara\libyara.c"
+ >
+ </File>
+ <File
RelativePath="..\..\libyara\mem.c"
>
</File>
diff --git a/yara-python/yara-python.c b/yara-python/yara-python.c
index 547b33f..fc7441d 100644
--- a/yara-python/yara-python.c
+++ b/yara-python/yara-python.c
@@ -250,7 +250,7 @@ static PyTypeObject Rules_Type = {
//////////////////////////////////////////////////////////////////////////////////////////////////////////
-static PyObject * Rules_NEW(FILE* file)
+static PyObject * Rules_new_from_file(FILE* file)
{
RULE_LIST* rules;
Rules* object;
@@ -288,6 +288,39 @@ static PyObject * Rules_NEW(FILE* file)
return (PyObject *)object;
}
+
+static PyObject * Rules_new_from_string(const char* string)
+{
+ RULE_LIST* rules;
+ Rules* object;
+ int errors;
+
+ rules = yr_alloc_rule_list();
+
+ if (rules == NULL)
+ {
+ return PyErr_NoMemory();
+ }
+
+ errors = yr_compile_string(string, rules);
+
+ if (errors > 0) /* errors during compilation */
+ {
+ yr_free_rule_list(rules);
+ return PyErr_Format(YaraSyntaxError, "line %d: %s", yr_get_error_line_number(), yr_get_last_error_message());
+ }
+
+ object = PyObject_NEW(Rules, &Rules_Type);
+
+ if (object != NULL)
+ {
+ yr_prepare_rules(rules);
+ object->rules = rules;
+ }
+
+ return (PyObject *)object;
+}
+
static void Rules_dealloc(PyObject *self)
{
yr_free_rule_list(((Rules*) self)->rules);
@@ -442,7 +475,7 @@ static PyObject * yara_compile(PyObject *self, PyObject *args, PyObject *keyword
if (fh != NULL)
{
- result = Rules_NEW(fh);
+ result = Rules_new_from_file(fh);
fclose(fh);
}
else
@@ -452,26 +485,12 @@ static PyObject * yara_compile(PyObject *self, PyObject *args, PyObject *keyword
}
else if (source != NULL)
{
- fh = tmpfile();
-
- if (fh != NULL)
- {
- fprintf(fh, "%s", source);
- fseek(fh, 0, SEEK_SET);
-
- result = Rules_NEW(fh);
-
- fclose(fh);
- }
- else
- {
- result = PyErr_SetFromErrno(YaraError);
- }
+ result = Rules_new_from_string(source);
}
else if (py_file != NULL)
{
fh = PyFile_AsFile(py_file);
- result = Rules_NEW(fh);
+ result = Rules_new_from_file(fh);
}
else
{
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list