[Forensics-changes] [yara] 23/415: Implemented yy_compile_string. No more temporary files to compile rules from memory buffers

Hilko Bengen bengen at moszumanska.debian.org
Thu Apr 3 05:42:39 UTC 2014


This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to branch debian
in repository yara.

commit 96afe1211a13ec8a3e4274a38db00621b1b9a4f8
Author: Victor M. Alvarez <plusvic at gmail.com>
Date:   Wed Mar 18 10:03:39 2009 +0000

    Implemented yy_compile_string. No more temporary files to compile rules from memory buffers
---
 libyara/lex.c                  | 193 +++++++++++++++++++--------------
 libyara/lex.l                  |  45 +++++++-
 libyara/libyara.c              |  31 +++---
 libyara/libyara.tmproj         | 240 +++++++++++++++++++++++++----------------
 libyara/yara.h                 |  37 ++++---
 windows/libyara/libyara.vcproj |   8 +-
 yara-python/yara-python.c      |  55 ++++++----
 7 files changed, 373 insertions(+), 236 deletions(-)

diff --git a/libyara/lex.c b/libyara/lex.c
index 4a7aff0..3f3ff00 100644
--- a/libyara/lex.c
+++ b/libyara/lex.c
@@ -521,19 +521,56 @@ char *yytext;
 #include "xtoi.h"
 #include "mem.h"
 #include "sizedstr.h"
+#include "yara.h"
+
+int             line_number;
+const char*     file_name;
+RULE_LIST*      rule_list;
+
+char 			string_buf[256];
+char*			string_buf_ptr;
+unsigned 		short string_buf_len;
+
+
+int parse_string(const char* string, RULE_LIST* rules)
+{
+	YY_BUFFER_STATE state;
+
+	rule_list = rules;	
+
+	state = yy_scan_string(string);
+
+	yyparse();
+
+	yy_delete_buffer(state);
+
+	return yynerrs;
+}
+
+int parse_file(FILE* rules_file, RULE_LIST* rules)
+{	
+	rule_list = rules;	
+	yyin = rules_file;
+
+	if (yyin != NULL)
+	{
+		//yydebug = 1;	
+		line_number = 1;		
+		yyparse();	
+	}
+		
+	return yynerrs;
+}
+
 
-extern int line_number;
 
-char string_buf[256];
-char *string_buf_ptr;
-unsigned short string_buf_len;
 
 
 #define str 1
 
 #define regexp 2
 
-#line 537 "lex.c"
+#line 574 "lex.c"
 
 /* Macros after this point can all be overridden by user definitions in
  * section 1.
@@ -684,10 +721,10 @@ YY_DECL
 	register char *yy_cp, *yy_bp;
 	register int yy_act;
 
-#line 32 "lex.l"
+#line 69 "lex.l"
 
 
-#line 691 "lex.c"
+#line 728 "lex.c"
 
 	if ( yy_init )
 		{
@@ -772,207 +809,207 @@ do_action:	/* This label is used only to access EOF actions. */
 
 case 1:
 YY_RULE_SETUP
-#line 34 "lex.l"
+#line 71 "lex.l"
 { return _LT_;	        }
 	YY_BREAK
 case 2:
 YY_RULE_SETUP
-#line 35 "lex.l"
+#line 72 "lex.l"
 { return _GT_;	        }
 	YY_BREAK
 case 3:
 YY_RULE_SETUP
-#line 36 "lex.l"
+#line 73 "lex.l"
 { return _LE_;	        }
 	YY_BREAK
 case 4:
 YY_RULE_SETUP
-#line 37 "lex.l"
+#line 74 "lex.l"
 { return _GE_;	        }
 	YY_BREAK
 case 5:
 YY_RULE_SETUP
-#line 38 "lex.l"
+#line 75 "lex.l"
 { return _EQ_;		    }
 	YY_BREAK
 case 6:
 YY_RULE_SETUP
-#line 39 "lex.l"
+#line 76 "lex.l"
 { return _NEQ_;	    }
 	YY_BREAK
 case 7:
 YY_RULE_SETUP
-#line 40 "lex.l"
+#line 77 "lex.l"
 { return _PRIVATE_;    }
 	YY_BREAK
 case 8:
 YY_RULE_SETUP
-#line 41 "lex.l"
+#line 78 "lex.l"
 { return _GLOBAL_;     }
 	YY_BREAK
 case 9:
 YY_RULE_SETUP
-#line 42 "lex.l"
+#line 79 "lex.l"
 { return _RULE_;       }
 	YY_BREAK
 case 10:
 YY_RULE_SETUP
-#line 43 "lex.l"
+#line 80 "lex.l"
 { return _STRINGS_;    }
 	YY_BREAK
 case 11:
 YY_RULE_SETUP
-#line 44 "lex.l"
+#line 81 "lex.l"
 { return _ASCII_;      }
 	YY_BREAK
 case 12:
 YY_RULE_SETUP
-#line 45 "lex.l"
+#line 82 "lex.l"
 { return _WIDE_;       }
 	YY_BREAK
 case 13:
 YY_RULE_SETUP
-#line 46 "lex.l"
+#line 83 "lex.l"
 { return _FULLWORD_;   }
 	YY_BREAK
 case 14:
 YY_RULE_SETUP
-#line 47 "lex.l"
+#line 84 "lex.l"
 { return _NOCASE_;     }
 	YY_BREAK
 case 15:
 YY_RULE_SETUP
-#line 48 "lex.l"
+#line 85 "lex.l"
 { return _CONDITION_;  }
 	YY_BREAK
 case 16:
 YY_RULE_SETUP
-#line 49 "lex.l"
+#line 86 "lex.l"
 { return _TRUE_;       }
 	YY_BREAK
 case 17:
 YY_RULE_SETUP
-#line 50 "lex.l"
+#line 87 "lex.l"
 { return _FALSE_;      }
 	YY_BREAK
 case 18:
 YY_RULE_SETUP
-#line 51 "lex.l"
+#line 88 "lex.l"
 { return _NOT_;        }
 	YY_BREAK
 case 19:
 YY_RULE_SETUP
-#line 52 "lex.l"
+#line 89 "lex.l"
 { return _AND_;        }
 	YY_BREAK
 case 20:
 YY_RULE_SETUP
-#line 53 "lex.l"
+#line 90 "lex.l"
 { return _OR_;         }
 	YY_BREAK
 case 21:
 YY_RULE_SETUP
-#line 54 "lex.l"
+#line 91 "lex.l"
 { return _AT_;         }
 	YY_BREAK
 case 22:
 YY_RULE_SETUP
-#line 55 "lex.l"
+#line 92 "lex.l"
 { return _IN_;         }
 	YY_BREAK
 case 23:
 YY_RULE_SETUP
-#line 56 "lex.l"
+#line 93 "lex.l"
 { return _OF_;         }
 	YY_BREAK
 case 24:
 YY_RULE_SETUP
-#line 57 "lex.l"
+#line 94 "lex.l"
 { return _THEM_;		}
 	YY_BREAK
 case 25:
 YY_RULE_SETUP
-#line 58 "lex.l"
+#line 95 "lex.l"
 { return _FOR_;        }
 	YY_BREAK
 case 26:
 YY_RULE_SETUP
-#line 59 "lex.l"
+#line 96 "lex.l"
 { return _ALL_;		}
 	YY_BREAK
 case 27:
 YY_RULE_SETUP
-#line 60 "lex.l"
+#line 97 "lex.l"
 { return _ANY_;		}
 	YY_BREAK
 case 28:
 YY_RULE_SETUP
-#line 61 "lex.l"
+#line 98 "lex.l"
 { return _ENTRYPOINT_; }
 	YY_BREAK
 case 29:
 YY_RULE_SETUP
-#line 62 "lex.l"
+#line 99 "lex.l"
 { return _SIZE_;       }
 	YY_BREAK
 case 30:
 YY_RULE_SETUP
-#line 63 "lex.l"
+#line 100 "lex.l"
 { return _RVA_;   	    }
 	YY_BREAK
 case 31:
 YY_RULE_SETUP
-#line 64 "lex.l"
+#line 101 "lex.l"
 { return _OFFSET_;     }
 	YY_BREAK
 case 32:
 YY_RULE_SETUP
-#line 65 "lex.l"
+#line 102 "lex.l"
 { return _FILE_;       }
 	YY_BREAK
 case 33:
 YY_RULE_SETUP
-#line 66 "lex.l"
+#line 103 "lex.l"
 { return _IS_;         }
 	YY_BREAK
 case 34:
 YY_RULE_SETUP
-#line 67 "lex.l"
+#line 104 "lex.l"
 { return _SECTION_;    }
 	YY_BREAK
 case 35:
 YY_RULE_SETUP
-#line 68 "lex.l"
+#line 105 "lex.l"
 { return _UINT8_;    	}
 	YY_BREAK
 case 36:
 YY_RULE_SETUP
-#line 69 "lex.l"
+#line 106 "lex.l"
 { return _UINT16_;    	}
 	YY_BREAK
 case 37:
 YY_RULE_SETUP
-#line 70 "lex.l"
+#line 107 "lex.l"
 { return _UINT32_;    	}
 	YY_BREAK
 case 38:
 YY_RULE_SETUP
-#line 71 "lex.l"
+#line 108 "lex.l"
 { return _INT8_;    	}
 	YY_BREAK
 case 39:
 YY_RULE_SETUP
-#line 72 "lex.l"
+#line 109 "lex.l"
 { return _INT16_;    	}
 	YY_BREAK
 case 40:
 YY_RULE_SETUP
-#line 73 "lex.l"
+#line 110 "lex.l"
 { return _INT32_;    	}
 	YY_BREAK
 case 41:
 YY_RULE_SETUP
-#line 77 "lex.l"
+#line 114 "lex.l"
 {	/* skip comments */
 								
 								char* line_break = strchr( yytext, '\n' );
@@ -986,7 +1023,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 42:
 YY_RULE_SETUP
-#line 88 "lex.l"
+#line 125 "lex.l"
 {   /* skip single-line comments */
 
 								line_number++;
@@ -994,7 +1031,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 43:
 YY_RULE_SETUP
-#line 93 "lex.l"
+#line 130 "lex.l"
 {
                        		yylval.c_string = (char*) yr_strdup(yytext);
                        		return _STRING_IDENTIFIER_WITH_WILDCARD_;      
@@ -1002,7 +1039,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 44:
 YY_RULE_SETUP
-#line 98 "lex.l"
+#line 135 "lex.l"
 {
                        		yylval.c_string = (char*) yr_strdup(yytext);
                        		return _STRING_IDENTIFIER_;      
@@ -1010,7 +1047,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 45:
 YY_RULE_SETUP
-#line 104 "lex.l"
+#line 141 "lex.l"
 {	
                        		yylval.c_string = (char*) yr_strdup(yytext);
 							yylval.c_string[0] = '$'; 					/* replace # by $*/
@@ -1019,7 +1056,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 46:
 YY_RULE_SETUP
-#line 110 "lex.l"
+#line 147 "lex.l"
 {	
 	                      	yylval.c_string = (char*) yr_strdup(yytext);
 							yylval.c_string[0] = '$'; 					/* replace @ by $*/
@@ -1028,7 +1065,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 47:
 YY_RULE_SETUP
-#line 116 "lex.l"
+#line 153 "lex.l"
 { 
 										if (strlen(yytext) > 128)
 										{
@@ -1042,7 +1079,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 48:
 YY_RULE_SETUP
-#line 127 "lex.l"
+#line 164 "lex.l"
 { 
 						yylval.integer = (unsigned int) atoi(yytext);
 						
@@ -1060,7 +1097,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 49:
 YY_RULE_SETUP
-#line 142 "lex.l"
+#line 179 "lex.l"
 {
 						yylval.integer = xtoi(yytext + 2);
 						return _NUMBER_;
@@ -1068,7 +1105,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 50:
 YY_RULE_SETUP
-#line 147 "lex.l"
+#line 184 "lex.l"
 { 	/* saw closing quote - all done */
 
 						SIZED_STRING* s;
@@ -1096,22 +1133,22 @@ YY_RULE_SETUP
 	YY_BREAK
 case 51:
 YY_RULE_SETUP
-#line 172 "lex.l"
+#line 209 "lex.l"
 { *string_buf_ptr++ = '\t'; string_buf_len++; }
 	YY_BREAK
 case 52:
 YY_RULE_SETUP
-#line 173 "lex.l"
+#line 210 "lex.l"
 { *string_buf_ptr++ = '\"'; string_buf_len++; }
 	YY_BREAK
 case 53:
 YY_RULE_SETUP
-#line 174 "lex.l"
+#line 211 "lex.l"
 { *string_buf_ptr++ = '\\'; string_buf_len++; }
 	YY_BREAK
 case 54:
 YY_RULE_SETUP
-#line 176 "lex.l"
+#line 213 "lex.l"
 {
         						int result;
 
@@ -1123,7 +1160,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 55:
 YY_RULE_SETUP
-#line 185 "lex.l"
+#line 222 "lex.l"
 {
 						char *yptr = yytext;
 
@@ -1136,7 +1173,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 56:
 YY_RULE_SETUP
-#line 195 "lex.l"
+#line 232 "lex.l"
 {
 						yyerror("unterminated string");
 						yyterminate();
@@ -1145,7 +1182,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 57:
 YY_RULE_SETUP
-#line 201 "lex.l"
+#line 238 "lex.l"
 {
 						yyerror("illegal escape sequence");
 						yynerrs++;
@@ -1153,7 +1190,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 58:
 YY_RULE_SETUP
-#line 207 "lex.l"
+#line 244 "lex.l"
 { 	
 						SIZED_STRING* s;
 
@@ -1180,7 +1217,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 59:
 YY_RULE_SETUP
-#line 231 "lex.l"
+#line 268 "lex.l"
 { 				
 						*string_buf_ptr++ = '/';
 						string_buf_len++ ;
@@ -1188,7 +1225,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 60:
 YY_RULE_SETUP
-#line 236 "lex.l"
+#line 273 "lex.l"
 { 				
 						*string_buf_ptr++ = yytext[0];
 						*string_buf_ptr++ = yytext[1];
@@ -1197,7 +1234,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 61:
 YY_RULE_SETUP
-#line 242 "lex.l"
+#line 279 "lex.l"
 {
 						char *yptr = yytext;
 
@@ -1210,7 +1247,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 62:
 YY_RULE_SETUP
-#line 252 "lex.l"
+#line 289 "lex.l"
 {
 						yyerror("unterminated regular expression");
 						yyterminate();
@@ -1219,7 +1256,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 63:
 YY_RULE_SETUP
-#line 258 "lex.l"
+#line 295 "lex.l"
 {
  						string_buf_ptr = string_buf; 
 						string_buf_len = 0;
@@ -1228,7 +1265,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 64:
 YY_RULE_SETUP
-#line 264 "lex.l"
+#line 301 "lex.l"
 {
  						string_buf_ptr = string_buf; 
 						string_buf_len = 0;
@@ -1237,7 +1274,7 @@ YY_RULE_SETUP
 	YY_BREAK
 case 65:
 YY_RULE_SETUP
-#line 271 "lex.l"
+#line 308 "lex.l"
 { 
 										int len = strlen(yytext);
 										
@@ -1254,12 +1291,12 @@ YY_RULE_SETUP
 	YY_BREAK
 case 66:
 YY_RULE_SETUP
-#line 286 "lex.l"
+#line 323 "lex.l"
 /* skip whitespace */
 	YY_BREAK
 case 67:
 YY_RULE_SETUP
-#line 288 "lex.l"
+#line 325 "lex.l"
 {
 						line_number++;
 						
@@ -1267,17 +1304,17 @@ YY_RULE_SETUP
 	YY_BREAK
 case 68:
 YY_RULE_SETUP
-#line 293 "lex.l"
+#line 330 "lex.l"
 { 
                        	return yytext[0];    
 					}
 	YY_BREAK
 case 69:
 YY_RULE_SETUP
-#line 296 "lex.l"
+#line 333 "lex.l"
 ECHO;
 	YY_BREAK
-#line 1281 "lex.c"
+#line 1318 "lex.c"
 case YY_STATE_EOF(INITIAL):
 case YY_STATE_EOF(str):
 case YY_STATE_EOF(regexp):
@@ -2165,7 +2202,7 @@ int main()
 	return 0;
 	}
 #endif
-#line 296 "lex.l"
+#line 333 "lex.l"
 
 
 
diff --git a/libyara/lex.l b/libyara/lex.l
index 53f4a8b..e53e764 100644
--- a/libyara/lex.l
+++ b/libyara/lex.l
@@ -10,12 +10,49 @@
 #include "xtoi.h"
 #include "mem.h"
 #include "sizedstr.h"
+#include "yara.h"
+
+int             line_number;
+const char*     file_name;
+RULE_LIST*      rule_list;
+
+char 			string_buf[256];
+char*			string_buf_ptr;
+unsigned 		short string_buf_len;
+
+
+int parse_string(const char* string, RULE_LIST* rules)
+{
+	YY_BUFFER_STATE state;
+
+	rule_list = rules;	
+
+	state = yy_scan_string(string);
+
+	yyparse();
+
+	yy_delete_buffer(state);
+
+	return yynerrs;
+}
+
+int parse_file(FILE* rules_file, RULE_LIST* rules)
+{	
+	rule_list = rules;	
+	yyin = rules_file;
+
+	if (yyin != NULL)
+	{
+		//yydebug = 1;	
+		line_number = 1;		
+		yyparse();	
+	}
+		
+	return yynerrs;
+}
+
 
-extern int line_number;
 
-char string_buf[256];
-char *string_buf_ptr;
-unsigned short string_buf_len;
 
 
 %}
diff --git a/libyara/libyara.c b/libyara/libyara.c
index 99f97d5..ac76628 100644
--- a/libyara/libyara.c
+++ b/libyara/libyara.c
@@ -23,16 +23,15 @@ GNU General Public License for more details.
 #include "error.h"
 #include "eval.h"
 
-extern FILE *yyin;
-extern int yydebug;
+extern FILE*           yyin;
+extern int             yydebug;
 
-int yylex (void); 
-int yyparse (void);
-
-int             line_number;
-const char*     file_name;
-RULE_LIST*      rule_list;
+extern int             line_number;
+extern const char*     file_name;
+extern RULE_LIST*      rule_list;
 
+int parse_string(const char* string, RULE_LIST* rules);
+int parse_file(FILE* rules_file, RULE_LIST* rules);
 
 void yr_set_file_name(const char* rules_file_name)
 {
@@ -132,17 +131,13 @@ void yr_free_rule_list(RULE_LIST* rule_list)
 
 int yr_compile_file(FILE* rules_file, RULE_LIST* rules)
 {	
-	rule_list = rules;	
-	yyin = rules_file;
+    return parse_file(rules_file, rules);
+}
 
-	if (yyin != NULL)
-	{
-		//yydebug = 1;	
-		line_number = 1;		
-		yyparse();	
-	}
-		
-	return yynerrs;
+
+int yr_compile_string(const char* rules_string, RULE_LIST* rules)
+{	
+    return parse_string(rules_string, rules);
 }
 
 
diff --git a/libyara/libyara.tmproj b/libyara/libyara.tmproj
index e426db7..75b7375 100644
--- a/libyara/libyara.tmproj
+++ b/libyara/libyara.tmproj
@@ -3,7 +3,7 @@
 <plist version="1.0">
 <dict>
 	<key>currentDocument</key>
-	<string>lex.l</string>
+	<string>libyara.c</string>
 	<key>documents</key>
 	<array>
 		<dict>
@@ -13,7 +13,7 @@
 					<key>filename</key>
 					<string>scan.c</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:44:29Z</date>
+					<date>2009-03-18T00:04:58Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
@@ -25,57 +25,57 @@
 					<key>filename</key>
 					<string>filemap.c</string>
 					<key>lastUsed</key>
-					<date>2009-03-13T14:12:00Z</date>
+					<date>2009-03-17T23:10:46Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>eval.c</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:50:05Z</date>
+					<date>2009-03-17T23:10:52Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>error.c</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:49:57Z</date>
-				</dict>
-				<dict>
-					<key>filename</key>
-					<string>compile.c</string>
-					<key>lastUsed</key>
-					<date>2009-03-14T13:49:55Z</date>
+					<date>2009-03-17T23:41:27Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>ast.c</string>
 					<key>lastUsed</key>
-					<date>2009-03-13T14:11:01Z</date>
+					<date>2009-03-17T23:31:13Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>lex.l</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:50:16Z</date>
-					<key>selected</key>
-					<true/>
+					<date>2009-03-18T09:33:23Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>grammar.y</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:50:16Z</date>
+					<date>2009-03-18T08:57:44Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>../yara.c</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:50:08Z</date>
+					<date>2009-03-18T00:06:42Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>mem.c</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:17:04Z</date>
+					<date>2009-03-18T09:16:01Z</date>
+				</dict>
+				<dict>
+					<key>filename</key>
+					<string>libyara.c</string>
+					<key>lastUsed</key>
+					<date>2009-03-18T09:38:57Z</date>
+					<key>selected</key>
+					<true/>
 				</dict>
 			</array>
 			<key>expanded</key>
@@ -90,67 +90,67 @@
 					<key>filename</key>
 					<string>yara.h</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:49:50Z</date>
+					<date>2009-03-18T09:38:57Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>pefile.h</string>
 					<key>lastUsed</key>
-					<date>2009-02-04T13:08:06Z</date>
+					<date>2009-03-18T09:33:23Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>pe.h</string>
 					<key>lastUsed</key>
-					<date>2009-02-09T12:28:30Z</date>
+					<date>2009-03-17T23:42:04Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>grammar.h</string>
 					<key>lastUsed</key>
-					<date>2009-02-07T15:44:18Z</date>
+					<date>2009-03-18T08:53:19Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>filemap.h</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:49:49Z</date>
+					<date>2009-03-18T08:53:24Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>eval.h</string>
 					<key>lastUsed</key>
-					<date>2009-02-07T16:40:22Z</date>
+					<date>2009-03-18T09:15:59Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
 					<string>error.h</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:49:59Z</date>
+					<date>2009-03-17T23:42:15Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
-					<string>compile.h</string>
+					<string>ast.h</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:49:58Z</date>
+					<date>2009-03-18T09:05:10Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
-					<string>ast.h</string>
+					<string>sizedstr.h</string>
 					<key>lastUsed</key>
-					<date>2009-03-06T13:29:58Z</date>
+					<date>2009-03-18T09:05:08Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
-					<string>sizedstr.h</string>
+					<string>mem.h</string>
 					<key>lastUsed</key>
-					<date>2009-03-14T13:49:52Z</date>
+					<date>2009-03-17T23:48:15Z</date>
 				</dict>
 				<dict>
 					<key>filename</key>
-					<string>mem.h</string>
+					<string>scan.h</string>
 					<key>lastUsed</key>
-					<date>2009-03-13T14:11:04Z</date>
+					<date>2009-03-17T23:46:33Z</date>
 				</dict>
 			</array>
 			<key>expanded</key>
@@ -168,28 +168,28 @@
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>3</integer>
+				<integer>14</integer>
 				<key>line</key>
-				<integer>478</integer>
+				<integer>465</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>0</integer>
+			<integer>2</integer>
 		</dict>
 		<key>ast.c</key>
 		<dict>
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>20</integer>
+				<integer>7</integer>
 				<key>line</key>
-				<integer>844</integer>
+				<integer>676</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>594</integer>
+			<integer>720</integer>
 		</dict>
 		<key>ast.h</key>
 		<dict>
@@ -221,56 +221,28 @@
 				<integer>56</integer>
 			</dict>
 		</dict>
-		<key>compile.c</key>
-		<dict>
-			<key>caret</key>
-			<dict>
-				<key>column</key>
-				<integer>19</integer>
-				<key>line</key>
-				<integer>39</integer>
-			</dict>
-			<key>firstVisibleColumn</key>
-			<integer>0</integer>
-			<key>firstVisibleLine</key>
-			<integer>0</integer>
-		</dict>
-		<key>compile.h</key>
-		<dict>
-			<key>caret</key>
-			<dict>
-				<key>column</key>
-				<integer>28</integer>
-				<key>line</key>
-				<integer>21</integer>
-			</dict>
-			<key>firstVisibleColumn</key>
-			<integer>0</integer>
-			<key>firstVisibleLine</key>
-			<integer>0</integer>
-		</dict>
 		<key>error.c</key>
 		<dict>
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>26</integer>
+				<integer>16</integer>
 				<key>line</key>
-				<integer>23</integer>
+				<integer>20</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>0</integer>
+			<integer>6</integer>
 		</dict>
 		<key>error.h</key>
 		<dict>
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>0</integer>
+				<integer>27</integer>
 				<key>line</key>
-				<integer>33</integer>
+				<integer>24</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
@@ -289,16 +261,16 @@
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>0</integer>
+			<integer>301</integer>
 		</dict>
 		<key>eval.h</key>
 		<dict>
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>0</integer>
+				<integer>21</integer>
 				<key>line</key>
-				<integer>0</integer>
+				<integer>30</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
@@ -347,7 +319,7 @@
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>4</integer>
+			<integer>3</integer>
 		</dict>
 		<key>grammar.h</key>
 		<dict>
@@ -368,51 +340,111 @@
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>32</integer>
+				<integer>30</integer>
 				<key>line</key>
-				<integer>363</integer>
+				<integer>156</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>0</integer>
+			<integer>81</integer>
 		</dict>
 		<key>lex.l</key>
 		<dict>
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>18</integer>
+				<integer>47</integer>
 				<key>line</key>
-				<integer>8</integer>
+				<integer>23</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
+			<integer>13</integer>
+		</dict>
+		<key>libyara.c</key>
+		<dict>
+			<key>caret</key>
+			<dict>
+				<key>column</key>
+				<integer>0</integer>
+				<key>line</key>
+				<integer>137</integer>
+			</dict>
+			<key>columnSelection</key>
+			<false/>
+			<key>firstVisibleColumn</key>
 			<integer>0</integer>
+			<key>firstVisibleLine</key>
+			<integer>10</integer>
+			<key>selectFrom</key>
+			<dict>
+				<key>column</key>
+				<integer>65</integer>
+				<key>line</key>
+				<integer>137</integer>
+			</dict>
+			<key>selectTo</key>
+			<dict>
+				<key>column</key>
+				<integer>0</integer>
+				<key>line</key>
+				<integer>137</integer>
+			</dict>
 		</dict>
 		<key>mem.c</key>
 		<dict>
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>1</integer>
+				<integer>0</integer>
 				<key>line</key>
-				<integer>41</integer>
+				<integer>22</integer>
 			</dict>
+			<key>columnSelection</key>
+			<false/>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>15</integer>
+			<integer>4</integer>
+			<key>selectFrom</key>
+			<dict>
+				<key>column</key>
+				<integer>20</integer>
+				<key>line</key>
+				<integer>22</integer>
+			</dict>
+			<key>selectTo</key>
+			<dict>
+				<key>column</key>
+				<integer>0</integer>
+				<key>line</key>
+				<integer>22</integer>
+			</dict>
 		</dict>
 		<key>mem.h</key>
 		<dict>
 			<key>caret</key>
 			<dict>
 				<key>column</key>
+				<integer>20</integer>
+				<key>line</key>
+				<integer>20</integer>
+			</dict>
+			<key>firstVisibleColumn</key>
+			<integer>0</integer>
+			<key>firstVisibleLine</key>
+			<integer>0</integer>
+		</dict>
+		<key>pe.h</key>
+		<dict>
+			<key>caret</key>
+			<dict>
+				<key>column</key>
 				<integer>0</integer>
 				<key>line</key>
-				<integer>16</integer>
+				<integer>0</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
@@ -438,9 +470,9 @@
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>0</integer>
+				<integer>11</integer>
 				<key>line</key>
-				<integer>0</integer>
+				<integer>16</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
@@ -452,14 +484,28 @@
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>7</integer>
+				<integer>0</integer>
+				<key>line</key>
+				<integer>540</integer>
+			</dict>
+			<key>firstVisibleColumn</key>
+			<integer>0</integer>
+			<key>firstVisibleLine</key>
+			<integer>524</integer>
+		</dict>
+		<key>scan.h</key>
+		<dict>
+			<key>caret</key>
+			<dict>
+				<key>column</key>
+				<integer>2</integer>
 				<key>line</key>
-				<integer>720</integer>
+				<integer>14</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>826</integer>
+			<integer>0</integer>
 		</dict>
 		<key>sizedstr.h</key>
 		<dict>
@@ -480,32 +526,36 @@
 			<key>caret</key>
 			<dict>
 				<key>column</key>
-				<integer>5</integer>
+				<integer>26</integer>
 				<key>line</key>
-				<integer>195</integer>
+				<integer>179</integer>
 			</dict>
 			<key>firstVisibleColumn</key>
 			<integer>0</integer>
 			<key>firstVisibleLine</key>
-			<integer>146</integer>
+			<integer>160</integer>
 		</dict>
 	</dict>
 	<key>openDocuments</key>
 	<array>
 		<string>filemap.c</string>
 		<string>filemap.h</string>
+		<string>grammar.h</string>
+		<string>pe.h</string>
 		<string>yara.h</string>
+		<string>scan.h</string>
 		<string>sizedstr.h</string>
-		<string>compile.c</string>
 		<string>error.c</string>
-		<string>compile.h</string>
+		<string>pefile.h</string>
 		<string>error.h</string>
 		<string>pefile.c</string>
 		<string>eval.c</string>
 		<string>../yara.c</string>
+		<string>libyara.c</string>
 		<string>grammar.y</string>
 		<string>lex.l</string>
 		<string>scan.c</string>
+		<string>eval.h</string>
 		<string>mem.h</string>
 		<string>mem.c</string>
 		<string>ast.c</string>
diff --git a/libyara/yara.h b/libyara/yara.h
index daa8451..e76163e 100644
--- a/libyara/yara.h
+++ b/libyara/yara.h
@@ -167,33 +167,32 @@ typedef struct _RULE_LIST
 } RULE_LIST;
 
 
-RULE* lookup_rule(RULE_LIST* rules, char* identifier);
-
-STRING* lookup_string(STRING* string_list_head, char* identifier);
-
-TAG* lookup_tag(TAG* tag_list_head, char* identifier);
+typedef int (*YARACALLBACK)(RULE* rule, unsigned char* buffer, unsigned int buffer_size, void* data);
+typedef void (*YARAREPORT)(const char* file_name, int line_number, const char* error_message);
 
-void yr_init();
-RULE_LIST* yr_alloc_rule_list();
-void yr_free_rule_list(RULE_LIST* rule_list);
+RULE*       lookup_rule(RULE_LIST* rules, char* identifier);
+STRING*     lookup_string(STRING* string_list_head, char* identifier);
+TAG*        lookup_tag(TAG* tag_list_head, char* identifier);
 
-void yr_set_file_name(const char* rules_file_name);
+void        yr_init();
 
-int yr_compile_file(FILE* rules_file, RULE_LIST* rules);
+RULE_LIST*  yr_alloc_rule_list();
+void        yr_free_rule_list(RULE_LIST* rule_list);
 
-int yr_prepare_rules(RULE_LIST* rule_list);
+void        yr_set_file_name(const char* rules_file_name);
 
-typedef int (*YARACALLBACK)(RULE* rule, unsigned char* buffer, unsigned int buffer_size, void* data);
+int         yr_compile_file(FILE* rules_file, RULE_LIST* rules);
+int         yr_compile_string(const char* rules_string, RULE_LIST* rules);
 
-int yr_scan_mem(unsigned char* buffer, unsigned int buffer_size, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
-int yr_scan_file(const char* file_path, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
+int         yr_prepare_rules(RULE_LIST* rule_list);
 
-typedef void (*YARAREPORT)(const char* file_name, int line_number, const char* error_message);
+int         yr_scan_mem(unsigned char* buffer, unsigned int buffer_size, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
+int         yr_scan_file(const char* file_path, RULE_LIST* rule_list, YARACALLBACK callback, void* user_data);
 
-int yr_get_last_error();
-int yr_get_error_line_number();
-char* yr_get_last_error_message();
-void yr_set_report_function(YARAREPORT fn);
+int         yr_get_last_error();
+int         yr_get_error_line_number();
+char*       yr_get_last_error_message();
+void        yr_set_report_function(YARAREPORT fn);
 
 #endif
 
diff --git a/windows/libyara/libyara.vcproj b/windows/libyara/libyara.vcproj
index 3df77bd..5ea0d1a 100644
--- a/windows/libyara/libyara.vcproj
+++ b/windows/libyara/libyara.vcproj
@@ -155,10 +155,6 @@
 				>
 			</File>
 			<File
-				RelativePath="..\..\libyara\compile.c"
-				>
-			</File>
-			<File
 				RelativePath="..\..\libyara\error.c"
 				>
 			</File>
@@ -179,6 +175,10 @@
 				>
 			</File>
 			<File
+				RelativePath="..\..\libyara\libyara.c"
+				>
+			</File>
+			<File
 				RelativePath="..\..\libyara\mem.c"
 				>
 			</File>
diff --git a/yara-python/yara-python.c b/yara-python/yara-python.c
index 547b33f..fc7441d 100644
--- a/yara-python/yara-python.c
+++ b/yara-python/yara-python.c
@@ -250,7 +250,7 @@ static PyTypeObject Rules_Type = {
 
 //////////////////////////////////////////////////////////////////////////////////////////////////////////
 
-static PyObject * Rules_NEW(FILE* file)
+static PyObject * Rules_new_from_file(FILE* file)
 { 
     RULE_LIST* rules;
     Rules* object;
@@ -288,6 +288,39 @@ static PyObject * Rules_NEW(FILE* file)
     return (PyObject *)object;
 }
 
+
+static PyObject * Rules_new_from_string(const char* string)
+{ 
+    RULE_LIST* rules;
+    Rules* object;
+    int errors;
+    
+    rules = yr_alloc_rule_list();
+    
+    if (rules == NULL)
+    {
+        return PyErr_NoMemory();
+    }
+    
+    errors = yr_compile_string(string, rules);
+       
+    if (errors > 0)   /* errors during compilation */
+    {
+        yr_free_rule_list(rules);       
+        return PyErr_Format(YaraSyntaxError, "line %d: %s", yr_get_error_line_number(), yr_get_last_error_message());
+    }
+    
+    object = PyObject_NEW(Rules, &Rules_Type);
+    
+    if (object != NULL)
+    {
+        yr_prepare_rules(rules);   
+        object->rules = rules;
+    } 
+      
+    return (PyObject *)object;
+}
+
 static void Rules_dealloc(PyObject *self)
 {     
     yr_free_rule_list(((Rules*) self)->rules);
@@ -442,7 +475,7 @@ static PyObject * yara_compile(PyObject *self, PyObject *args, PyObject *keyword
             
             if (fh != NULL)
             {
-                result = Rules_NEW(fh);
+                result = Rules_new_from_file(fh);
                 fclose(fh);
             }
             else
@@ -452,26 +485,12 @@ static PyObject * yara_compile(PyObject *self, PyObject *args, PyObject *keyword
         }
         else if (source != NULL)
         {
-            fh = tmpfile();
-            
-            if (fh != NULL)
-            {
-                fprintf(fh, "%s", source);
-                fseek(fh, 0, SEEK_SET);
-            
-                result = Rules_NEW(fh);
-            
-                fclose(fh);
-            }
-            else
-            {
-                result = PyErr_SetFromErrno(YaraError);
-            }
+            result = Rules_new_from_string(source);
         }
         else if (py_file != NULL)
         {
             fh = PyFile_AsFile(py_file);   
-            result = Rules_NEW(fh);
+            result = Rules_new_from_file(fh);
         }
         else
         {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git



More information about the forensics-changes mailing list