[Forensics-changes] [yara] 01/02: filemap: yr_filemap_map_file (win32)

Hilko Bengen bengen at moszumanska.debian.org
Wed Apr 8 22:52:29 UTC 2015 

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to branch master
in repository yara.

commit 2856e6925f4bec7ff6d3d27ea33df57b49fde1ed
Author: Hilko Bengen <bengen at debian.org>
Date:   Sun Mar 15 18:56:09 2015 +0100

    filemap: yr_filemap_map_file (win32)
---
 libyara/filemap.c | 43 ++++++++++++++++++++++++++-----------------
 1 file changed, 26 insertions(+), 17 deletions(-)

diff --git a/libyara/filemap.c b/libyara/filemap.c
index 178ea4a..2f73b57 100755
--- a/libyara/filemap.c
+++ b/libyara/filemap.c
@@ -78,8 +78,8 @@ YR_API int yr_filemap_map(
 
 #ifdef _WIN32
 
-YR_API int yr_filemap_map_ex(
-    const char* file_path,
+YR_API int yr_filemap_map_file(
+    FILEHANDLE file,
     off_t offset,
     size_t size,
     YR_MAPPED_FILE* pmapped_file)
@@ -89,25 +89,10 @@ YR_API int yr_filemap_map_ex(
   pmapped_file->data = NULL;
   pmapped_file->size = 0;
 
-  if (file_path == NULL)
-    return ERROR_INVALID_ARGUMENT;
-
   // Ensure that offset is aligned to 1MB
   if (offset >> 20 << 20 != offset)
     return ERROR_INVALID_ARGUMENT;
 
-  pmapped_file->file = CreateFileA(
-      file_path,
-      GENERIC_READ,
-      FILE_SHARE_READ,
-      NULL,
-      OPEN_EXISTING,
-      FILE_FLAG_SEQUENTIAL_SCAN,
-      NULL);
-
-  if (pmapped_file->file == INVALID_HANDLE_VALUE)
-    return ERROR_COULD_NOT_OPEN_FILE;
-
   LARGE_INTEGER fs;
   size_t file_size;
 
@@ -176,6 +161,30 @@ YR_API int yr_filemap_map_ex(
   return ERROR_SUCCESS;
 }
 
+YR_API int yr_filemap_map_ex(
+    const char* file_path,
+    off_t offset,
+    size_t size,
+    YR_MAPPED_FILE* pmapped_file)
+{
+  if (file_path == NULL)
+    return ERROR_INVALID_ARGUMENT;
+
+  FILEHANDLE file = CreateFileA(
+      file_path,
+      GENERIC_READ,
+      FILE_SHARE_READ,
+      NULL,
+      OPEN_EXISTING,
+      FILE_FLAG_SEQUENTIAL_SCAN,
+      NULL);
+
+  if (file == INVALID_HANDLE_VALUE)
+    return ERROR_COULD_NOT_OPEN_FILE;
+
+  return yr_filemap_map_file(file, offset, size, pmapped_file);
+}
+
 #else // POSIX
 
 YR_API int yr_filemap_map_ex(

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git

More information about the forensics-changes mailing list