[Forensics-changes] [yara] 199/368: Fixing issues found when previewing PR
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:39 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit eb82997ef3a5047fafc8e70dd45752c9dcc96bc3
Author: Kyle Reed <kallanreed at outlook.com>
Date: Sat Feb 27 21:19:17 2016 -0800
Fixing issues found when previewing PR
Signed-off-by: Kyle Reed <kallanreed at outlook.com>
---
libyara/include/yara/proc.h | 4 ----
libyara/include/yara/rules.h | 8 --------
libyara/include/yara/types.h | 2 --
libyara/modules/elf.c | 2 +-
libyara/proc.c | 5 ++---
5 files changed, 3 insertions(+), 18 deletions(-)
diff --git a/libyara/include/yara/proc.h b/libyara/include/yara/proc.h
index 8018bef..fe08fb8 100644
--- a/libyara/include/yara/proc.h
+++ b/libyara/include/yara/proc.h
@@ -19,10 +19,6 @@ limitations under the License.
#include <yara/types.h>
-int yr_process_get_memory(
- int pid,
- YR_MEMORY_BLOCK** first_block);
-
int yr_open_process_iterator(
int pid,
YR_BLOCK_ITERATOR* iterator);
diff --git a/libyara/include/yara/rules.h b/libyara/include/yara/rules.h
index fa268ad..0dab09e 100644
--- a/libyara/include/yara/rules.h
+++ b/libyara/include/yara/rules.h
@@ -92,14 +92,6 @@ YR_API int yr_rules_scan_proc(
void* user_data,
int timeout);
-YR_API int yr_rules_scan_proc2(
- YR_RULES* rules,
- int pid,
- int flags,
- YR_CALLBACK_FUNC callback,
- void* user_data,
- int timeout);
-
YR_API int yr_rules_save(
YR_RULES* rules,
const char* filename);
diff --git a/libyara/include/yara/types.h b/libyara/include/yara/types.h
index d2771e0..bc02958 100644
--- a/libyara/include/yara/types.h
+++ b/libyara/include/yara/types.h
@@ -384,8 +384,6 @@ struct _YR_BLOCK_ITERATOR
{
void* context;
- // TODO: current ptr or fn?
-
YR_BLOCK_ITERATOR_MOVE first;
YR_BLOCK_ITERATOR_MOVE next;
YR_BLOCK_ITERATOR_FETCH fetch_data;
diff --git a/libyara/modules/elf.c b/libyara/modules/elf.c
index e0d3a82..6ea0cfb 100644
--- a/libyara/modules/elf.c
+++ b/libyara/modules/elf.c
@@ -311,7 +311,7 @@ int module_load(
size_t module_data_size)
{
YR_MEMORY_BLOCK* block;
- YR_BLOCK_ITERATOR* iterator;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
elf32_header_t* elf_header32;
elf64_header_t* elf_header64;
diff --git a/libyara/proc.c b/libyara/proc.c
index 08796f2..cbabe6c 100644
--- a/libyara/proc.c
+++ b/libyara/proc.c
@@ -45,8 +45,7 @@ int _yr_attach_process(
NULL,
NULL);
}
-
- // TODO: should this be COULD NOT ATTACH?
+ // TODO: should else be COULD NOT ATTACH?
if (hToken != NULL)
CloseHandle(hToken);
@@ -89,7 +88,7 @@ int _yr_get_process_blocks(
{
if (mbi.State == MEM_COMMIT && ((mbi.Protect & PAGE_NOACCESS) == 0)) // TODO: check for read permission?
{
- // TODO: test read so we don't return blocks that can't be read
+ // TODO: test read so we don't return blocks that can't be read?
new_block = (YR_MEMORY_BLOCK*)yr_malloc(sizeof(YR_MEMORY_BLOCK));
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list