[Forensics-changes] [yara] 101/415: Allow multi-line hex strings
Hilko Bengen
bengen at moszumanska.debian.org
Thu Apr 3 05:42:50 UTC 2014
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch debian
in repository yara.
commit ece113e44b730d35623aeae8d330ae66b77c08a8
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Thu Jul 28 11:12:02 2011 +0000
Allow multi-line hex strings
---
libyara/lex.c | 255 +++++++++++++++++++++++++++++-----------------------------
libyara/lex.l | 2 +-
2 files changed, 129 insertions(+), 128 deletions(-)
diff --git a/libyara/lex.c b/libyara/lex.c
index 2d37a0a..5ba95e5 100644
--- a/libyara/lex.c
+++ b/libyara/lex.c
@@ -404,17 +404,17 @@ static yyconst flex_int32_t yy_ec[256] =
1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
1, 1, 4, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 5, 6, 7, 8, 9, 1, 1, 1, 10,
- 10, 11, 1, 1, 10, 1, 12, 13, 14, 15,
- 16, 17, 17, 18, 17, 19, 17, 1, 1, 20,
- 21, 22, 10, 23, 24, 25, 24, 24, 24, 24,
- 26, 26, 26, 26, 27, 26, 28, 26, 26, 26,
- 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
- 10, 29, 10, 1, 30, 1, 31, 32, 33, 34,
-
- 35, 36, 37, 38, 39, 26, 26, 40, 41, 42,
- 43, 44, 26, 45, 46, 47, 48, 49, 50, 51,
- 52, 53, 54, 10, 55, 1, 1, 1, 1, 1,
+ 1, 2, 5, 6, 7, 8, 1, 1, 1, 9,
+ 9, 10, 1, 1, 9, 1, 11, 12, 13, 14,
+ 15, 16, 16, 17, 16, 18, 16, 1, 1, 19,
+ 20, 21, 9, 22, 23, 24, 23, 23, 23, 23,
+ 25, 25, 25, 25, 26, 25, 27, 25, 25, 25,
+ 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+ 9, 28, 9, 1, 29, 1, 30, 31, 32, 33,
+
+ 34, 35, 36, 37, 38, 25, 25, 39, 40, 41,
+ 42, 43, 25, 44, 45, 46, 47, 48, 49, 50,
+ 51, 52, 53, 9, 54, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
@@ -431,45 +431,45 @@ static yyconst flex_int32_t yy_ec[256] =
1, 1, 1, 1, 1
} ;
-static yyconst flex_int32_t yy_meta[56] =
+static yyconst flex_int32_t yy_meta[55] =
{ 0,
- 1, 1, 2, 1, 3, 1, 4, 1, 1, 3,
- 5, 6, 7, 7, 7, 7, 7, 7, 7, 1,
- 1, 1, 1, 8, 8, 9, 10, 10, 11, 9,
- 8, 8, 8, 8, 8, 8, 9, 9, 9, 9,
- 9, 9, 9, 9, 9, 9, 9, 9, 9, 9,
- 10, 9, 9, 1, 1
+ 1, 2, 3, 1, 1, 4, 1, 1, 2, 5,
+ 6, 7, 7, 7, 7, 7, 7, 7, 1, 1,
+ 1, 1, 8, 8, 9, 10, 10, 11, 9, 8,
+ 8, 8, 8, 8, 8, 9, 9, 9, 9, 9,
+ 9, 9, 9, 9, 9, 9, 9, 9, 9, 10,
+ 9, 9, 1, 1
} ;
static yyconst flex_int16_t yy_base[243] =
{ 0,
- 0, 0, 53, 54, 55, 56, 357, 356, 362, 365,
- 365, 365, 340, 365, 0, 349, 51, 37, 42, 51,
- 338, 52, 0, 0, 49, 315, 315, 55, 316, 313,
- 44, 311, 42, 308, 28, 45, 52, 313, 312, 0,
- 0, 365, 365, 92, 0, 365, 365, 338, 0, 365,
- 365, 0, 365, 338, 337, 0, 0, 322, 321, 0,
- 365, 365, 365, 365, 365, 0, 0, 305, 66, 311,
- 0, 301, 295, 301, 300, 294, 298, 294, 68, 289,
- 288, 72, 298, 0, 294, 292, 300, 297, 284, 293,
- 279, 284, 291, 269, 0, 365, 365, 365, 365, 0,
-
- 0, 365, 365, 0, 312, 310, 0, 365, 0, 0,
- 0, 0, 282, 70, 275, 273, 283, 0, 277, 284,
- 275, 279, 92, 280, 281, 280, 0, 264, 260, 273,
- 0, 260, 267, 264, 269, 256, 267, 365, 0, 365,
- 262, 261, 268, 246, 262, 250, 245, 263, 245, 241,
- 273, 275, 0, 251, 0, 242, 252, 255, 0, 231,
- 208, 0, 0, 93, 0, 365, 0, 190, 192, 183,
- 0, 169, 163, 162, 167, 0, 0, 0, 165, 154,
- 141, 135, 99, 104, 122, 123, 0, 98, 94, 92,
- 81, 88, 0, 97, 85, 0, 0, 95, 87, 82,
-
- 0, 0, 84, 80, 85, 87, 82, 108, 0, 0,
- 0, 0, 72, 0, 39, 0, 0, 118, 0, 19,
- 365, 0, 365, 143, 154, 165, 170, 176, 180, 184,
- 188, 196, 204, 214, 225, 235, 246, 257, 268, 273,
- 275, 277
+ 0, 0, 52, 53, 54, 57, 356, 355, 360, 363,
+ 363, 363, 339, 363, 0, 348, 51, 37, 40, 50,
+ 337, 51, 0, 0, 38, 314, 314, 56, 315, 312,
+ 44, 310, 53, 307, 28, 55, 55, 312, 311, 0,
+ 0, 363, 363, 67, 0, 363, 363, 337, 0, 363,
+ 363, 0, 363, 337, 336, 0, 0, 321, 320, 0,
+ 363, 363, 363, 363, 363, 0, 0, 304, 58, 310,
+ 0, 300, 294, 300, 299, 293, 297, 293, 72, 288,
+ 287, 61, 297, 0, 293, 291, 299, 296, 283, 292,
+ 278, 283, 290, 268, 0, 363, 363, 363, 363, 0,
+
+ 0, 363, 363, 0, 311, 309, 0, 363, 0, 0,
+ 0, 0, 281, 69, 274, 272, 282, 0, 276, 283,
+ 274, 278, 93, 279, 280, 279, 0, 263, 259, 272,
+ 0, 259, 266, 263, 268, 255, 266, 363, 0, 363,
+ 261, 260, 267, 245, 261, 249, 244, 262, 244, 240,
+ 272, 274, 0, 250, 0, 241, 251, 254, 0, 245,
+ 241, 0, 0, 101, 0, 363, 0, 235, 242, 236,
+ 0, 240, 235, 237, 242, 0, 0, 0, 240, 239,
+ 226, 225, 228, 233, 251, 253, 0, 228, 224, 222,
+ 211, 204, 0, 193, 170, 0, 0, 174, 164, 140,
+
+ 0, 0, 142, 134, 140, 143, 132, 162, 0, 0,
+ 0, 0, 117, 0, 71, 0, 0, 94, 0, 64,
+ 363, 0, 363, 119, 130, 141, 146, 152, 156, 160,
+ 164, 173, 181, 191, 202, 212, 223, 234, 245, 250,
+ 252, 254
} ;
static yyconst flex_int16_t yy_def[243] =
@@ -503,104 +503,104 @@ static yyconst flex_int16_t yy_def[243] =
223, 223
} ;
-static yyconst flex_int16_t yy_nxt[421] =
+static yyconst flex_int16_t yy_nxt[418] =
{ 0,
- 10, 11, 12, 11, 11, 13, 14, 15, 16, 10,
- 10, 17, 18, 19, 19, 19, 19, 19, 19, 20,
- 21, 22, 23, 24, 24, 24, 24, 24, 10, 24,
- 25, 24, 26, 24, 27, 28, 29, 24, 30, 24,
- 31, 32, 33, 34, 35, 36, 37, 38, 24, 39,
- 24, 24, 24, 40, 10, 42, 42, 46, 46, 43,
- 43, 55, 56, 58, 59, 222, 47, 47, 58, 59,
- 61, 62, 64, 65, 80, 86, 87, 83, 81, 88,
- 220, 44, 44, 48, 48, 74, 84, 60, 68, 90,
- 69, 89, 223, 75, 70, 71, 91, 76, 97, 111,
-
- 121, 122, 77, 142, 126, 151, 185, 152, 186, 218,
- 153, 187, 218, 219, 123, 217, 143, 112, 127, 218,
- 98, 216, 218, 215, 221, 214, 213, 212, 211, 210,
- 209, 208, 207, 206, 205, 204, 203, 202, 99, 201,
- 200, 199, 100, 41, 41, 41, 41, 41, 41, 41,
- 41, 41, 41, 41, 45, 45, 45, 45, 45, 45,
- 45, 45, 45, 45, 45, 49, 49, 49, 49, 49,
- 49, 49, 49, 49, 49, 49, 52, 52, 52, 52,
- 54, 198, 54, 54, 54, 54, 57, 197, 196, 57,
- 66, 66, 66, 66, 67, 67, 67, 67, 94, 195,
-
- 194, 193, 94, 94, 95, 192, 95, 191, 95, 95,
- 95, 95, 95, 95, 96, 96, 96, 96, 96, 96,
- 96, 96, 96, 96, 96, 101, 190, 101, 101, 101,
- 189, 101, 101, 101, 101, 102, 188, 102, 102, 102,
- 102, 102, 102, 102, 102, 102, 104, 104, 104, 184,
- 104, 104, 104, 104, 104, 104, 104, 105, 105, 105,
- 105, 105, 105, 105, 105, 105, 105, 105, 107, 183,
- 107, 107, 107, 107, 107, 107, 107, 107, 107, 109,
- 109, 139, 139, 166, 166, 182, 181, 180, 179, 178,
- 177, 176, 175, 174, 173, 172, 171, 170, 169, 168,
-
- 167, 165, 164, 163, 162, 161, 160, 159, 158, 157,
- 156, 155, 154, 150, 149, 148, 147, 146, 145, 144,
- 141, 140, 106, 138, 137, 136, 135, 134, 133, 132,
- 131, 130, 129, 128, 125, 124, 120, 119, 118, 117,
- 116, 115, 114, 113, 110, 108, 108, 106, 53, 103,
- 93, 92, 85, 82, 79, 78, 73, 72, 63, 53,
- 51, 223, 50, 50, 9, 223, 223, 223, 223, 223,
+ 10, 11, 12, 11, 13, 14, 15, 16, 10, 10,
+ 17, 18, 19, 19, 19, 19, 19, 19, 20, 21,
+ 22, 23, 24, 24, 24, 24, 24, 10, 24, 25,
+ 24, 26, 24, 27, 28, 29, 24, 30, 24, 31,
+ 32, 33, 34, 35, 36, 37, 38, 24, 39, 24,
+ 24, 24, 40, 10, 42, 42, 46, 43, 43, 46,
+ 55, 56, 58, 59, 47, 58, 59, 47, 61, 62,
+ 64, 65, 97, 80, 86, 87, 68, 81, 69, 44,
+ 44, 48, 70, 71, 48, 74, 60, 83, 88, 223,
+ 111, 90, 126, 75, 98, 218, 84, 76, 91, 221,
+
+ 89, 142, 77, 121, 122, 151, 127, 152, 112, 222,
+ 153, 220, 99, 185, 143, 186, 100, 123, 187, 41,
+ 41, 41, 41, 41, 41, 41, 41, 41, 41, 41,
+ 45, 45, 45, 45, 45, 45, 45, 45, 45, 45,
+ 45, 49, 49, 49, 49, 49, 49, 49, 49, 49,
+ 49, 49, 52, 52, 52, 52, 54, 219, 54, 54,
+ 54, 54, 57, 218, 217, 57, 66, 66, 66, 66,
+ 67, 67, 67, 67, 94, 94, 216, 215, 214, 94,
+ 94, 95, 95, 213, 212, 95, 95, 95, 95, 95,
+ 95, 96, 96, 96, 96, 96, 96, 96, 96, 96,
+
+ 96, 96, 101, 101, 211, 101, 101, 210, 101, 101,
+ 101, 101, 102, 102, 209, 102, 102, 102, 102, 102,
+ 102, 102, 102, 104, 104, 104, 208, 104, 104, 104,
+ 104, 104, 104, 104, 105, 105, 105, 105, 105, 105,
+ 105, 105, 105, 105, 105, 107, 107, 207, 107, 107,
+ 107, 107, 107, 107, 107, 107, 109, 109, 139, 139,
+ 166, 166, 206, 205, 204, 203, 202, 201, 200, 199,
+ 198, 197, 196, 195, 194, 193, 192, 191, 190, 189,
+ 188, 184, 183, 182, 181, 180, 179, 178, 177, 176,
+ 175, 174, 173, 172, 171, 170, 169, 168, 167, 165,
+
+ 164, 163, 162, 161, 160, 159, 158, 157, 156, 155,
+ 154, 150, 149, 148, 147, 146, 145, 144, 141, 140,
+ 106, 138, 137, 136, 135, 134, 133, 132, 131, 130,
+ 129, 128, 125, 124, 120, 119, 118, 117, 116, 115,
+ 114, 113, 110, 108, 108, 106, 53, 103, 93, 92,
+ 85, 82, 79, 78, 73, 72, 63, 53, 51, 223,
+ 50, 50, 9, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
- 223, 223, 223, 223, 223, 223, 223, 223, 223, 223
+ 223, 223, 223, 223, 223, 223, 223
} ;
-static yyconst flex_int16_t yy_chk[421] =
+static yyconst flex_int16_t yy_chk[418] =
{ 0,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 3, 4, 5, 6, 3,
- 4, 17, 17, 18, 18, 220, 5, 6, 19, 19,
- 20, 20, 22, 22, 31, 35, 35, 33, 31, 36,
- 215, 3, 4, 5, 6, 28, 33, 18, 25, 37,
- 25, 36, 19, 28, 25, 25, 37, 28, 44, 69,
-
- 79, 79, 28, 114, 82, 123, 164, 123, 164, 208,
- 123, 164, 208, 213, 79, 207, 114, 69, 82, 218,
- 44, 206, 218, 205, 218, 204, 203, 200, 199, 198,
- 195, 194, 192, 191, 190, 189, 188, 186, 44, 185,
- 184, 183, 44, 224, 224, 224, 224, 224, 224, 224,
- 224, 224, 224, 224, 225, 225, 225, 225, 225, 225,
- 225, 225, 225, 225, 225, 226, 226, 226, 226, 226,
- 226, 226, 226, 226, 226, 226, 227, 227, 227, 227,
- 228, 182, 228, 228, 228, 228, 229, 181, 180, 229,
- 230, 230, 230, 230, 231, 231, 231, 231, 232, 179,
-
- 175, 174, 232, 232, 233, 173, 233, 172, 233, 233,
- 233, 233, 233, 233, 234, 234, 234, 234, 234, 234,
- 234, 234, 234, 234, 234, 235, 170, 235, 235, 235,
- 169, 235, 235, 235, 235, 236, 168, 236, 236, 236,
- 236, 236, 236, 236, 236, 236, 237, 237, 237, 161,
- 237, 237, 237, 237, 237, 237, 237, 238, 238, 238,
- 238, 238, 238, 238, 238, 238, 238, 238, 239, 160,
- 239, 239, 239, 239, 239, 239, 239, 239, 239, 240,
- 240, 241, 241, 242, 242, 158, 157, 156, 154, 152,
- 151, 150, 149, 148, 147, 146, 145, 144, 143, 142,
-
- 141, 137, 136, 135, 134, 133, 132, 130, 129, 128,
- 126, 125, 124, 122, 121, 120, 119, 117, 116, 115,
- 113, 106, 105, 94, 93, 92, 91, 90, 89, 88,
- 87, 86, 85, 83, 81, 80, 78, 77, 76, 75,
- 74, 73, 72, 70, 68, 59, 58, 55, 54, 48,
- 39, 38, 34, 32, 30, 29, 27, 26, 21, 16,
- 13, 9, 8, 7, 223, 223, 223, 223, 223, 223,
+ 1, 1, 1, 1, 3, 4, 5, 3, 4, 6,
+ 17, 17, 18, 18, 5, 19, 19, 6, 20, 20,
+ 22, 22, 44, 31, 35, 35, 25, 31, 25, 3,
+ 4, 5, 25, 25, 6, 28, 18, 33, 36, 19,
+ 69, 37, 82, 28, 44, 218, 33, 28, 37, 218,
+
+ 36, 114, 28, 79, 79, 123, 82, 123, 69, 220,
+ 123, 215, 44, 164, 114, 164, 44, 79, 164, 224,
+ 224, 224, 224, 224, 224, 224, 224, 224, 224, 224,
+ 225, 225, 225, 225, 225, 225, 225, 225, 225, 225,
+ 225, 226, 226, 226, 226, 226, 226, 226, 226, 226,
+ 226, 226, 227, 227, 227, 227, 228, 213, 228, 228,
+ 228, 228, 229, 208, 207, 229, 230, 230, 230, 230,
+ 231, 231, 231, 231, 232, 232, 206, 205, 204, 232,
+ 232, 233, 233, 203, 200, 233, 233, 233, 233, 233,
+ 233, 234, 234, 234, 234, 234, 234, 234, 234, 234,
+
+ 234, 234, 235, 235, 199, 235, 235, 198, 235, 235,
+ 235, 235, 236, 236, 195, 236, 236, 236, 236, 236,
+ 236, 236, 236, 237, 237, 237, 194, 237, 237, 237,
+ 237, 237, 237, 237, 238, 238, 238, 238, 238, 238,
+ 238, 238, 238, 238, 238, 239, 239, 192, 239, 239,
+ 239, 239, 239, 239, 239, 239, 240, 240, 241, 241,
+ 242, 242, 191, 190, 189, 188, 186, 185, 184, 183,
+ 182, 181, 180, 179, 175, 174, 173, 172, 170, 169,
+ 168, 161, 160, 158, 157, 156, 154, 152, 151, 150,
+ 149, 148, 147, 146, 145, 144, 143, 142, 141, 137,
+
+ 136, 135, 134, 133, 132, 130, 129, 128, 126, 125,
+ 124, 122, 121, 120, 119, 117, 116, 115, 113, 106,
+ 105, 94, 93, 92, 91, 90, 89, 88, 87, 86,
+ 85, 83, 81, 80, 78, 77, 76, 75, 74, 73,
+ 72, 70, 68, 59, 58, 55, 54, 48, 39, 38,
+ 34, 32, 30, 29, 27, 26, 21, 16, 13, 9,
+ 8, 7, 223, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
223, 223, 223, 223, 223, 223, 223, 223, 223, 223,
- 223, 223, 223, 223, 223, 223, 223, 223, 223, 223
+ 223, 223, 223, 223, 223, 223, 223
} ;
/* Table of booleans, true if rule could match eol. */
@@ -609,7 +609,7 @@ static yyconst flex_int32_t yy_rule_can_match_eol[77] =
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, };
+ 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, };
/* The intent behind this definition is that it'll catch
* any uses of REJECT which flex missed.
@@ -958,7 +958,7 @@ yy_match:
yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
++yy_cp;
}
- while ( yy_base[yy_current_state] != 365 );
+ while ( yy_base[yy_current_state] != 363 );
yy_find_action:
yy_act = yy_accept[yy_current_state];
@@ -1586,6 +1586,7 @@ YY_RULE_SETUP
}
YY_BREAK
case 73:
+/* rule 73 can match eol */
YY_RULE_SETUP
#line 380 "lex.l"
{
@@ -1620,7 +1621,7 @@ YY_RULE_SETUP
#line 399 "lex.l"
ECHO;
YY_BREAK
-#line 1624 "lex.c"
+#line 1625 "lex.c"
case YY_END_OF_BUFFER:
{
diff --git a/libyara/lex.l b/libyara/lex.l
index 23b1aa4..0a349e1 100644
--- a/libyara/lex.l
+++ b/libyara/lex.l
@@ -377,7 +377,7 @@ $({letter}|{digit}|_)* {
BEGIN(regexp);
}
-\{({hexdigit}|[ \-|\?\[\]\(\)])+\} {
+\{({hexdigit}|[ \-|\?\[\]\(\)\n\t])+\} {
int len = strlen(yytext);
SIZED_STRING* s = (SIZED_STRING*) yr_malloc(len + sizeof(SIZED_STRING));
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list