[Forensics-changes] [yara] 69/135: Rename self() to parent() and add module() to module's API

Hilko Bengen bengen at moszumanska.debian.org
Sat Jul 1 10:27:33 UTC 2017 

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.1.0
in repository yara.

commit 0c1a27a5c668ae8019b62a540a8e7017a832221f
Author: Victor M. Alvarez <plusvic at gmail.com>
Date:   Wed Jul 23 15:49:52 2014 +0200

    Rename self() to parent() and add module() to module's API
---
 libyara/include/yara/modules.h |  3 ++-
 libyara/include/yara/object.h  |  4 ++++
 libyara/include/yara/types.h   |  5 ++---
 libyara/modules/cuckoo.c       |  8 ++++----
 libyara/modules/pe.c           | 15 +++++++--------
 libyara/object.c               | 25 ++++++++++++++++++++-----
 6 files changed, 39 insertions(+), 21 deletions(-)

diff --git a/libyara/include/yara/modules.h b/libyara/include/yara/modules.h
index 4f0c77e..cdda1d9 100644
--- a/libyara/include/yara/modules.h
+++ b/libyara/include/yara/modules.h
@@ -168,7 +168,8 @@ limitations under the License.
 #define regexp_argument(n)   ((RE_CODE)((int64_t*) __args)[n-1])
 
 
-#define self()          (__function_obj->parent_obj)
+#define module()        yr_object_get_root((YR_OBJECT*) __function_obj)
+#define parent()        (__function_obj->parent_obj)
 #define scan_context()  (__context)
 
 
diff --git a/libyara/include/yara/object.h b/libyara/include/yara/object.h
index bd3c22c..0a632ca 100644
--- a/libyara/include/yara/object.h
+++ b/libyara/include/yara/object.h
@@ -110,4 +110,8 @@ int yr_object_structure_set_member(
     YR_OBJECT* member);
 
 
+YR_OBJECT* yr_object_get_root(
+    YR_OBJECT* object);
+
+
 #endif
\ No newline at end of file
diff --git a/libyara/include/yara/types.h b/libyara/include/yara/types.h
index d45f4f9..2026ace 100644
--- a/libyara/include/yara/types.h
+++ b/libyara/include/yara/types.h
@@ -383,7 +383,8 @@ typedef struct _YR_SCAN_CONTEXT
 #define OBJECT_COMMON_FIELDS \
     int8_t type; \
     const char* identifier; \
-    void* data;
+    void* data; \
+    struct _YR_OBJECT* parent;
 
 
 typedef struct _YR_OBJECT
@@ -448,9 +449,7 @@ typedef struct _YR_OBJECT_FUNCTION
 
   const char* arguments_fmt;
 
-  YR_OBJECT* parent_obj;
   YR_OBJECT* return_obj;
-
   YR_MODULE_FUNC code;
 
 } YR_OBJECT_FUNCTION;
diff --git a/libyara/modules/cuckoo.c b/libyara/modules/cuckoo.c
index b7128d4..b426b20 100644
--- a/libyara/modules/cuckoo.c
+++ b/libyara/modules/cuckoo.c
@@ -27,7 +27,7 @@ limitations under the License.
 
 define_function(network_dns_lookup)
 {
-  YR_OBJECT* network_obj = self();
+  YR_OBJECT* network_obj = parent();
 
   json_t* network_json = (json_t*) network_obj->data;
   json_t* dns_json = json_object_get(network_json, "dns");
@@ -122,7 +122,7 @@ define_function(network_http_post)
 
 define_function(registry_key_access)
 {
-  YR_OBJECT* registry_obj = self();
+  YR_OBJECT* registry_obj = parent();
 
   json_t* keys_json = (json_t*) registry_obj->data;
   json_t* value;
@@ -145,7 +145,7 @@ define_function(registry_key_access)
 
 define_function(filesystem_file_access)
 {
-  YR_OBJECT* filesystem_obj = self();
+  YR_OBJECT* filesystem_obj = parent();
 
   json_t* files_json = (json_t*) filesystem_obj->data;
   json_t* value;
@@ -169,7 +169,7 @@ define_function(filesystem_file_access)
 
 define_function(sync_mutex)
 {
-  YR_OBJECT* sync_obj = self();
+  YR_OBJECT* sync_obj = parent();
 
   json_t* mutexes_json = (json_t*) sync_obj->data;
   json_t* value;
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index dad4a5b..bc27e9e 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -263,11 +263,10 @@ void parse_pe_header(
 
 define_function(section_index)
 {
-  YR_OBJECT* self = self();
-
+  YR_OBJECT* module = module();
   char* name = string_argument(1);
 
-  int64_t n = get_integer(self, "number_of_sections");
+  int64_t n = get_integer(module, "number_of_sections");
   int64_t i;
 
   if (n == UNDEFINED)
@@ -275,7 +274,7 @@ define_function(section_index)
 
   for (i = 0; i < n; i++)
   {
-    if (strcmp(name, get_string(self, "sections[%i].name", i)) == 0)
+    if (strcmp(name, get_string(module, "sections[%i].name", i)) == 0)
       return_integer(i);
   }
 
@@ -287,8 +286,8 @@ define_function(exports)
 {
   char* function_name = string_argument(1);
 
-  YR_OBJECT* self = self();
-  DATA* data = (DATA*) self->data;
+  YR_OBJECT* module = module();
+  DATA* data = (DATA*) module->data;
 
   PIMAGE_DATA_DIRECTORY directory;
   PIMAGE_EXPORT_DIRECTORY exports;
@@ -359,8 +358,8 @@ define_function(imports)
   char* dll_name = string_argument(1);
   char* function_name = string_argument(2);
 
-  YR_OBJECT* self = self();
-  DATA* data = (DATA*) self->data;
+  YR_OBJECT* module = module();
+  DATA* data = (DATA*) module->data;
 
   PIMAGE_DATA_DIRECTORY directory;
   PIMAGE_IMPORT_DESCRIPTOR imports;
diff --git a/libyara/object.c b/libyara/object.c
index 927c1fa..7ec64c6 100644
--- a/libyara/object.c
+++ b/libyara/object.c
@@ -69,6 +69,7 @@ int yr_object_create(
 
   obj->type = type;
   obj->identifier = yr_strdup(identifier);
+  obj->parent = parent;
   obj->data = NULL;
 
   if (obj->identifier == NULL)
@@ -102,6 +103,10 @@ int yr_object_create(
 
   if (parent != NULL)
   {
+    assert( parent->type == OBJECT_TYPE_STRUCTURE ||
+            parent->type == OBJECT_TYPE_ARRAY ||
+            parent->type == OBJECT_TYPE_FUNCTION);
+
     switch(parent->type)
     {
       case OBJECT_TYPE_STRUCTURE:
@@ -115,9 +120,6 @@ int yr_object_create(
             yr_object_array_set_item(parent, obj, 0),
             yr_free(obj));
         break;
-
-      default:
-        assert(FALSE);
     }
   }
 
@@ -160,12 +162,11 @@ int yr_object_function_create(
       &f));
 
   FAIL_ON_ERROR_WITH_CLEANUP(
-      yr_object_create(return_type, "result", NULL, &return_obj),
+      yr_object_create(return_type, "result", f, &return_obj),
       yr_object_destroy(f));
 
   ((YR_OBJECT_FUNCTION* )f)->arguments_fmt = arguments_fmt;
   ((YR_OBJECT_FUNCTION* )f)->return_obj = return_obj;
-  ((YR_OBJECT_FUNCTION* )f)->parent_obj = parent;
   ((YR_OBJECT_FUNCTION* )f)->code = code;
 
   if (function != NULL)
@@ -493,6 +494,7 @@ int yr_object_structure_set_member(
   if (sm == NULL)
     return ERROR_INSUFICIENT_MEMORY;
 
+  member->parent = object;
   sm->object = member;
   sm->next = ((YR_OBJECT_STRUCTURE*) object)->members;
 
@@ -575,6 +577,7 @@ int yr_object_array_set_item(
     array->items->count = count;
   }
 
+  item->parent = object;
   array->items->objects[index] = item;
 
   return ERROR_SUCCESS;
@@ -690,6 +693,18 @@ void yr_object_set_string(
 }
 
 
+YR_OBJECT* yr_object_get_root(
+    YR_OBJECT* object)
+{
+  YR_OBJECT* o = object;
+
+  while (o->parent != NULL)
+    o = o->parent;
+
+  return o;
+}
+
+
 
 
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git

More information about the forensics-changes mailing list