[Forensics-changes] [yara] 35/407: Add 'begin_struct_dictionary' and 'end_struct_dictionary'

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit b85adb05576ccbf0c40eb0d2f121dae926ff67c2
Author: Victor Manuel Alvarez <vmalvarez at virustotal.com>
Date:   Tue Sep 16 14:59:42 2014 +0200

    Add 'begin_struct_dictionary' and 'end_struct_dictionary'
---
 libyara/include/yara/modules.h | 23 +++++++++++++++++++++++
 libyara/modules/tests.c        |  8 ++++++++
 2 files changed, 31 insertions(+)

diff --git a/libyara/include/yara/modules.h b/libyara/include/yara/modules.h
index 73817c7..4687f9f 100644
--- a/libyara/include/yara/modules.h
+++ b/libyara/include/yara/modules.h
@@ -86,6 +86,26 @@ limitations under the License.
   }
 
 
+#define begin_struct_dictionary(name) { \
+    YR_OBJECT* structure; \
+    YR_OBJECT* array; \
+    FAIL_ON_ERROR(yr_object_create( \
+        OBJECT_TYPE_DICTIONARY, \
+        name, \
+        stack[stack_top], \
+        &array)); \
+    FAIL_ON_ERROR(yr_object_create( \
+        OBJECT_TYPE_STRUCTURE, \
+        name, \
+        array, \
+        &structure)); \
+    assertf( \
+        stack_top < sizeof(stack)/sizeof(stack[0]) - 1, \
+        "too many nested structures"); \
+    stack[++stack_top] = structure; \
+  }
+
+
 #define end_struct(name) { \
     assert(stack[stack_top]->type == OBJECT_TYPE_STRUCTURE); \
     assertf( \
@@ -98,6 +118,9 @@ limitations under the License.
 #define end_struct_array(name) end_struct(name)
 
 
+#define end_struct_dictionary(name) end_struct(name)
+
+
 #define declare_integer(name) { \
     FAIL_ON_ERROR(yr_object_create( \
         OBJECT_TYPE_INTEGER, \
diff --git a/libyara/modules/tests.c b/libyara/modules/tests.c
index 5f9cf24..4a370b8 100644
--- a/libyara/modules/tests.c
+++ b/libyara/modules/tests.c
@@ -62,6 +62,11 @@ begin_declarations;
     declare_string("s");
   end_struct_array("struct_array");
 
+  begin_struct_dictionary("struct_dict");
+    declare_integer("i");
+    declare_string("s");
+  end_struct_dictionary("struct_dict");
+
   declare_function("sum", "ii", "i", sum_2);
   declare_function("sum", "iii", "i", sum_3);
 
@@ -104,6 +109,9 @@ int module_load(
   set_string("foo", module_object, "string_dict[%s]", "foo");
   set_string("bar", module_object, "string_dict[\"bar\"]");
 
+  set_string("foo", module_object, "struct_dict[%s].s", "foo");
+  set_integer(1, module_object, "struct_dict[%s].i", "foo");
+
   return ERROR_SUCCESS;
 }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git