[Forensics-changes] [yara] 192/407: Implement timegm for platforms not including it

Hilko Bengen bengen at moszumanska.debian.org
Sat Jul 1 10:28:25 UTC 2017 

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit 11c782528767a731e4feee326db147aba2edeba2
Author: Victor M. Alvarez <plusvic at gmail.com>
Date:   Wed Nov 5 11:21:51 2014 +0100

    Implement timegm for platforms not including it
---
 configure.ac               |  2 +-
 libyara/modules/pe_utils.c | 42 +++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 0de36a1..e9e00cf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -80,7 +80,7 @@ ACX_PTHREAD(
      CC="$PTHREAD_CC"],
     [AC_MSG_ERROR([pthread API support is required.])])
 
-AC_CHECK_FUNCS_ONCE(strlcpy strlcat memmem)
+AC_CHECK_FUNCS_ONCE(strlcpy strlcat memmem timegm)
 
 AM_CONDITIONAL([CUCKOO], [test x$build_cuckoo_module = xtrue])
 AM_CONDITIONAL([MAGIC], [test x$build_magic_module = xtrue])
diff --git a/libyara/modules/pe_utils.c b/libyara/modules/pe_utils.c
index db861bc..21cb81c 100644
--- a/libyara/modules/pe_utils.c
+++ b/libyara/modules/pe_utils.c
@@ -1,5 +1,45 @@
 
-#if defined(HAVE_LIBCRYPTO)
+
+#if !HAVE_TIMEGM
+
+static int is_leap(
+    unsigned int year)
+{
+  year += 1900;
+  return (year % 4) == 0 && ((year % 100) != 0 || (year % 400) == 0);
+}
+
+
+time_t timegm(
+    struct tm *tm)
+{
+  static const unsigned ndays[2][12] = {
+      {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
+      {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}};
+
+  time_t res = 0;
+  int i;
+
+  for (i = 70; i < tm->tm_year; ++i)
+    res += is_leap(i) ? 366 : 365;
+
+  for (i = 0; i < tm->tm_mon; ++i)
+    res += ndays[is_leap(tm->tm_year)][i];
+
+  res += tm->tm_mday - 1;
+  res *= 24;
+  res += tm->tm_hour;
+  res *= 60;
+  res += tm->tm_min;
+  res *= 60;
+  res += tm->tm_sec;
+
+  return res;
+}
+
+#endif
+
+#if HAVE_LIBCRYPTO
 
 // Taken from http://stackoverflow.com/questions/10975542/asn1-time-conversion
 // and cleaned up. Also uses timegm(3) instead of mktime(3).

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git

More information about the forensics-changes mailing list