[Forensics-changes] [yara] 283/407: Implement operators >=, >, <, <= for strings

Hilko Bengen bengen at moszumanska.debian.org
Sat Jul 1 10:28:37 UTC 2017 

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit 3149381434c14ef78a61e65fce03b47caaf5adfe
Author: Victor M. Alvarez <plusvic at gmail.com>
Date:   Wed Dec 31 11:40:44 2014 +0100

    Implement operators >=, >, <, <= for strings
---
 libyara/Makefile.am                             |  4 +-
 libyara/exec.c                                  | 58 ++++++++++++-------------
 libyara/include/yara/exec.h                     |  8 +++-
 libyara/include/yara/sizedstr.h                 | 13 ++++--
 libyara/include/yara/strutils.h                 |  2 +-
 libyara/{include/yara/sizedstr.h => sizedstr.c} | 44 +++++++++++--------
 libyara/strutils.c                              |  2 +-
 7 files changed, 71 insertions(+), 60 deletions(-)

diff --git a/libyara/Makefile.am b/libyara/Makefile.am
index ce43038..942c6c4 100644
--- a/libyara/Makefile.am
+++ b/libyara/Makefile.am
@@ -94,8 +94,8 @@ libyara_la_SOURCES = \
   re_lexer.l \
   rules.c \
   scan.c \
+  sizedstr.c \
   sizedstr.h \
   strutils.c \
+  strutils.h \
   utils.h
-
-
diff --git a/libyara/exec.c b/libyara/exec.c
index 80b5ee3..35a5d05 100644
--- a/libyara/exec.c
+++ b/libyara/exec.c
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2013. The YARA Authors. All Rights Reserved.
+Copyright (c) 2013-2014. The YARA Authors. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -909,29 +909,12 @@ int yr_execute_code(
         break;
 
       case OP_STR_EQ:
-        pop(r2);
-        pop(r1);
-
-        break_if_undefined(r1);
-        break_if_undefined(r2);
-
-        sized_str_1 = UINT64_TO_PTR(SIZED_STRING*, r1);
-        sized_str_2 = UINT64_TO_PTR(SIZED_STRING*, r2);
-
-        if (sized_str_1->length == sized_str_2->length)
-        {
-          push(memcmp(sized_str_1->c_string,
-                      sized_str_2->c_string,
-                      sized_str_2->length) == 0);
-        }
-        else
-        {
-          push(FALSE);
-        }
-
-        break;
-
       case OP_STR_NEQ:
+      case OP_STR_LT:
+      case OP_STR_LE:
+      case OP_STR_GT:
+      case OP_STR_GE:
+
         pop(r2);
         pop(r1);
 
@@ -941,15 +924,28 @@ int yr_execute_code(
         sized_str_1 = UINT64_TO_PTR(SIZED_STRING*, r1);
         sized_str_2 = UINT64_TO_PTR(SIZED_STRING*, r2);
 
-        if (sized_str_1->length == sized_str_2->length)
-        {
-          push(memcmp(sized_str_1->c_string,
-                      sized_str_2->c_string,
-                      sized_str_2->length) != 0);
-        }
-        else
+        int r = sized_string_cmp(sized_str_1, sized_str_2);
+
+        switch(*ip)
         {
-          push(TRUE);
+          case OP_STR_EQ:
+            push(r == 0);
+            break;
+          case OP_STR_NEQ:
+            push(r != 0);
+            break;
+          case OP_STR_LT:
+            push(r < 0);
+            break;
+          case OP_STR_LE:
+            push(r <= 0);
+            break;
+          case OP_STR_GT:
+            push(r > 0);
+            break;
+          case OP_STR_GE:
+            push(r >= 0);
+            break;
         }
 
         break;
diff --git a/libyara/include/yara/exec.h b/libyara/include/yara/exec.h
index 7ca766a..0abbc58 100644
--- a/libyara/include/yara/exec.h
+++ b/libyara/include/yara/exec.h
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2013. The YARA Authors. All Rights Reserved.
+Copyright (c) 2013-2014. The YARA Authors. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -111,7 +111,11 @@ limitations under the License.
 #define OP_STR_BEGIN      140
 #define OP_STR_EQ         (OP_STR_BEGIN + _OP_EQ)
 #define OP_STR_NEQ        (OP_STR_BEGIN + _OP_NEQ)
-#define OP_STR_END        OP_STR_NEQ
+#define OP_STR_LT         (OP_STR_BEGIN + _OP_LT)
+#define OP_STR_GT         (OP_STR_BEGIN + _OP_GT)
+#define OP_STR_LE         (OP_STR_BEGIN + _OP_LE)
+#define OP_STR_GE         (OP_STR_BEGIN + _OP_GE)
+#define OP_STR_END        OP_STR_GE
 
 #define IS_INT_OP(x)      ((x) >= OP_INT_BEGIN && (x) <= OP_INT_END)
 #define IS_DBL_OP(x)      ((x) >= OP_DBL_BEGIN && (x) <= OP_DBL_END)
diff --git a/libyara/include/yara/sizedstr.h b/libyara/include/yara/sizedstr.h
index 7134946..df832e5 100644
--- a/libyara/include/yara/sizedstr.h
+++ b/libyara/include/yara/sizedstr.h
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2007-2013. The YARA Authors. All Rights Reserved.
+Copyright (c) 2007-2014. The YARA Authors. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -28,10 +28,15 @@ limitations under the License.
 
 typedef struct _SIZED_STRING
 {
-    int length;
-    int flags;
-    char c_string[1];
+  int length;
+  int flags;
+  char c_string[1];
 
 } SIZED_STRING;
 
+
+int sized_string_cmp(
+  SIZED_STRING* s1,
+  SIZED_STRING* s2);
+
 #endif
diff --git a/libyara/include/yara/strutils.h b/libyara/include/yara/strutils.h
index 8e688b4..3e38bc4 100644
--- a/libyara/include/yara/strutils.h
+++ b/libyara/include/yara/strutils.h
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2007. The YARA Authors. All Rights Reserved.
+Copyright (c) 2007-2014. The YARA Authors. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
diff --git a/libyara/include/yara/sizedstr.h b/libyara/sizedstr.c
similarity index 51%
copy from libyara/include/yara/sizedstr.h
copy to libyara/sizedstr.c
index 7134946..c653669 100644
--- a/libyara/include/yara/sizedstr.h
+++ b/libyara/sizedstr.c
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2007-2013. The YARA Authors. All Rights Reserved.
+Copyright (c) 2014. The YARA Authors. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,24 +14,30 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-#ifndef _SIZEDSTR_H
-#define _SIZEDSTR_H
+#include <yara/sizedstr.h>
 
-//
-// This struct is used to support strings containing null chars. The length of
-// the string is stored along the string data. However the string data is also
-// terminated with a null char.
-//
 
-#define SIZED_STRING_FLAGS_NO_CASE  1
-#define SIZED_STRING_FLAGS_DOT_ALL  2
-
-typedef struct _SIZED_STRING
+int sized_string_cmp(
+  SIZED_STRING* s1,
+  SIZED_STRING* s2)
 {
-    int length;
-    int flags;
-    char c_string[1];
-
-} SIZED_STRING;
-
-#endif
+  int i = 0;
+
+  while (s1->length > i &&
+         s2->length > i &&
+         s1->c_string[i] == s2->c_string[i])
+  {
+    i++;
+  }
+
+  if (i == s1->length && i == s2->length)
+    return 0;
+  else if (i == s1->length)
+    return -1;
+  else if (i == s2->length)
+    return 1;
+  else if (s1->c_string[i] < s2->c_string[i])
+    return -1;
+  else
+    return 1;
+}
diff --git a/libyara/strutils.c b/libyara/strutils.c
index e0b2df9..9255370 100644
--- a/libyara/strutils.c
+++ b/libyara/strutils.c
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2007. The YARA Authors. All Rights Reserved.
+Copyright (c) 2007-2014. The YARA Authors. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git

More information about the forensics-changes mailing list