[Forensics-changes] [yara] 298/407: Re-implement valid_on using new is_undefined function

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit f2f206cbf07412c60879cf255619357d4f823f51
Author: Victor M. Alvarez <plusvic at gmail.com>
Date:   Fri Jan 2 20:44:19 2015 +0100

    Re-implement valid_on using new is_undefined function
---
 libyara/modules/pe.c | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index d9421ee..b6e809e 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -1145,22 +1145,18 @@ void pe_parse_header(
 
 define_function(valid_on)
 {
-  int64_t timestamp = integer_argument(1);
-
-  YR_OBJECT_INTEGER* not_before = (YR_OBJECT_INTEGER*)
-      yr_object_lookup_field(parent(), "not_before");
-
-  YR_OBJECT_INTEGER* not_after = (YR_OBJECT_INTEGER*)
-      yr_object_lookup_field(parent(), "not_after");
-
-  if (IS_UNDEFINED(not_before->value) ||
-      IS_UNDEFINED(not_after->value))
+  if (is_undefined(parent(), "not_before") ||
+      is_undefined(parent(), "not_after"))
   {
     return_integer(UNDEFINED);
   }
 
-  return_integer(timestamp >= not_before->value  &&
-                 timestamp <= not_after->value);
+  int64_t timestamp = integer_argument(1);
+
+  int64_t not_before = get_integer(parent(), "not_before");
+  int64_t not_after = get_integer(parent(), "not_after");
+
+  return_integer(timestamp >= not_before  && timestamp <= not_after);
 }
 
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git