[Forensics-changes] [yara] 338/407: Expose new constants in PE module.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:28:42 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.3.0
in repository yara.
commit 7f7487dfccc6d41d6d28619d85215e7d0f281b0f
Author: Wesley Shields <wxs at atarininja.org>
Date: Sat Jan 10 16:01:39 2015 -0500
Expose new constants in PE module.
While writing up the docs for this I realized I forgot these.
---
libyara/modules/pe.c | 88 +++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 84 insertions(+), 4 deletions(-)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 5bf97a2..e2ec840 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -1464,8 +1464,28 @@ define_function(language)
begin_declarations;
- declare_integer("MACHINE_I386");
- declare_integer("MACHINE_AMD64");
+ declare_integer("MACHINE_UNKNOWN")
+ declare_integer("MACHINE_AM33")
+ declare_integer("MACHINE_AMD64")
+ declare_integer("MACHINE_ARM")
+ declare_integer("MACHINE_ARMNT")
+ declare_integer("MACHINE_ARM64")
+ declare_integer("MACHINE_EBC")
+ declare_integer("MACHINE_I386")
+ declare_integer("MACHINE_IA64")
+ declare_integer("MACHINE_M32R")
+ declare_integer("MACHINE_MIPS16")
+ declare_integer("MACHINE_MIPSFPU")
+ declare_integer("MACHINE_MIPSFPU16")
+ declare_integer("MACHINE_POWERPC")
+ declare_integer("MACHINE_POWERPCFP")
+ declare_integer("MACHINE_R4000")
+ declare_integer("MACHINE_SH3")
+ declare_integer("MACHINE_SH3DSP")
+ declare_integer("MACHINE_SH4")
+ declare_integer("MACHINE_SH5")
+ declare_integer("MACHINE_THUMB")
+ declare_integer("MACHINE_WCEMIPSV2")
declare_integer("SUBSYSTEM_UNKNOWN");
declare_integer("SUBSYSTEM_NATIVE");
@@ -1600,11 +1620,71 @@ int module_load(
size_t module_data_size)
{
set_integer(
- IMAGE_FILE_MACHINE_I386, module_object,
- "MACHINE_I386");
+ IMAGE_FILE_MACHINE_UNKNOWN, module_object,
+ "MACHINE_UNKNOWN");
+ set_integer(
+ IMAGE_FILE_MACHINE_AM33, module_object,
+ "MACHINE_AM33");
set_integer(
IMAGE_FILE_MACHINE_AMD64, module_object,
"MACHINE_AMD64");
+ set_integer(
+ IMAGE_FILE_MACHINE_ARM, module_object,
+ "MACHINE_ARM");
+ set_integer(
+ IMAGE_FILE_MACHINE_ARMNT, module_object,
+ "MACHINE_ARMNT");
+ set_integer(
+ IMAGE_FILE_MACHINE_ARM64, module_object,
+ "MACHINE_ARM64");
+ set_integer(
+ IMAGE_FILE_MACHINE_EBC, module_object,
+ "MACHINE_EBC");
+ set_integer(
+ IMAGE_FILE_MACHINE_I386, module_object,
+ "MACHINE_I386");
+ set_integer(
+ IMAGE_FILE_MACHINE_IA64, module_object,
+ "MACHINE_IA64");
+ set_integer(
+ IMAGE_FILE_MACHINE_M32R, module_object,
+ "MACHINE_M32R");
+ set_integer(
+ IMAGE_FILE_MACHINE_MIPS16, module_object,
+ "MACHINE_MIPS16");
+ set_integer(
+ IMAGE_FILE_MACHINE_MIPSFPU, module_object,
+ "MACHINE_MIPSFPU");
+ set_integer(
+ IMAGE_FILE_MACHINE_MIPSFPU16, module_object,
+ "MACHINE_MIPSFPU16");
+ set_integer(
+ IMAGE_FILE_MACHINE_POWERPC, module_object,
+ "MACHINE_POWERPC");
+ set_integer(
+ IMAGE_FILE_MACHINE_POWERPCFP, module_object,
+ "MACHINE_POWERPCFP");
+ set_integer(
+ IMAGE_FILE_MACHINE_R4000, module_object,
+ "MACHINE_R4000");
+ set_integer(
+ IMAGE_FILE_MACHINE_SH3, module_object,
+ "MACHINE_SH3");
+ set_integer(
+ IMAGE_FILE_MACHINE_SH3DSP, module_object,
+ "MACHINE_SH3DSP");
+ set_integer(
+ IMAGE_FILE_MACHINE_SH4, module_object,
+ "MACHINE_SH4");
+ set_integer(
+ IMAGE_FILE_MACHINE_SH5, module_object,
+ "MACHINE_SH5");
+ set_integer(
+ IMAGE_FILE_MACHINE_THUMB, module_object,
+ "MACHINE_THUMB");
+ set_integer(
+ IMAGE_FILE_MACHINE_WCEMIPSV2, module_object,
+ "MACHINE_WCEMIPSV2");
set_integer(
IMAGE_SUBSYSTEM_UNKNOWN, module_object,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list