[Forensics-changes] [yara] 62/160: Add yr_rules_scan_fd API
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:29:18 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.4.0
in repository yara.
commit 57e5e9d509ff01cf7d391c93d30d4b96d2bd9fed
Author: Hilko Bengen <bengen at hilluzination.de>
Date: Sun Mar 15 19:24:31 2015 +0100
Add yr_rules_scan_fd API
---
libyara/include/yara/rules.h | 10 ++++++++++
libyara/rules.c | 29 +++++++++++++++++++++++++++++
2 files changed, 39 insertions(+)
diff --git a/libyara/include/yara/rules.h b/libyara/include/yara/rules.h
index 8a091fe..43c9f4b 100644
--- a/libyara/include/yara/rules.h
+++ b/libyara/include/yara/rules.h
@@ -20,6 +20,7 @@ limitations under the License.
#include <yara/types.h>
#include <yara/utils.h>
+#include <yara/filemap.h>
#define CALLBACK_MSG_RULE_MATCHING 1
@@ -74,6 +75,15 @@ YR_API int yr_rules_scan_file(
int timeout);
+YR_API int yr_rules_scan_fd(
+ YR_RULES* rules,
+ FILE_DESCRIPTOR fd,
+ int flags,
+ YR_CALLBACK_FUNC callback,
+ void* user_data,
+ int timeout);
+
+
YR_API int yr_rules_scan_proc(
YR_RULES* rules,
int pid,
diff --git a/libyara/rules.c b/libyara/rules.c
index a1a7156..7db2079 100644
--- a/libyara/rules.c
+++ b/libyara/rules.c
@@ -552,6 +552,35 @@ YR_API int yr_rules_scan_file(
return result;
}
+YR_API int yr_rules_scan_fd(
+ YR_RULES* rules,
+ FILE_DESCRIPTOR fd,
+ int flags,
+ YR_CALLBACK_FUNC callback,
+ void* user_data,
+ int timeout)
+{
+ YR_MAPPED_FILE mfile;
+ int result;
+
+ result = yr_filemap_map_fd(fd, 0, 0, &mfile);
+
+ if (result == ERROR_SUCCESS)
+ {
+ result = yr_rules_scan_mem(
+ rules,
+ mfile.data,
+ mfile.size,
+ flags,
+ callback,
+ user_data,
+ timeout);
+
+ yr_filemap_unmap(&mfile);
+ }
+
+ return result;
+}
YR_API int yr_rules_scan_proc(
YR_RULES* rules,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list