[Forensics-changes] [yara] 98/368: Exposing module data to user and making printout thread-safe.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:16 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit 36a04422bac441b4813bf610aedf4fdd2660fb58
Author: Mario Suvajac <msuvajac at gmail.com>
Date: Thu Oct 29 08:03:08 2015 +0100
Exposing module data to user and making printout thread-safe.
---
libyara/include/yara/modules.h | 4 +++-
libyara/include/yara/rules.h | 1 +
libyara/modules.c | 7 ++++---
libyara/rules.c | 2 +-
yara.c | 14 ++++++++++++++
5 files changed, 23 insertions(+), 5 deletions(-)
diff --git a/libyara/include/yara/modules.h b/libyara/include/yara/modules.h
index ed5995a..7351e27 100644
--- a/libyara/include/yara/modules.h
+++ b/libyara/include/yara/modules.h
@@ -433,5 +433,7 @@ int yr_modules_unload_all(
void yr_modules_print_data(
- YR_SCAN_CONTEXT* context);
+ YR_SCAN_CONTEXT* context,
+ YR_CALLBACK_FUNC callback,
+ void* user_data);
#endif
diff --git a/libyara/include/yara/rules.h b/libyara/include/yara/rules.h
index 3d7b221..a3b081c 100644
--- a/libyara/include/yara/rules.h
+++ b/libyara/include/yara/rules.h
@@ -26,6 +26,7 @@ limitations under the License.
#define CALLBACK_MSG_RULE_NOT_MATCHING 2
#define CALLBACK_MSG_SCAN_FINISHED 3
#define CALLBACK_MSG_IMPORT_MODULE 4
+#define CALLBACK_MSG_MODULE_DATA 5
#define CALLBACK_CONTINUE 0
#define CALLBACK_ABORT 1
diff --git a/libyara/modules.c b/libyara/modules.c
index 28078f0..0e90431 100644
--- a/libyara/modules.c
+++ b/libyara/modules.c
@@ -194,7 +194,9 @@ int yr_modules_unload_all(
void yr_modules_print_data(
- YR_SCAN_CONTEXT* context)
+ YR_SCAN_CONTEXT* context,
+ YR_CALLBACK_FUNC callback,
+ void* user_data)
{
int i;
@@ -207,8 +209,7 @@ void yr_modules_print_data(
if (module_structure != NULL)
{
- yr_object_print_data(module_structure, 0, 1);
- printf("\n");
+ callback(CALLBACK_MSG_MODULE_DATA, module_structure, user_data);
}
}
}
diff --git a/libyara/rules.c b/libyara/rules.c
index ef8cf03..dbae41d 100644
--- a/libyara/rules.c
+++ b/libyara/rules.c
@@ -492,7 +492,7 @@ _exit:
_yr_rules_clean_matches(rules, &context);
if (flags & SCAN_FLAGS_SHOW_MODULE_DATA)
- yr_modules_print_data(&context);
+ yr_modules_print_data(&context, callback, user_data);
yr_modules_unload_all(&context);
diff --git a/yara.c b/yara.c
index 1f353cc..8bbaa3f 100644
--- a/yara.c
+++ b/yara.c
@@ -646,6 +646,17 @@ int handle_message(int message, YR_RULE* rule, void* data)
return CALLBACK_CONTINUE;
}
+int handle_module_data(YR_OBJECT* object)
+{
+ mutex_lock(&output_mutex);
+
+ yr_object_print_data((YR_OBJECT*) object, 0, 1);
+ printf("\n");
+
+ mutex_unlock(&output_mutex);
+
+ return CALLBACK_CONTINUE;
+}
int callback(int message, void* message_data, void* user_data)
{
@@ -676,6 +687,9 @@ int callback(int message, void* message_data, void* user_data)
}
return CALLBACK_CONTINUE;
+
+ case CALLBACK_MSG_MODULE_DATA:
+ return handle_module_data((YR_OBJECT*) message_data);
}
return CALLBACK_ERROR;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list