[Forensics-changes] [yara] 173/368: Add yr_set/get_configuration and use this to set stack size

Hilko Bengen bengen at moszumanska.debian.org
Sat Jul 1 10:30:25 UTC 2017


This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.5.0
in repository yara.

commit c5681184e52c01228faca1fc474e4785c05563ff
Author: Coleman Kane <ckane at colemankane.org>
Date:   Fri Feb 19 21:24:05 2016 -0500

    Add yr_set/get_configuration and use this to set stack size
---
 libyara/exec.c                 |  7 +++++--
 libyara/include/yara/libyara.h | 14 ++++++++++++++
 libyara/libyara.c              | 42 ++++++++++++++++++++++++++++++++++++++++++
 yara.c                         |  7 +++++--
 4 files changed, 66 insertions(+), 4 deletions(-)

diff --git a/libyara/exec.c b/libyara/exec.c
index f9b21cd..f8f4d4d 100644
--- a/libyara/exec.c
+++ b/libyara/exec.c
@@ -50,7 +50,7 @@ typedef union _STACK_ITEM {
 
 #define push(x)  \
     do { \
-      if (sp < context->stacksize) stack[sp++] = (x); \
+      if (sp < stack_sz) stack[sp++] = (x); \
       else return ERROR_EXEC_STACK_OVERFLOW; \
     } while(0)
 
@@ -183,12 +183,15 @@ int yr_execute_code(
   int stop = FALSE;
   int cycle = 0;
   int tidx = context->tidx;
+  unsigned int stack_sz;
 
   #ifdef PROFILING_ENABLED
   clock_t start = clock();
   #endif
 
-  stack = (STACK_ITEM *) yr_malloc(context->stacksize * sizeof(STACK_ITEM));
+  yr_get_configuration(YR_CONFIG_STACK_SIZE, (void*)&stack_sz);
+
+  stack = (STACK_ITEM *) yr_malloc(stack_sz * sizeof(STACK_ITEM));
 
   if (stack == NULL)
     return ERROR_INSUFICIENT_MEMORY;
diff --git a/libyara/include/yara/libyara.h b/libyara/include/yara/libyara.h
index 6772e13..14932d6 100644
--- a/libyara/include/yara/libyara.h
+++ b/libyara/include/yara/libyara.h
@@ -31,6 +31,14 @@ limitations under the License.
     (YR_MINOR_VERSION << 8) | \
     (YR_MICRO_VERSION << 0))
 
+// Enumerated type listing configuration options
+enum yr_cfg_name {
+  YR_CONFIG_STACK_SIZE,
+  YR_CONFIG_MAX
+};
+
+#define DEFAULT_STACK_SIZE 16384
+
 
 YR_API int yr_initialize(void);
 
@@ -46,4 +54,10 @@ YR_API int yr_get_tidx(void);
 
 YR_API void yr_set_tidx(int);
 
+
+YR_API int yr_set_configuration(enum yr_cfg_name, void *);
+
+
+YR_API int yr_get_configuration(enum yr_cfg_name, void *);
+
 #endif
diff --git a/libyara/libyara.c b/libyara/libyara.c
index 0321367..bb36699 100644
--- a/libyara/libyara.c
+++ b/libyara/libyara.c
@@ -44,6 +44,14 @@ pthread_key_t recovery_state_key;
 
 static int init_count = 0;
 
+struct yr_config_var {
+  union {
+    size_t sz;
+    unsigned int ui;
+    char *str;
+  } data; // The data content
+} yr_cfgs[YR_CONFIG_MAX];
+
 char lowercase[256];
 char altercase[256];
 
@@ -74,6 +82,7 @@ void locking_function(int mode, int n, const char *file, int line)
 YR_API int yr_initialize(void)
 {
   int i;
+  unsigned int def_stack_size = DEFAULT_STACK_SIZE;
 
   if (init_count > 0)
   {
@@ -115,6 +124,9 @@ YR_API int yr_initialize(void)
   FAIL_ON_ERROR(yr_re_initialize());
   FAIL_ON_ERROR(yr_modules_initialize());
 
+  // Initialize default configuration options
+  FAIL_ON_ERROR(yr_set_configuration(YR_CONFIG_STACK_SIZE, &def_stack_size));
+
   init_count++;
 
   return ERROR_SUCCESS;
@@ -213,3 +225,33 @@ YR_API int yr_get_tidx(void)
   return (int) (size_t) pthread_getspecific(tidx_key) - 1;
   #endif
 }
+
+YR_API int yr_set_configuration(enum yr_cfg_name cfgname, void *src) {
+  if(src == NULL) {
+    return 1;
+  }
+  switch(cfgname) { // lump all the cases using same types together in one cascade
+    case YR_CONFIG_STACK_SIZE:
+      yr_cfgs[cfgname].data.ui = *(unsigned int*)src;
+      break;
+    default:
+      return 1;
+  }
+
+  return 0;
+}
+
+YR_API int yr_get_configuration(enum yr_cfg_name cfgname, void *dest) {
+  if(dest == NULL) {
+    return 1;
+  }
+  switch(cfgname) { // lump all the cases using same types together in one cascade
+    case YR_CONFIG_STACK_SIZE:
+      *(size_t*)dest = yr_cfgs[cfgname].data.ui;
+      break;
+    default:
+      return 1;
+  }
+
+  return 0;
+}
diff --git a/yara.c b/yara.c
index 31f5c73..76ae3b3 100644
--- a/yara.c
+++ b/yara.c
@@ -89,8 +89,6 @@ typedef struct _QUEUED_FILE {
 #define MAX_ARGS_EXT_VAR        32
 #define MAX_ARGS_MODULE_DATA    32
 
-#define DEFAULT_STACK_SIZE   16384
-
 char* tags[MAX_ARGS_TAG + 1];
 char* identifiers[MAX_ARGS_IDENTIFIER + 1];
 char* ext_vars[MAX_ARGS_EXT_VAR + 1];
@@ -734,6 +732,11 @@ void* scanning_thread(void* param)
 
     if (elapsed_time < timeout)
     {
+      if(stacksize != DEFAULT_STACK_SIZE) {
+        // If the user chose a different stack size than default,
+        // modify the yara config here
+        yr_set_configuration(YR_CONFIG_STACK_SIZE, &stacksize);
+      }
       result = yr_rules_scan_file(
           args->rules,
           file_path,

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git



More information about the forensics-changes mailing list