[Forensics-changes] [yara] 173/368: Add yr_set/get_configuration and use this to set stack size
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:25 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit c5681184e52c01228faca1fc474e4785c05563ff
Author: Coleman Kane <ckane at colemankane.org>
Date: Fri Feb 19 21:24:05 2016 -0500
Add yr_set/get_configuration and use this to set stack size
---
libyara/exec.c | 7 +++++--
libyara/include/yara/libyara.h | 14 ++++++++++++++
libyara/libyara.c | 42 ++++++++++++++++++++++++++++++++++++++++++
yara.c | 7 +++++--
4 files changed, 66 insertions(+), 4 deletions(-)
diff --git a/libyara/exec.c b/libyara/exec.c
index f9b21cd..f8f4d4d 100644
--- a/libyara/exec.c
+++ b/libyara/exec.c
@@ -50,7 +50,7 @@ typedef union _STACK_ITEM {
#define push(x) \
do { \
- if (sp < context->stacksize) stack[sp++] = (x); \
+ if (sp < stack_sz) stack[sp++] = (x); \
else return ERROR_EXEC_STACK_OVERFLOW; \
} while(0)
@@ -183,12 +183,15 @@ int yr_execute_code(
int stop = FALSE;
int cycle = 0;
int tidx = context->tidx;
+ unsigned int stack_sz;
#ifdef PROFILING_ENABLED
clock_t start = clock();
#endif
- stack = (STACK_ITEM *) yr_malloc(context->stacksize * sizeof(STACK_ITEM));
+ yr_get_configuration(YR_CONFIG_STACK_SIZE, (void*)&stack_sz);
+
+ stack = (STACK_ITEM *) yr_malloc(stack_sz * sizeof(STACK_ITEM));
if (stack == NULL)
return ERROR_INSUFICIENT_MEMORY;
diff --git a/libyara/include/yara/libyara.h b/libyara/include/yara/libyara.h
index 6772e13..14932d6 100644
--- a/libyara/include/yara/libyara.h
+++ b/libyara/include/yara/libyara.h
@@ -31,6 +31,14 @@ limitations under the License.
(YR_MINOR_VERSION << 8) | \
(YR_MICRO_VERSION << 0))
+// Enumerated type listing configuration options
+enum yr_cfg_name {
+ YR_CONFIG_STACK_SIZE,
+ YR_CONFIG_MAX
+};
+
+#define DEFAULT_STACK_SIZE 16384
+
YR_API int yr_initialize(void);
@@ -46,4 +54,10 @@ YR_API int yr_get_tidx(void);
YR_API void yr_set_tidx(int);
+
+YR_API int yr_set_configuration(enum yr_cfg_name, void *);
+
+
+YR_API int yr_get_configuration(enum yr_cfg_name, void *);
+
#endif
diff --git a/libyara/libyara.c b/libyara/libyara.c
index 0321367..bb36699 100644
--- a/libyara/libyara.c
+++ b/libyara/libyara.c
@@ -44,6 +44,14 @@ pthread_key_t recovery_state_key;
static int init_count = 0;
+struct yr_config_var {
+ union {
+ size_t sz;
+ unsigned int ui;
+ char *str;
+ } data; // The data content
+} yr_cfgs[YR_CONFIG_MAX];
+
char lowercase[256];
char altercase[256];
@@ -74,6 +82,7 @@ void locking_function(int mode, int n, const char *file, int line)
YR_API int yr_initialize(void)
{
int i;
+ unsigned int def_stack_size = DEFAULT_STACK_SIZE;
if (init_count > 0)
{
@@ -115,6 +124,9 @@ YR_API int yr_initialize(void)
FAIL_ON_ERROR(yr_re_initialize());
FAIL_ON_ERROR(yr_modules_initialize());
+ // Initialize default configuration options
+ FAIL_ON_ERROR(yr_set_configuration(YR_CONFIG_STACK_SIZE, &def_stack_size));
+
init_count++;
return ERROR_SUCCESS;
@@ -213,3 +225,33 @@ YR_API int yr_get_tidx(void)
return (int) (size_t) pthread_getspecific(tidx_key) - 1;
#endif
}
+
+YR_API int yr_set_configuration(enum yr_cfg_name cfgname, void *src) {
+ if(src == NULL) {
+ return 1;
+ }
+ switch(cfgname) { // lump all the cases using same types together in one cascade
+ case YR_CONFIG_STACK_SIZE:
+ yr_cfgs[cfgname].data.ui = *(unsigned int*)src;
+ break;
+ default:
+ return 1;
+ }
+
+ return 0;
+}
+
+YR_API int yr_get_configuration(enum yr_cfg_name cfgname, void *dest) {
+ if(dest == NULL) {
+ return 1;
+ }
+ switch(cfgname) { // lump all the cases using same types together in one cascade
+ case YR_CONFIG_STACK_SIZE:
+ *(size_t*)dest = yr_cfgs[cfgname].data.ui;
+ break;
+ default:
+ return 1;
+ }
+
+ return 0;
+}
diff --git a/yara.c b/yara.c
index 31f5c73..76ae3b3 100644
--- a/yara.c
+++ b/yara.c
@@ -89,8 +89,6 @@ typedef struct _QUEUED_FILE {
#define MAX_ARGS_EXT_VAR 32
#define MAX_ARGS_MODULE_DATA 32
-#define DEFAULT_STACK_SIZE 16384
-
char* tags[MAX_ARGS_TAG + 1];
char* identifiers[MAX_ARGS_IDENTIFIER + 1];
char* ext_vars[MAX_ARGS_EXT_VAR + 1];
@@ -734,6 +732,11 @@ void* scanning_thread(void* param)
if (elapsed_time < timeout)
{
+ if(stacksize != DEFAULT_STACK_SIZE) {
+ // If the user chose a different stack size than default,
+ // modify the yara config here
+ yr_set_configuration(YR_CONFIG_STACK_SIZE, &stacksize);
+ }
result = yr_rules_scan_file(
args->rules,
file_path,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list