[Forensics-changes] [yara] 196/368: Some code cleanup
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:39 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit dab6e4a0588bc67bb97ce4c9f94bf039a59a6ba8
Author: Kyle Reed <kallanreed at outlook.com>
Date: Thu Feb 25 09:54:12 2016 -0800
Some code cleanup
Signed-off-by: Kyle Reed <kallanreed at outlook.com>
---
libyara/include/yara/modules.h | 3 +--
libyara/modules/elf.c | 2 +-
libyara/modules/hash.c | 16 ++++++++--------
libyara/modules/math.c | 20 ++++++++++----------
libyara/modules/pe.c | 4 ++--
libyara/proc.c | 13 ++++++++++---
6 files changed, 32 insertions(+), 26 deletions(-)
diff --git a/libyara/include/yara/modules.h b/libyara/include/yara/modules.h
index 0d7235f..6594206 100644
--- a/libyara/include/yara/modules.h
+++ b/libyara/include/yara/modules.h
@@ -279,8 +279,7 @@ limitations under the License.
#define scan_context() (__context)
-#define foreach_memory_block(context, block, iterator) \
- iterator = (context)->iterator; \
+#define foreach_memory_block(iterator, block) \
for (block = iterator->first(iterator); \
block != NULL; \
block = iterator->next(iterator)) \
diff --git a/libyara/modules/elf.c b/libyara/modules/elf.c
index afb8464..e0d3a82 100644
--- a/libyara/modules/elf.c
+++ b/libyara/modules/elf.c
@@ -369,7 +369,7 @@ int module_load(
set_integer(ELF_PF_W, module_object, "PF_W");
set_integer(ELF_PF_R, module_object, "PF_R");
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
uint8_t* block_data = iterator->fetch_data(iterator);
diff --git a/libyara/modules/hash.c b/libyara/modules/hash.c
index 2d0ffe6..c0c9574 100644
--- a/libyara/modules/hash.c
+++ b/libyara/modules/hash.c
@@ -122,7 +122,7 @@ define_function(data_md5)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
int64_t offset = integer_argument(1); // offset where to start
int64_t length = integer_argument(2); // length of bytes we want hash on
@@ -134,7 +134,7 @@ define_function(data_md5)
return ERROR_WRONG_ARGUMENTS;
}
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
// if desired block within current block
@@ -197,7 +197,7 @@ define_function(data_sha1)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
SHA1_Init(&sha_context);
@@ -206,7 +206,7 @@ define_function(data_sha1)
return ERROR_WRONG_ARGUMENTS;
}
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
// if desired block within current block
if (offset >= block->base &&
@@ -268,7 +268,7 @@ define_function(data_sha256)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
SHA256_Init(&sha256_context);
@@ -277,7 +277,7 @@ define_function(data_sha256)
return ERROR_WRONG_ARGUMENTS;
}
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
// if desired block within current block
if (offset >= block->base &&
@@ -331,7 +331,7 @@ define_function(data_checksum32)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
uint32_t checksum = 0;
int past_first_block = FALSE;
@@ -341,7 +341,7 @@ define_function(data_checksum32)
return ERROR_WRONG_ARGUMENTS;
}
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
if (offset >= block->base &&
offset < block->base + block->size)
diff --git a/libyara/modules/math.c b/libyara/modules/math.c
index 09c1fc3..c24268c 100644
--- a/libyara/modules/math.c
+++ b/libyara/modules/math.c
@@ -80,7 +80,7 @@ define_function(data_entropy)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
if (offset < 0 || length < 0 || offset < block->base)
return_float(UNDEFINED);
@@ -90,7 +90,7 @@ define_function(data_entropy)
if (data == NULL)
return_float(UNDEFINED);
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
if (offset >= block->base &&
offset < block->base + block->size)
@@ -183,12 +183,12 @@ define_function(data_deviation)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
if (offset < 0 || length < 0 || offset < block->base)
return_float(UNDEFINED);
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
if (offset >= block->base &&
offset < block->base + block->size)
@@ -256,7 +256,7 @@ define_function(data_mean)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
size_t total_len = 0;
size_t i;
@@ -264,7 +264,7 @@ define_function(data_mean)
if (offset < 0 || length < 0 || offset < block->base)
return_float(UNDEFINED);
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
if (offset >= block->base &&
offset < block->base + block->size)
@@ -320,7 +320,7 @@ define_function(data_serial_correlation)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
double sccun = 0;
double scclast = 0;
@@ -332,7 +332,7 @@ define_function(data_serial_correlation)
if (offset < 0 || length < 0 || offset < block->base)
return_float(UNDEFINED);
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
if (offset >= block->base &&
offset < block->base + block->size)
@@ -444,12 +444,12 @@ define_function(data_monte_carlo_pi)
YR_SCAN_CONTEXT* context = scan_context();
YR_MEMORY_BLOCK* block = first_memory_block(context);
- YR_BLOCK_ITERATOR* iterator = NULL;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
if (offset < 0 || length < 0 || offset < block->base)
return_float(UNDEFINED);
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
if (offset >= block->base &&
offset < block->base + block->size)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 91b8ed5..b100ad2 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -2206,7 +2206,7 @@ int module_load(
size_t module_data_size)
{
YR_MEMORY_BLOCK* block;
- YR_BLOCK_ITERATOR* iterator;
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
set_integer(
IMAGE_FILE_MACHINE_UNKNOWN, module_object,
@@ -2447,7 +2447,7 @@ int module_load(
RESOURCE_TYPE_MANIFEST, module_object,
"RESOURCE_TYPE_MANIFEST");
- foreach_memory_block(context, block, iterator)
+ foreach_memory_block(iterator, block)
{
uint8_t* data = iterator->fetch_data(iterator);
diff --git a/libyara/proc.c b/libyara/proc.c
index 2857a94..9b831fb 100644
--- a/libyara/proc.c
+++ b/libyara/proc.c
@@ -619,14 +619,17 @@ int yr_close_process_iterator(
{
YR_PROCESS_CONTEXT* ctx = (YR_PROCESS_CONTEXT*)iterator->context;
- // NOTE: detach is responsible for freeing any allocated context
+ if (ctx == NULL)
+ return ERROR_SUCCESS;
+
+ // NOTE: detach is responsible for freeing allocated process context
_yr_detach_process(ctx->process_context);
+ _yr_free_block_data(ctx);
+
YR_MEMORY_BLOCK* current = ctx->blocks;
YR_MEMORY_BLOCK* next;
- _yr_free_block_data(ctx);
-
// free blocks list
while(current != NULL)
{
@@ -635,5 +638,9 @@ int yr_close_process_iterator(
current = next;
}
+ // free the context
+ yr_free(iterator->context);
+ iterator->context = NULL;
+
return ERROR_SUCCESS;
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list