[Forensics-changes] [yara] 199/368: Fixing issues found when previewing PR

Hilko Bengen bengen at moszumanska.debian.org
Sat Jul 1 10:30:39 UTC 2017 

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.5.0
in repository yara.

commit eb82997ef3a5047fafc8e70dd45752c9dcc96bc3
Author: Kyle Reed <kallanreed at outlook.com>
Date:   Sat Feb 27 21:19:17 2016 -0800

    Fixing issues found when previewing PR
    
    Signed-off-by: Kyle Reed <kallanreed at outlook.com>
---
 libyara/include/yara/proc.h  | 4 ----
 libyara/include/yara/rules.h | 8 --------
 libyara/include/yara/types.h | 2 --
 libyara/modules/elf.c        | 2 +-
 libyara/proc.c               | 5 ++---
 5 files changed, 3 insertions(+), 18 deletions(-)

diff --git a/libyara/include/yara/proc.h b/libyara/include/yara/proc.h
index 8018bef..fe08fb8 100644
--- a/libyara/include/yara/proc.h
+++ b/libyara/include/yara/proc.h
@@ -19,10 +19,6 @@ limitations under the License.
 
 #include <yara/types.h>
 
-int yr_process_get_memory(
-    int pid,
-    YR_MEMORY_BLOCK** first_block);
-
 int yr_open_process_iterator(
     int pid,
     YR_BLOCK_ITERATOR* iterator);
diff --git a/libyara/include/yara/rules.h b/libyara/include/yara/rules.h
index fa268ad..0dab09e 100644
--- a/libyara/include/yara/rules.h
+++ b/libyara/include/yara/rules.h
@@ -92,14 +92,6 @@ YR_API int yr_rules_scan_proc(
     void* user_data,
     int timeout);
 
-YR_API int yr_rules_scan_proc2(
-    YR_RULES* rules,
-    int pid,
-    int flags,
-    YR_CALLBACK_FUNC callback,
-    void* user_data,
-    int timeout);
-
 YR_API int yr_rules_save(
     YR_RULES* rules,
     const char* filename);
diff --git a/libyara/include/yara/types.h b/libyara/include/yara/types.h
index d2771e0..bc02958 100644
--- a/libyara/include/yara/types.h
+++ b/libyara/include/yara/types.h
@@ -384,8 +384,6 @@ struct _YR_BLOCK_ITERATOR
 {
   void* context;
 
-  // TODO: current ptr or fn?
-
   YR_BLOCK_ITERATOR_MOVE  first;
   YR_BLOCK_ITERATOR_MOVE  next;
   YR_BLOCK_ITERATOR_FETCH fetch_data;
diff --git a/libyara/modules/elf.c b/libyara/modules/elf.c
index e0d3a82..6ea0cfb 100644
--- a/libyara/modules/elf.c
+++ b/libyara/modules/elf.c
@@ -311,7 +311,7 @@ int module_load(
     size_t module_data_size)
 {
   YR_MEMORY_BLOCK* block;
-  YR_BLOCK_ITERATOR* iterator;
+  YR_BLOCK_ITERATOR* iterator = context->iterator;
 
   elf32_header_t* elf_header32;
   elf64_header_t* elf_header64;
diff --git a/libyara/proc.c b/libyara/proc.c
index 08796f2..cbabe6c 100644
--- a/libyara/proc.c
+++ b/libyara/proc.c
@@ -45,8 +45,7 @@ int _yr_attach_process(
         NULL,
         NULL);
   }
-
-  // TODO: should this be COULD NOT ATTACH?
+  // TODO: should else be COULD NOT ATTACH?
 
   if (hToken != NULL)
     CloseHandle(hToken);
@@ -89,7 +88,7 @@ int _yr_get_process_blocks(
   {
     if (mbi.State == MEM_COMMIT && ((mbi.Protect & PAGE_NOACCESS) == 0)) // TODO: check for read permission?
     {
-      // TODO: test read so we don't return blocks that can't be read
+      // TODO: test read so we don't return blocks that can't be read?
 
       new_block = (YR_MEMORY_BLOCK*)yr_malloc(sizeof(YR_MEMORY_BLOCK));
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git

More information about the forensics-changes mailing list