[Forensics-changes] [yara] 109/192: Improve test cases dealing with errors. Add test cases for invalid module names.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:31:53 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.6.0
in repository yara.
commit 67ba4ff9c3ccd01c7076ef817434a402af328a17
Author: plusvic <plusvic at gmail.com>
Date: Wed Mar 8 16:58:57 2017 +0100
Improve test cases dealing with errors. Add test cases for invalid module names.
---
tests/test-exception.c | 14 +++++++---
tests/test-rules.c | 69 +++++++++++++++++++++++++++++++++-----------------
tests/util.c | 27 +++++++++++---------
tests/util.h | 29 +++++++++------------
4 files changed, 83 insertions(+), 56 deletions(-)
diff --git a/tests/test-exception.c b/tests/test-exception.c
index 29232b2..8ea05c5 100644
--- a/tests/test-exception.c
+++ b/tests/test-exception.c
@@ -74,11 +74,17 @@ int main(int argc, char **argv)
yr_initialize();
- YR_RULES* rules_a = compile_rule(
- "rule test { strings: $a = \"aaaa\" condition: all of them }");
+ YR_RULES* rules_a;
- YR_RULES* rules_0 = compile_rule(
- "rule test { strings: $a = { 00 00 00 00 } condition: all of them }");
+ compile_rule(
+ "rule test { strings: $a = \"aaaa\" condition: all of them }",
+ &rules_a);
+
+ YR_RULES* rules_0;
+
+ compile_rule(
+ "rule test { strings: $a = { 00 00 00 00 } condition: all of them }",
+ &rules_0);
puts("Scanning for \"aaaa\"...");
diff --git a/tests/test-rules.c b/tests/test-rules.c
index 556e345..2ca4f3f 100644
--- a/tests/test-rules.c
+++ b/tests/test-rules.c
@@ -234,8 +234,9 @@ static void test_bitwise_operators()
static void test_syntax()
{
- assert_syntax_error(
- "rule test { strings: $a = \"a\" $a = \"a\" condition: all of them }");
+ assert_error(
+ "rule test { strings: $a = \"a\" $a = \"a\" condition: all of them }",
+ ERROR_DUPLICATED_STRING_IDENTIFIER);
}
@@ -553,34 +554,40 @@ static void test_hex_strings()
condition: $a }",
"1234567890");
- assert_syntax_error(
+ assert_error(
"rule test { \
strings: $a = { 01 [0] 02 } \
- condition: $a }");
+ condition: $a }",
+ ERROR_INVALID_HEX_STRING);
- assert_syntax_error(
+ assert_error(
"rule test { \
- strings: $a = { [-] 01 02 } condition: $a }");
+ strings: $a = { [-] 01 02 } condition: $a }",
+ ERROR_INVALID_HEX_STRING);
- assert_syntax_error(
+ assert_error(
"rule test { \
strings: $a = { 01 02 [-] } \
- condition: $a }");
+ condition: $a }",
+ ERROR_INVALID_HEX_STRING);
- assert_syntax_error(
+ assert_error(
"rule test { \
strings: $a = { 01 02 ([-] 03 | 04) } \
- condition: $a }");
+ condition: $a }",
+ ERROR_INVALID_HEX_STRING);
- assert_syntax_error(
+ assert_error(
"rule test { \
strings: $a = { 01 02 (03 [-] | 04) } \
- condition: $a }");
+ condition: $a }",
+ ERROR_INVALID_HEX_STRING);
- assert_syntax_error(
+ assert_error(
"rule test { \
strings: $a = { 01 02 (03 | 04 [-]) } \
- condition: $a ");
+ condition: $a ",
+ ERROR_INVALID_HEX_STRING);
/* TODO: tests.py:551 ff. */
}
@@ -730,11 +737,13 @@ static void test_of()
}",
"mississippi");
- assert_syntax_error(
- "rule test { condition: all of ($a*) }");
+ assert_error(
+ "rule test { condition: all of ($a*) }",
+ ERROR_UNDEFINED_STRING);
- assert_syntax_error(
- "rule test { condition: all of them }");
+ assert_error(
+ "rule test { condition: all of them }",
+ ERROR_UNDEFINED_STRING);
}
@@ -913,10 +922,8 @@ void test_re()
assert_regexp_syntax_error("(abc");
assert_regexp_syntax_error("abc)");
assert_regexp_syntax_error("a[]b");
- assert_regexp_syntax_error("a\\");
assert_true_regexp("a[\\-b]", "a-", "a-");
assert_true_regexp("a[\\-b]", "ab", "ab");
- assert_regexp_syntax_error("a[\\");
assert_true_regexp("a]", "a]", "a]");
assert_true_regexp("a[]]b", "a]b", "a]b");
assert_true_regexp("a[\\]]b", "a]b", "a]b");
@@ -1025,6 +1032,14 @@ void test_re()
assert_regexp_syntax_error("\\x");
assert_regexp_syntax_error("\\xxy");
+
+ assert_error(
+ "rule test { strings: $a = /a\\/ condition: $a }",
+ ERROR_SYNTAX_ERROR);
+
+ assert_error(
+ "rule test { strings: $a = /[a\\/ condition: $a }",
+ ERROR_SYNTAX_ERROR);
}
@@ -1249,6 +1264,14 @@ static void test_modules()
rule test { condition: tests.fsum(1.0,1.0) == 3.0 \
}",
NULL);
+
+ assert_error(
+ "import \"\\x00\"",
+ ERROR_INVALID_MODULE_NAME);
+
+ assert_error(
+ "import \"\"",
+ ERROR_INVALID_MODULE_NAME);
}
#if defined(HASH_MODULE)
@@ -1335,7 +1358,7 @@ void test_file_descriptor()
{
YR_COMPILER* compiler = NULL;
YR_RULES* rules = NULL;
-
+
#if defined(_WIN32) || defined(__CYGWIN__)
HANDLE fd = CreateFile("tests/data/true.yar", GENERIC_READ, 0, NULL, OPEN_EXISTING, 0, NULL);
if (fd == INVALID_HANDLE_VALUE)
@@ -1361,7 +1384,7 @@ void test_file_descriptor()
perror("yr_compiler_add_fd");
exit(EXIT_FAILURE);
}
-
+
#if defined(_WIN32) || defined(__CYGWIN__)
CloseHandle(fd);
#else
@@ -1381,7 +1404,7 @@ void test_file_descriptor()
{
yr_rules_destroy(rules);
}
-
+
return;
}
diff --git a/tests/util.c b/tests/util.c
index 59105dd..e3c7f0d 100644
--- a/tests/util.c
+++ b/tests/util.c
@@ -54,11 +54,12 @@ static void callback_function(
}
-YR_RULES* compile_rule(
- char* string)
+int compile_rule(
+ char* string,
+ YR_RULES** rules)
{
YR_COMPILER* compiler = NULL;
- YR_RULES* rules = NULL;
+ int result = ERROR_SUCCESS;
compile_error[0] = '\0';
@@ -71,14 +72,16 @@ YR_RULES* compile_rule(
yr_compiler_set_callback(compiler, callback_function, NULL);
if (yr_compiler_add_string(compiler, string, NULL) != 0)
+ {
+ result = compiler->last_error;
goto _exit;
+ }
- if (yr_compiler_get_rules(compiler, &rules) != ERROR_SUCCESS)
- goto _exit;
+ result = yr_compiler_get_rules(compiler, rules);
_exit:
yr_compiler_destroy(compiler);
- return rules;
+ return result;
}
@@ -101,15 +104,15 @@ int matches_blob(
uint8_t* blob,
size_t len)
{
+ YR_RULES* rules;
+
if (blob == NULL)
{
blob = (uint8_t*) "dummy";
len = 5;
}
- YR_RULES* rules = compile_rule(rule);
-
- if (rules == NULL)
+ if (compile_rule(rule, &rules) != ERROR_SUCCESS)
{
fprintf(stderr, "failed to compile rule << %s >>: %s\n", rule, compile_error);
exit(EXIT_FAILURE);
@@ -171,7 +174,7 @@ static int capture_matches(
{
int r = strncmp(
f->expected, (char*) (match->data), match->data_length);
-
+
if (r == 0)
f->found++;
}
@@ -187,9 +190,9 @@ int capture_string(
char* string,
char* expected_string)
{
- YR_RULES* rules = compile_rule(rule);
+ YR_RULES* rules;
- if (rules == NULL)
+ if (compile_rule(rule, &rules) != ERROR_SUCCESS)
{
fprintf(stderr, "failed to compile rule << %s >>: %s\n", rule, compile_error);
exit(EXIT_FAILURE);
diff --git a/tests/util.h b/tests/util.h
index 835115f..3909b9d 100644
--- a/tests/util.h
+++ b/tests/util.h
@@ -32,8 +32,9 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
extern char compile_error[1024];
-YR_RULES* compile_rule(
- char* string);
+int compile_rule(
+ char* string,
+ YR_RULES** rules);
int count_matches(
@@ -141,18 +142,12 @@ int read_file(
free(buf); \
} while (0);
-#define assert_syntax_correct(rule) do { \
- if (compile_rule(rule) == NULL) { \
- fprintf(stderr, "%s:%d: rule << %s >> can't be compiled: %s\n", \
- __FILE__, __LINE__, rule, compile_error); \
- exit(EXIT_FAILURE); \
- } \
- } while (0);
-
-#define assert_syntax_error(rule) do { \
- if (compile_rule(rule) != NULL) { \
- fprintf(stderr, "%s:%d: rule can be compiled (but shouldn't)\n", \
- __FILE__, __LINE__); \
+#define assert_error(rule, error) do { \
+ YR_RULES* rules; \
+ int result = compile_rule(rule, &rules); \
+ if (result != error) { \
+ fprintf(stderr, "%s:%d: expecting error %d but returned %d\n", \
+ __FILE__, __LINE__, error, result); \
exit(EXIT_FAILURE); \
} \
} while (0);
@@ -170,8 +165,8 @@ int read_file(
assert_false_rule("rule test { strings: $a = /" regexp \
"/ condition: $a }", string)
-#define assert_regexp_syntax_error(regexp) \
- assert_syntax_error("rule test { strings: $a = /" regexp \
- "/ condition: $a }")
+#define assert_regexp_syntax_error(regexp) \
+ assert_error("rule test { strings: $a = /" regexp "/ condition: $a }",\
+ ERROR_INVALID_REGULAR_EXPRESSION)
#endif /* _UTIL_H */
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list