[Forensics-changes] [yara] 121/192: Fix some style issues and add —print-string-length option to man page.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:31:55 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.6.0
in repository yara.
commit a6aaae3bb0951abde6e09707335e745168abd74b
Author: plusvic <plusvic at gmail.com>
Date: Thu Mar 16 11:22:10 2017 +0100
Fix some style issues and add —print-string-length option to man page.
---
yara.c | 26 ++++++++++++++++++--------
yara.man | 3 +++
2 files changed, 21 insertions(+), 8 deletions(-)
diff --git a/yara.c b/yara.c
index e0e0266..c1a6cd2 100644
--- a/yara.c
+++ b/yara.c
@@ -122,6 +122,7 @@ int show_tags = FALSE;
int show_specified_tags = FALSE;
int show_specified_rules = FALSE;
int show_strings = FALSE;
+int show_string_length = FALSE;
int show_meta = FALSE;
int show_namespace = FALSE;
int show_version = FALSE;
@@ -134,7 +135,6 @@ int limit = 0;
int timeout = 1000000;
int stack_size = DEFAULT_STACK_SIZE;
int threads = 8;
-int show_str_len = FALSE;
int fail_on_warnings = FALSE;
@@ -165,6 +165,9 @@ args_option_t options[] =
OPT_BOOLEAN('s', "print-strings", &show_strings,
"print matching strings"),
+ OPT_BOOLEAN('L', "print-string-length", &show_string_length,
+ "print length of matched strings"),
+
OPT_BOOLEAN('e', "print-namespace", &show_namespace,
"print rules' namespace"),
@@ -204,8 +207,6 @@ args_option_t options[] =
OPT_BOOLEAN('h', "help", &show_help,
"show this help and exit"),
- OPT_BOOLEAN('L', "print-string-length", &show_str_len, "print length of matched strings"),
-
OPT_END()
};
@@ -662,7 +663,7 @@ int handle_message(
// Show matched strings.
- if (show_strings || show_str_len)
+ if (show_strings || show_string_length)
{
YR_STRING* string;
@@ -672,20 +673,29 @@ int handle_message(
yr_string_matches_foreach(string, match)
{
- if (show_str_len)
- printf("0x%" PRIx64 ":%d:%s", match->base + match->offset, match->data_length, string->identifier);
+ if (show_string_length)
+ printf("0x%" PRIx64 ":%d:%s",
+ match->base + match->offset,
+ match->data_length,
+ string->identifier);
else
- printf("0x%" PRIx64 ":%s", match->base + match->offset, string->identifier);
+ printf("0x%" PRIx64 ":%s",
+ match->base + match->offset,
+ string->identifier);
- if (show_strings) {
+ if (show_strings)
+ {
printf(": ");
+
if (STRING_IS_HEX(string))
print_hex_string(match->data, match->data_length);
else
print_string(match->data, match->data_length);
}
else
+ {
printf("\n");
+ }
}
}
}
diff --git a/yara.man b/yara.man
index 4420f01..cbbc62e 100644
--- a/yara.man
+++ b/yara.man
@@ -39,6 +39,9 @@ Print metadata associated to the rule.
.B \-s " --print-strings"
Print strings found in the file.
.TP
+.B \-L " --print-string-length"
+Print length of strings found in the file.
+.TP
.BI \-p " number" " --threads=" number
Use the specified
.I number
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list