[Forensics-changes] [yara] annotated tag v3.5.0 deleted (was 86f37e1)
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:40:45 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a change to annotated tag v3.5.0
in repository yara.
*** WARNING: tag v3.5.0 was deleted! ***
tag was 86f37e1
This change permanently discards the following revisions:
discards 7473441 Gets pe_utils.c to compile with VS2015. (#488)
discards ab6d748 Visual Studio 2015 (_MSC_VER == 1900) defines the snprintf function, so avoid defining it in those cases. (#483)
discards 4cf84a5 Add yara/integers.h to deployed headers
discards 810d6b0 Set version number to 3.5.0
discards 26ca179 Fix some issues with Windows projects
discards bfda09b Changes to make math and pe modules C89 compatible. (#479)
discards 03c2aac Added stdint.h fallback support. (#478)
discards f38ac77 Default to 0 signatures until otherwise known. (#476)
discards e5f0a8f Null-terminate string objects explicitly. (#477)
discards 9191c30 Fix typo
discards 2a19ada Put variable declarations at the beginning of code blocks
discards e787b52 Add missing typecasts
discards c2e8c76 Merge pull request #472 from hillu/openssl-1.1
discards 21fe3a7 Update documentation
discards a5f86fd Fix issue with boolean external variables being defined as integer
discards a18ac95 Add missing include
discards 38566c0 pe: OpenSSL 1.1 changes
discards 557f9ac Don't use libcrypto locking function for OpenSSL >= 1.1
discards c6e9950 Remove unused variables
discards 693ddd7 Exclude checks using the "hash" module if it wasn't compiled into YARA
discards 073c7b2 Rename defines used in conditional module compilation
discards 22ce5e0 Implement caching in "hash" module
discards fe0eb17 Implement yr_hash_table_add_raw_key and yr_hash_table_lookup_raw_key functions
discards 685ec9c Bump ARENA_FILE_VERSION, add corresponding check to tests (#468)
discards 1e7dd40 Add Cuckoo Sandbox to Yara users (#469)
discards 3b6e21e Improve mem block iterators (#471)
discards 3a53f06 Change license to 3-clause BSD
discards 9e50e4d Travis: Show test-suite.log on failure (#467)
discards 924c4bb Fix references to block data. (#466)
discards 94e3922 Enable "cuckoo" and "magic" modules while building in Travis
discards fc621a2 Move variable declaration to satisfy VC++
discards a16be22 Fix issue with missing include file while compiling in Visual Studio 2010
discards 561a742 Fix some issues with Visual Studio 2010 project
discards b11898b Fix warnings
discards dc0b37a Fix warnings
discards 32c614a Update URLs
discards 7ff47de Change type of SIZED_STRING's length to uint32_t
discards 1850003 Update documentation
discards 65d17b8 Move Visual Studio 2010 project to its own directory
discards 30cc8e1 Merge branch 'master' of https://github.com/VirusTotal/yara
discards b8d6e87 Merge pull request #447 from hillu/fix-sized-string
discards e085a86 Facilitate debugging of YARA's grammar
discards 4cc5fcc Fix segfault when yr_finalize is invoked without calling yr_initialize first
discards 84198d9 Avoid redefinition of external variables with a different type
discards 89cafe6 Fix memory leaks
discards f1e2ec9 Add assertion to make sure that "chained_to" field is set
discards 370aec0 Fix null pointer dereference
discards aeae6aa Fix potential memory leak
discards ff383e2 Fix resource leak
discards 2470a02 Fix potential null dereference issue
discards 5ec8cbc Invoke yr_modules_unload_all from exec.c
discards 66c5b3b Explicit initialization of pointer to avoid Coverity complaining
discards aa15261 Fix potential division-by-zero errors
discards d3c35f1 Force scan.coverity.com certificate to be accepted by Travis instances
discards 89a305f Fix issue introduced in 23759af0b29bad2f407dd031de28598ea6952b96
discards 23759af Merge pull request #418
discards f11220d Merge pull request #460 from mrexodia/vs10_fix
discards b293c2c fixed building on VS2010
discards 9915623 Update Gitter badge URL
discards a2302f9 Update Gitter badge URL
discards ada8ac3 Change Travis badge URL
discards b3b4d1c Merge pull request #458 from plusvic/master
discards fd346a7 Fix memory leak
discards 4036bd6 Fix unused variable warning
discards a304095 Update COVERITY_SCAN_TOKEN
discards c4e2a57 Fix dead code warning in Coverity
discards 4536079 Fix out-of-bounds accesses
discards 8c26cf8 Move return statement out of va_start, va_end block
discards eaa02b9 Fix use of uninitialized variable
discards 0b0e877 Fix wrong condition due to a typo
discards 6519dc1 Fix multiple memory leaks
discards 7825d19 Fix use of uninitialized variable
discards 6b16efd Fix double free bug
discards b5e762a Add missing call to va_end
discards 864f6b1 Fix Travis CI configuration
discards 49e3be5 Configure coverity_scan
discards 2f4142d Fix warning while compiling for 32-bits
discards a59b3b5 Ensure equal SIZED_STRING layout on 32 and 64 bit architectures
discards 0fcee7a tests: Check layout of SIZED_STRING
discards 7f0541e Merge pull request #455 from cblichmann/inlinecomments
discards 6e28b4b Extend the lexer to accept hex strings with inline comments.
discards a834857 Fix issues in 32-bits mode introduced in 0db16d3639140c0b6a7a6d0de06e5e2622e90c04
discards d1213f4 Merge remote-tracking branch 'upstream/master'
discards d7699c6 Remove YR_AC_STATE and YR_AC_AUTOMATON from alignments tests
discards bb1fa5f Merge pull request #454 from hillu/travis-i386
discards e987ce3 test-alignment: Fix number formatting in printf
discards 5de8555 Add build matrix that includes 32bit build
discards 0d69840 Merge pull request #445 from hillu/fix-defvar
discards c94dc61 Fix warning
discards 2cc6824 Fix alignment tests
discards eff84ea Fix warnings while building in Windows
discards 0db16d3 Implement Aho-Corasick automaton with interleaved arrays.
discards 3795321 Make yr_rules_define_* fail if variable does not exist
discards 38384b7 Fix issue #444
discards 0df7dae Fix issue #444
discards 45c586f Increase RE_MAX_FIBERS
discards dc4811b Add --enable-debug option to "configure" script
discards c7f00b9 Replace "backslashes" with "forward slashes" in documentation as reported in issue #443
discards 430b5b5 Fix use of uninitialized pointer
discards 5b5d280 Fix memory leaks in tests
discards c48b902 Merge pull request #440 from hillu/master
discards da6790b pe: '-' is a valid character for a DLL name.
discards dfc2f2a Merge remote-tracking branch 'upstream/master'
discards f50dec1 Implement function for optimizing Aho-Corasick automaton
discards 1497fbd Fix bug that can cause segfaults while scanning corrupted PE files.
discards e83f639 Replace tabs with spaces
discards 2bf5d47 Set the NAMESPACE_TFLAGS_UNSATISFIED_GLOBAL flag during condition evaluation instead of having to iterate over the rules twice.
discards 1b1fbfa Fix warning while compiling with Visual Studio 2015
discards f1713f7 Configure Visual Studio 2015 projects for static linking
discards cb51bfe Fix some issues while building for Windows
discards 2def714 Organize threading-related functions
discards 907a0b0 Update projects to use dependency NuGets
discards d5d83ae Cumulative fixes for building on Windows gitignore updated for Visual Studio
discards 2d6fc25 Remove windows/include from projects because it will come from nuget
discards 1cce744 Adding base project files and solution for 2015
discards 06409ec Merge pull request #430 from hillu/fix-429
discards 3b62410 Merge pull request #435 from hillu/yr_filemap_unmap_fd
discards e1bd626 Merge pull request #434 from scotmatson/master
discards 094588c Add yr_filemap_unmap_fd() that leaves the filehandle open after scanning
discards 3245154 Formatting and grammar/spelling corrections.
discards f268031 Corrected some of the grammatical/spelling errors and minor inconsistencies in example code.
discards 6bbbdc2 Round section offsets to 0x200 if FileAlignment > 0x200
discards 9b14138 Add test case for #429
discards cdcacde Add assert_false_rule_file macro
discards ba3fc7d Remove duplicate test introduced in 6757bcd40cb50fcc3a4318838a10d1b671978497
discards a330507 Break line with more than 80 columns
discards 50530c3 Merge pull request #428 from jallmantalbot/master
discards 32aee52 Removed exclusion of period-prefixed directories in recursive directory scan
discards a833341 Merge pull request #427 from hillu/rva-before-sections
discards f7c1abc pe: imports: Actually look at FirstThunk if OriginalFirstThunk is zero.
discards ba60f4e pe: Recognize RVAs below mapped sections
discards fd26704 Fix link to Travis CI badge
discards 138a05d Re-styling changes
discards a3bdc1c Add --stack-size option to man page
discards 24a503d Update documentation for command-line arguments
discards bd35568 Re-styling changes
discards d0835e2 Merge pull request #425 from hillu/fix-rva-calculation
discards e8f786e pe: pe_rva_to_offset: Round to File Alignment
discards 6757bcd tests: Add checks for #373, #399
discards d68a096 tests: Add code for working with external files
discards 5411431 pe: Move, improve OptionalHeader macro
discards 6bffd08 Add Travis CI status badge to README.md
discards 936669f Merge pull request #422 from hillu/travis
discards 6a8969c Add Travis CI integration
discards 0f43419 Merge pull request #417 from hillu/master
discards 4e2e9ec Merge pull request #420 from wxsBSD/entry_point_fix
discards 3a91764 Fix RVA calculation corner cases.
discards 0d58eb2 Merge remote-tracking branch 'upstream/master' into sectionreader
discards fcb1a45 Allocate struct for mach context in process scanning
discards 4b6ab92 tests: Minor formatting update
discards 4867806 tests: Output compile errors
discards 8d00ae8 Merge pull request #355 from Security513/stack-option
discards 21fea97 Merge pull request #387 from wxsBSD/modules_callback_docs
discards 243dfd9 Remove the trailing "s" from NBS Systems
discards 8d8d1b4 Add NBS Systems to "who's using YARA" list
discards d60e5b2 Update grammar.c with changes introduced in 9c044f32763fa793f7e0a2c0e00dd3606e891b90
discards ebd4f8c Merge pull request #411 from hillu/signed-numbers
discards 03add44 Add files generated by "make check" to .gitignore
discards 2976bac Apply YARA's coding style to tests
discards 5f7659a Merge pull request #413 from hillu/port-tests
discards b2531c5 Fix build problems on Mac
discards c1b79ae Adding Mac support for process iterator
discards 6ab766c fix wrong pointer bug in linux get_process_blocks
discards 26db645 Fixes for building on linux
discards 9c044f3 Accept negative integers in meta fields
discards 485fce9 Port most of the the rule-related tests from yara-python
discards fc6ad5c PE module to use iterator, change lost during merge
discards 0fd32d5 Adding Linux block iterator
discards 0d85a47 Merge remote-tracking branch 'upstream/master' into sectionreader
discards eb82997 Fixing issues found when previewing PR
discards cd06890 Add error handling for block iteration on Windows
discards 009a5b6 Update error number
discards dab6e4a Some code cleanup
discards 5ed8e66 rough implementation of process iterator for Windows
discards fa3343c using block iterator every where the block linked list was used had to include null checking everywhere the data was used
discards 1bbb97d Starting implementation of more generic block_iterator
discards 08f6ccb Adding a block iterator concept to yr_rules_scan_mem_blocks Abstraction to fetch blocks from a linked list of blocks or a section reader Needed new type YR_BLOCK_READER to keep state in the case of the linked list
discards af18d86 POC section reader working for Windows
discards 025ba44 Update projects to use dependency NuGets
discards 8f705fb Cumulative fixes for building on Windows gitignore updated for Visual Studio
discards 778db7b Remove windows/include from projects because it will come from nuget
discards 3d765cc Adding base project files and solution for 2015
discards 786bd6e Merge pull request #402 from maximelb/master
discards 04b4367 Spelling stack_sz & stacksize -> stack_size. Make it signed int type.
discards 4d979e6 Fix bug introduced in a76bfc07fc73160e320abe10ffe73d66f92c183f
discards ff05102 Fix indentation
discards f08b304 Fix warning
discards 3473ae6 Change include path while compiling in Mac OS X
discards c9c3d57 Show warning if OpenSSL is not installed when running ./configure script
discards 510fc3d Put a limit to the number of fibers while executing a regex
discards a76bfc0 Fix infinite loop with certain regular expressions like (a*)* and (a|)*
discards 83b0d90 Move the stack size setting code to near init call in main()
discards 55cd683 Use existing error code for return vals
discards bb6aa77 Remove stacksize from context
discards 9988d9c Remove the old pass-by-argument stacksize
discards c568118 Add yr_set/get_configuration and use this to set stack size
discards 51470c3 Merge pull request #3 from Security513/master
discards fa99c83 Merge pull request #2 from plusvic/master
discards a4c614a Merge pull request #403 from scudette/cygwin
discards 625f1f0 Add support for compiling under cygwin.
discards 8cb032a Fixing compilation warnings in Visual Studio 2013.
discards 9f3a3fe Show warning when string literal is used as operand in a boolean expression
discards 0c66e48 Make yywarning a variadic function
discards 20070c0 Add Christian Blichmann to CONTRIBUTERS
discards 8f1f1b1 Add Kaspersky to "who's using YARA" list
discards 52dd72e Fix regression introduced in #369
discards 3c74c9b Fix issue #397
discards 8577d68 Add ActiveCanopy to "who's using YARA" list
discards 9303c3c Fix typo
discards b9c4840 More accurate line numbers in while reporting duplicate string identifier errors
discards 60e505b Fix bug in previous commit
discards f867aee Fix issue #369.
discards 0ed6087 Fix spacing
discards 1e94ca7 Fix typos
discards 744e311 Some style changes in commit 5b5a0795db2238be4ed079d9583c2fb0b79866cf
discards 5d68015 Merge pull request #396 from wxsBSD/strncmp
discards 5b5a079 Fix match issue.
discards 1cca1e8 Merge pull request #386 from wxsBSD/msg_module_imported_docs
discards 738ca45 Move tests out of libyara
discards 094309b Merge pull request #394 from hillu/fix-rule-alignments
discards 2ca694b Merge pull request #392 from Northern-Lights/master
discards 553a76f Merge pull request #2 from plusvic/master
discards 18eb24c Add explicit alignments to data types taht may be read from disk.
discards fbb0ac2 Add test to check layouts of data types that may be read from disk
discards f8d9c56 Implemented @plusvic's suggestions to #392 and rm'd unused variable.
discards 80d64db Merge pull request #393 from hillu/fix-typo
discards 8456dd1 Fixes the array issue with #388
discards 9e40197 Merge pull request #1 from plusvic/master
discards e62c768 Fix typo
discards 8a843ad Revert files to state before my testing on nested dicts
discards fa788ca Fixes for #388
discards e13aaf7 Fixes issue #388 (nested dictionaries causing segfault)
discards 9d28366 Merge pull request #391 from wxsBSD/convenience_functions
discards f5c5d90 Add docs for convenience functions.
discards 3e519e6 Add is_dll(), is_3bit() and is_64bit() to pe.
discards 65794f0 Document modules_callback for yara-python.
discards c21eb6b Document CALLBACK_MSG_MODULE_IMPORTED.
discards db75033 Minor style changes
discards feca893 Merge pull request #360 from msuvajac/master
discards deb689c Update man page to new command line syntax
discards bb0336a Merge pull request #382 from wxsBSD/fix_bad_returns
discards 868d6ad Fix bad returns.
discards f55ab21 Convert logo to vectorial format
discards acd7bfe Implemented new callback for when module was successfully imported.
discards baca50d Merge remote-tracking branch 'core/master'
discards 7cf4b24 Merge pull request #364 from gregcopenhaver/spamstopshere
discards 32fa806 Minor style changes
discards c07bc4d Merge pull request #374 from mrexodia/rich_version
discards e7d7738 Minor changes in spacing and line length
discards 7e1db6c Merge pull request #366 from wxsBSD/negative_serials
discards 23485b4 implemented suggestions (now both rich_signature.version and rich_signature.toolid have overloads)
discards 7d224dd moved rich_version to rich_signature.version and added a rich_signature.toolid version for checking toolid's
discards e6f3f9e added rich_version function (+ documentation)
discards 43ffdcc Change EndCase Endpoint Security to Guidance Software
discards 053d8cf Add EnCase Endpoint Security and The DigiTrust Group to "who's using YARA"
discards a02c023 Check for full stack in _yr_scan_fast_hex_re_exec
discards 9fbb20a Fix bug introduced in 4a532176bd1c973954cf859591b3747f7f76a096
discards 4a53217 Fix issue #368
discards e672cda Add PhishMe to "who's using YARA"
discards 65a8611 Fix segfault when "matches" operator is used with undefined string
discards be4b068 Properly handle negative serial numbers.
discards a4ec688 Merge remote-tracking branch 'core/master'
discards 2fac34b Fix certificate parsing and improve legibility
discards a3f6427 Add SpamStopsHere to Who's using YARA
discards 469bf12 Remove sanity check introduced in previous commit.
discards 5d6d8b1 Fix multiple integer overflow bugs reported by @_icewall
discards 0d02651 Add Picus Security to "who's using YARA"
discards 8427c03 Removed redundant cast.
discards bc1247a Fixed undefined behaviour.
discards a62617a Enable usage of yr_object_print_data() from C++ code.
discards 36a0442 Exposing module data to user and making printout thread-safe.
discards 0fbddb4 Merge remote-tracking branch 'core/master'
discards ace9ede Add missing include
discards b20e6f2 Export hash-table features in YARA's API
discards 3f2f291 Fix issue #359
discards 2698f51 Add Thug to the "who's using YARA" list
discards 86c5034 Fix issue #357
discards ad4beea Document -k/--stack-size option and change wording
discards bd3bb50 Make the stacksize default a #define in yara.c
discards 9accec5 Use stack-size from context, rather than #define
discards ba5d861 Pass the stacksize down to YR_CONTEXT
discards 452b86e Fix up the variable name for stacksize
discards 6db06a4 Create new option -k for stack size
discards c6288b7 Merge pull request #347 from wxsBSD/crypto_crash_fix
discards 470e776 Add ReversingLabs to "who's using YARA"
discards 62513e1 Move declaration to the beginning to be C89 conformant.
discards c747ae4 Merge pull request #352 from wxsBSD/osx_build_fix
discards d20ab5a Merge pull request #348 from wxsBSD/issue_337
discards 9b6c755 Fix build on OS X.
discards 7dfc418 Remove old comment.
discards 62c9bf8 Fix warnings
discards d522a89 Fix potential stack overflow
discards 92fee0f Fix warnings
discards 60de3cc Force parsers to user yr_malloc/yr_free
discards 1891aa1 Fix warning
discards f718c52 Fix infinite loop introduced in 11fd5e4784fa135cbdb64906cc628edb9e9d50ee
discards 52827ec Fix infinite loop introduced in 11fd5e4784fa135cbdb64906cc628edb9e9d50ee
discards 7e14ce2 Indent using spaces
discards 56111a2 Avoid incrementing init_count when yr_initialize fails
discards db099d8 Fix bug introduced in f502bdf4903545cfc75dfe15bed650138da53a81
discards 6960720 Merge branch 'port_to_c89' of https://github.com/plusvic/yara
discards 11fd5e4 Make the code c89 compliant
discards a0f89aa Move this check earlier.
discards 974cebe Bump MAX_PE_IMPORTS to 16384.
discards 5109aba Merge branch 'master' into crypto_crash_fix
discards ff39967 Fix crash in libcrypto when multithreaded.
discards 85e7590 Remove unnecessary assertion
discards 0483691 Merge pull request #343 from wxsBSD/imports_dll
discards c3e7487 Escape special characters when printing metadata strings
discards 39066f3 Allow multiple calls to yr_initialize/yr_finalize
discards a3ce7b9 Merge pull request #346 from wxsBSD/hash_fix
discards 14a465c Fix hash module.
discards 4510007 Add docs for new functions.
discards e301fbc Implement imports_ordinal().
discards cef8527 Merge branch 'master' into imports_dll
discards cb5f612 Add missing #define in Windows
discards a57ba79 Remove -Wshorten-64-to-32 and -Wstrict-prototypes from CFLAGS
discards ac6ba21 Fix warnings
discards 3d663a5 Fix warnings
discards 09b5293 Fix warnings
discards 9397c30 Fix multiple warnings
discards f502bdf Fix warnings "implicit conversion shortens 64-bit value into a 32-bit value"
discards efc6664 Remove yara-python submodule
discards 4180e7f Add yara-python as a submodule
discards 2313b09 Remove yara-python from this repository in order to move it to a separate one
discards a0134ea Override pe.imports().
discards 47f7de2 Prepare Windows project for linking libyara as a DLL
discards 8d7a052 Add missing result check
discards f7198dd Merge pull request #323 from hillu/master
discards d2d6a03 Merge pull request #341 from grrrrrrrrr/master
discards 09ddaf7 Merge pull request #338 from tijko/master
discards cbb63ee Also export the version as __version__.
discards 319c460 Exporting the library version to Python.
discards 151449a Add FSF to "who's using YARA"
discards dd6f615 Add Laika BOSS to "who's using YARA"
discards c7efac7 Fix issue #340
discards 1d5e70d Posix compliant +1 to include null terminator
discards 14dbf62 Use strncpy as proposed by Hilko Bengen in PR #314
discards 6ad1182 Fix bug when section's name is IMAGE_SIZEOF_SHORT_NAME long
discards 89d44ff Fix indentation
discards 913e9b1 Remove unneeded macro
discards c3fe059 Fix indentation
discards 3f1cbf2 Align structures to 8-byte boundaries for better performance
discards 38f5f8f Implement string length operator
discards 8058958 Fix issue causing ungreedy regular expressions resulting in greedy matches
discards a91b23f Add Symantec and BAE Systems to "who's using YARA", and sort the list
discards 113bef3 Filter out invalid characters in hex strings
discards a18e9f3 Reject zero length jumps in hex strings
discards 0cdf30d Fix bug causing external variable defined as -d s="." being handled as a float instead of a string
discards f3f7824 Fix warning
discards b1106ad Return error instead of aborting when regular expression is too large
discards 15d249b More integrity checks while loading compiled rules
discards 30fbe81 Reject hex strings starting or ending with jumps.
discards 4c38b98 Remove unnecessary code
discards d81277b Re-format re_grammar.y
discards fb329f6 Re-format hex_grammar.y
discards be2c1b8 Treat external variables defined as integers unless they contain a dot
discards 6fff18a Handle divisions by zero
discards c666ae1 Fix issue #325
discards 2bd7c65 Fix issue #324
discards 47b1d08 Fix name collision while compiling in Windows
discards cf4746d Fix segfault while parsing corrupted regexps
discards e6a1d4c Use assert() instead of abort() in exception.h
discards 9aa11cb Fix warning "not all control paths return a value" when compiling with Visual Studio
discards bbe8d96 Minor style changes to maintain uniformity
discards 3647610 Merge pull request #322 from hillu/setjmp-exception
discards db22ffd Add exception handling when scanning memory blocks
discards 040db95 Set version number to 3.4.0
discards 406fda8 Fix warnings
discards a7a2319 Avoid warning due to unused variable when profiling is disabled
discards a96846f Document new command-line options
discards 62f8670 Change --print-module-info to --print-module-data
discards 5686c6b Improve printing layout for yr_object_print_data
discards af4daff Update documentation
discards ca4c2e2 Update documentation
discards 7a4f9f5 Fix issue #319
discards a0d44da Add Koodous to "who's using YARA"
discards de462ae Remove unused variable
discards e6604b6 Add missing #endif directive
discards c9ee8fc Rename some ELF segment's fields to match naming convention used in PE module
discards e67d00a Include gcc-specific pragma only when compiling with gcc
discards 79b953c Add missing typecast
discards 9a5b759 Update yara-python documentation
discards 9802ee6 More test cases for regular expressions
discards 76de3a7 Better atom extraction when using {n,m} quantifiers
discards 10da150 Fix an issue with certain regular expressions reporting matches longer than expected.
discards 0e6f070 Implement non-greedy range quantifier in regular expressions
discards 8304634 Revert commit 9c60ecb2e2d11e136d31ccff155d833f4d3d9a1d
discards 2fe34e0 Make "save" and "load" methods more coherent with existing "match" and "compile"
discards fc704b6 Update documentation
discards dcce4d1 Update RPM spec
discards 4576e51 Merge pull request #238 from dkiser/rpmspec
discards 1e0bb3c Remove extra spaces
discards a13e780 Merge pull request #309 from nyx0/master
discards 85456ae Homogenize style
discards 06f9e94 Fix memory leak
discards 0fe4b17 Add Raytheon to "Who's using YARA"
discards ee0069c Optimize mapped files for sequential access
discards 4fd4012 Fix bug while reading from streams in yara-python
discards 5215859 Add more architectures to support
discards 1f018ff Add Linux et Mac files to .gitignore
discards 3cb04bc Fix the ARM architecture value
discards 4cd0998 Add Hilko Bengen to AUTHORS and CONTRIBUTORS
discards 5ccd0b9 Merge pull request #313 from awick/patch-1
discards 6bec4f4 Missing close parenthesis
discards 43f2ec9 Merge pull request #310 from hillu/master
discards a759589 Add thread index (tidx) to scan context
discards 5f02d37 Fix bounds check for iterating over certificates
discards c979823 Merge pull request #312 from rhyselsmore/master
discards decae6f Faster matches cleanup
discards 0643f46 Fix bug introduced in previous commit
discards 1ed8283 Optimize _yr_rules_clean_matches
discards 63d1322 Added Heroku as a user
discards 9c60ecb Get rid of nonsensical configure.ac line that was introduced in f81493e36b82dfa88682884d2036b14fdea6be41
discards 420e8f5 Add x64dbg to list of projects using YARA
discards 2cd162f Merge pull request #307 from wxsBSD/osquery
discards 9661cd5 Merge pull request #308 from hillu/master
discards fd2826a PE module: avoid memory leak if there are no valid PKCS7 certs
discards c84e2e9 Add osquery to list of projects using YARA.
discards ba6e9e4 Add Gitter's badge
discards 24f7936 Use flex 2.5.39 to avoid calls to exit() from inside the parser (issues #267 and #272)
discards 8502393 Stricter file version check
discards 95c78d7 Add missing typecasts
discards d11a682 Fix bug while writing to streams in Python 3.x
discards 97c46f3 Fix issues in yara-python while compiling in Windows
discards 865332e Add stream.c to Vistual Studio project
discards f7353d8 Get rid of designated initializations as MS Visual C++ don't support it
discards b8982db Add missing typecasts causing warnings in Visual C++
discards 7b3f5d1 Add YR_ prefix to FILE_DESCRIPTOR
discards 9da6a85 Merge pull request #283 from hillu/scan-fd
discards ef05a68 Remove the "is_loaded" field from module entries to avoid multithreading issues.
discards d904634 Handle empty strings correctly (issue #303)
discards 348dae6 Perform stream I/O tests without relying on a predefined compiled file
discards 14be846 Merge pull request #304 from shanehuntley/lock_fix
discards 85116f2 Mutex lock on is_loaded bitmask
discards 922f1f9 Merge pull request #293 from michalmalik/master
discards 5d5bb04 Minor style changes
discards 3907a97 Merge pull request #298 from wxsBSD/module_data_option
discards 19b9648 Merge pull request #302 from plutec/master
discards 7adc867 Removed from .gitignore file m4/acx_thread.m4, needed to compile
discards 1e34c4c Merge pull request #299 from hillu/crash
discards b01eeab PE module: avoid off-by-one leading to segfault
discards c71eb11 s/SHOW_MODULE_INFO/SCAN_FLAGS_SHOW_MODULE_INFO/
discards 78336a1 Implement -D (--print-module-info).
discards 07d9d74 Add improvements suggested in pull request #282
discards 4565007 Fix issues with PE files having a corrupt header with wrong number of sections
discards afd2497 Minor style changes
discards 3bbae40 Merge pull request #296 from hillu/crash
discards c19e83a Merge pull request #275 from kai5263499/master
discards 01fd0f6 PE module: avoid segfault after failed allocation.
discards 92827d5 Simplify code and avoid exceeding the 80 characters per line limit
discards 810f175 Merge pull request #294 from wxsBSD/print_module_data_fix
discards d771e5c Merge pull request #291 from shanehuntley/pememleak
discards a5c78e9 Fixed wrong version number (3.2.0) on Windows
discards a6f609f Print non-printable characters in hex.
discards fef2ecc Fix PRINT_MODULE_DATA.
discards 5c76ef7 Added PT_GNU_STACK
discards 67cba93 Merge pull request #3 from michalmalik/michalmalik-patch-3
discards 5921ece Made program headers accessible from elf module
discards 2af8308 Merge pull request #2 from michalmalik/michalmalik-patch-2
discards 6e2d22f Added constants concerning program headers
discards e1f5436 Merge pull request #1 from michalmalik/michalmalik-patch-1
discards 7f2ee48 Fixed midrule at $8 of 'rule' has no declared type
discards 1cc98f7 also limit import numbers to prevent blowup
discards 29d7c62 Stop iterating on resources when resource tables are corrupt.
discards 57e5e9d Add yr_rules_scan_fd API
discards e946414 Add yr_filemap_map_fd API
discards 24e7f8d Merge pull request #289 from JusticeRage/patch-1
discards c1b52ac Update writingmodules.rst
discards 3a4ed03 Improve profiling
discards 5ce0f3e Merge pull request #287 from orangetoaster/master
discards eb0dd14 Included stdint.h for uint16_t, required for more strict compilers.
discards 4fab384 Corrected NDEBUG version of assertf macro to have the same definition as the DEBUG version.
discards 7b9b3d8 Merge pull request #285 from shanehuntley/parsefix
discards 4aafc3e Fix bug where parsing (side effect in assert)
discards e91f2e9 Revert "Show warning for potentially slow loops"
discards dc70062 Show warning for potentially slow loops
discards e45e6cb Merge pull request #284 from wxsBSD/resource_regression
discards c53c083 Fix regression in pe_collect_resources().
discards fc4696c Prepend yr_ prefix to min and max to avoid conflicts in C++ programs
discards 771fb59 Merge pull request #274 from hillu/symbols
discards 71d43ec Fix issue with short-circuit evaluation
discards 0f9d8a0 Fix minor style issues
discards 497cd85 Stricter boundary checks in PE module
discards 223daaf Avoid integer overflows in fits_in_pe macro (issue #277)
discards d4aa74c Don't use "result" variable for temporary values other than function result
discards 21e796d Fix memory leaks
discards 5394e45 Merge pull request #279 from shanehuntley/newlimits
discards 48c4a2b Merge pull request #278 from shanehuntley/leakfix
discards 66229ac Increase limits and dynamically allocate stack.
discards bc9d5b6 Fix memory leaks found using pe module.
discards e654c40 Initialize new_match->chain_length
discards d99f8e8 Merge pull request #276 from cblichmann-google/no-recompute-chain-lengths
discards 8b7eb76 Do not recompute match chain lengths
discards 622e45c fixed build on freebsd 10 with a conditional #define so that warnings are not introduced in other builds
discards 6bd27e0 Remove execution permission from some source files
discards b58bb08 Use GCC's -fvisibility feature together with YR_API definition instead of separately maintained list for exporting symbols
discards d9ff226 Merge pull request #263 from hillu/mingw-workaround
discards d03a673 Merge pull request #268 from axqd/patch-1
discards 55aa93b Fix for running 'configure' in another folder
discards a4d33e2 Add workaround for link failure (undefined reference to '_time32') when cross-compiling with MinGW
discards 02d3c4c Put reference to yextend in a separate paragraph
discards a7e9f35 Fix grammar error
discards 83db30e Put a link to yextend
discards 165c353 Implement short-circuit evaluation
discards 3f56159 Add Websense to "Who's using YARA"
discards 4203961 Fix issue with "save" function not accepting unicode strings in Python 2.x
discards b382dc0 Fix wrong parsing of PE version info
discards aa0f6c4 Avoid infinite loop with certain PE files
discards 4994a2c Fix issue #258
discards 487a35f Merge pull request #257 from cognet/master
discards 3f91011 Don't try to memset() the allocated memory, if the allocation failed.
discards eb6c58a Performance improvement. Write a large chunk of data instead of many individual bytes.
discards ef7da2c Improve streams
discards 22cb508 Merge pull request #252 from hillu/stream
discards 316e5f2 Minor indentation changes
discards b47a70f Merge pull request #256 from moritzkroll/pe-versioninfo-fix
discards 90d16f8 strutils: Made strcmp_w more exact (don't ignore upper byte of wide chars)
discards 4b72a54 PE module: Corrected size of strings in checks
discards 088fc84 PE module: Fix unchecked access to version info buffers
discards 410c9cb python: Add reader for file-like objects
discards 8776e41 python: Add simple test for yara.load(FILE-LIKE-OBJECT)
discards eb726b7 Add yr_rules_load_stream API
discards 324a421 Add yr_arena_load_stream function
discards 022221c Add a simple read-only stream abstraction that supports a fread(3)-like interface
discards 73098ae Fix issue #253
discards 83d531c Update man pages
discards ec05041 Merge branch 'master' of https://github.com/plusvic/yara
discards 7fa2c1f Update Windows project
discards 6468404 Fix an issue with test cases in Python 3.x
discards 0173d3a Replace CreateFile with CreateFileA (issue #205)
discards 4c0cdf9 Include version numbers in header files (issue #221)
discards 93f9ff9 Disable warnings due to deprecated functions
discards e55f989 Implement float external variables
discards d1fa24b Fix buffer overrun
discards 7af1706 Fix issue #237
discards a78f4c9 Define section characteristics constants as they appear in winnt.h
discards b0d0494 Merge pull request #228 with some improvements
discards 1a0a898 Update documentation
discards 59974ef Set version number to 3.3.0
discards 2540594 Don't show bug report message when printing version information
discards d0cabe7 Merge pull request #233 from wxsBSD/section_characteristics
discards 73f1447 Merge pull request #250 from hillu/mingw-cross-fix
discards afa5344 Merge pull request #251 from hillu/python3-test-fix
discards 3474bd7 yara-python/tests.py: Add missing f.close() to avoid warning
discards ff789c0 pe_utils.c: Add missing include for defining struct tm
discards febeaa2 Fix a segfault under low memory conditions
discards 2c1c67c Improve error handling in low memory conditions
discards a5d77f3 Improve error handling in atoms.c
discards 137981f Merge pull request #235 from pozdnychev/check-allocation
discards 8986478 Update Windows project
discards 88a0417 Add missing definitions in Windows
discards a546391 Fix some issues with latest changes in filemap functions in Windows
discards fbb48a4 Implement yr_filemap_map_ex
discards 964a797 Avoid warning due to ambiguous call to overloaded log()
discards d0a9aef Implement log2 function for VC++
discards 5d9a69d Don't use stdbool.h as it doesn't exists in VC++
discards d6c4f83 Add some definitions missing in older versions of WinNT.h
discards 4d00494 Fix issue with strtoll when compiling in Windows
discards d16e628 Remove unused functions
discards 5c8007c Declare loop variables in the "for" statement
discards b6bccf3 Fix issue #249
discards 63659a6 Merge pull request #247 from wxsBSD/doc_fix
discards 76fa8a2 Abbreviate code in re.c
discards 9198ce6 Implement \b and \B anchors in regexps
discards 88f2ed7 Fix an off-by-one memory access
discards 925cc8b Make operator precedence compatible with the C language.
discards 8ebfeee Fix bug in bitwise not (~) operator
discards 6cd9fad Implement unary minus operator
discards 83f39b4 Fix copy/paste mistake in docs.
discards c0f94f6 versionadded: and versionchanged: directives must contain version numbers only
discards 9990a87 Fix incorrect version number in the documentation
discards 1344b55 Merge pull request #245 from crowell/patch-1
discards 25eab58 add radare2 to list of people using yara
discards b90e8b5 Allow to pass custom pointer to compiler callback as suggested in #220
discards 61be5ca Revert wrong attempt to fix issue #240
discards 7072092 Add missing underscore in function name
discards 1a5c369 Comply with the 80 character per line style rule
discards d502157 Merge pull request #241 from hillu/master
discards 81ec39e Fix crash on warnings when no compiler callback has been set.
discards aaefdb2 python: Fix crash when Python 3 cannot decode strings from tags or meta as UTF-8
discards d7ed1c0 Fix build on kFreeBSD
discards 73ebddb python: Add explicit library path
discards eccb434 Merge pull request #232 from wxsBSD/issue_231
discards 6ac4fa5 Merge pull request #234 from wxsBSD/docs
discards a86dad9 Merge pull request #236 from SleuthKid/patch-1
discards 60e7e28 Merge pull request #244 from wxsBSD/issue_243
discards f382799 Update docs to reflect 32BIT_MACHINE change.
discards fe0c3b9 Rename to MACHINE_32BIT.
discards 922ecec Fix 32BIT_MACHINE issue.
discards 3a4776a Adding examples specs for yara/yara-python rpm's.
discards 032c394 Update yarapython.rst
discards 6daa528 fix: check return values of memory allocation functions
discards 81f3ae4 Remove "often", it's ambigious.
discards b8cfec8 Add docs for new stuff.
discards 9a282e6 Remove unused integers.
discards 7f7487d Expose new constants in PE module.
discards b3d1df4 Use virtual_address and virtual_size when scanning memory.
discards f4b4ad1 No need to add image_base.
discards cfbe125 Remove old line I was using for debugging.
discards 3b87282 Implement section_index_addr().
discards e82821d Remove extra semicolon
discards 0bd0fa9 Add section characteristics.
discards c1cf3df Merge branch 'master' into issue_231
discards f1fe727 Fix issues with previous commit
discards 111133d Rename double to float
discards 334bd1a Add support for pkg-config
discards 35f0961 Merge branch 'master' into issue_231
discards e378aa1 Fix previous commit, the operation should be decrement instead of increment
discards b019227 Fix bug while handling dictionary objects
discards 6b6b771 Comment previous change
discards 2705515 Include terminating NULL character in strings written to sz_arena
discards da309b7 Penalize spaces and newlines in strings
discards 100405e Merge branch 'master' into issue_231
discards 9d1c14a Fix bug while handling negative integers
discards 962d5df Fix warning due to uninitialised variable with certain compilers
discards ba91e84 Fix warning due to uninitialised variable with certain compilers
discards af80d46 Handle negative array indexes correctly
discards 5b117b6 Add support for negative numbers
discards a208f42 Simplify serial correlation functions.
discards 4f5c657 Minor style changes
discards 03b7055 Remove unused variable
discards 0e652fb Merge pull request #227 from wxsBSD/entropy_rename
discards 9890eb4 Fix warning due to declaration inside switch statement
discards 134fceb Stop using UINT_TO_PTR macro
discards a8d6eea Use the OptionalHeader.Magic value.
discards 2e24d70 Add all known Machine types.
discards 4062f05 Remove IS_UNDEFINED checks after e275dcb6.
discards e6ff7e5 Merge branch 'master' into entropy_rename
discards a563875 Implement in_range(), which is inclusive.
discards 65cff67 Rename to just deviation().
discards 6e1f6ca Move from mean_err() to just mean().
discards 35fa585 Define MEAN_BYTES as 127.5.
discards 4f8a039 Implement declare_double() and set_double().
discards e8047b1 Implement mean_deviation.
discards ea84299 Change to "mean_err" and make it take an expected value.
discards f2f206c Re-implement valid_on using new is_undefined function
discards d2044aa Implement a function to check for undefined values. Minor improvements in PE module.
discards e275dcb Check function arguments for undefined values before calling the function.
discards c2a4d45 Rename break_if_undefined to ensure_defined
discards bb6bb84 Fix issue with undefined floating points values
discards e98e08d Remove fabs() and abs().
discards df8d49d Implement Monte Carlo from Pi test.
discards a761daf Implement serial correlation.
discards e880c59 Merge branch 'master' of https://github.com/plusvic/yara into entropy_rename
discards befaa7c Add arithmetic mean and abs/fabs.
discards 65437b5 Check for math library in configure.ac
discards 2fcfa86 Implement a cleaner solution to push_dbl and pop_dbl and avoid warnings.
discards 45352ea Remove dead code (issue #225)
discards d9f7e2c Fix bug in multiplication
discards 9784167 Add test cases for string comparison operators and floating point arithmetic operations
discards 3149381 Implement operators >=, >, <, <= for strings
discards fd20014 Small improvements in exec.c
discards 912bf6c Simplify grammar.y by introducing yr_parser_reduce_operation function
discards 37ab9a3 Rename module.
discards 1e28720 Start to rename entropy to math.
discards d84e0f9 Merge pull request #224 from wxsBSD/entropy2
discards d5b071c Remove "data" from resources.
discards 4e4b784 Add offset to resources and switch to length.
discards 6bb131d Fix regression issue
discards 133df5c Fix minor style issues
discards 682d4d4 Rename CLEANUP macro to a more meaningful name
discards 4a354cf More coherent instruction names
discards f3b9bd3 Merge pull request #215 from wxsBSD/resource_name_and_entropy
discards 6e6b906 Implement get_double().
discards efa92a6 Forgot to commit this in previous one.
discards 963b1a5 Add a DO_CASTS macro.
discards a5e0f8f Remove unused macros.
discards bbc0ae6 Merge branch 'master' into resource_name_and_entropy
discards 86d991e Add new instructions for working with doubles.
discards 82a4212 Fix segfaults in PE module
discards 6869686 Remove debugging statement.
discards 3bc5efd Error message instead of triggering assertion on certain syntax errors
discards 161e324 Fix issue #218
discards 181f206 Fix incorrect cast.
discards a51eaf2 Merge branch 'master' into resource_name_and_entropy
discards dd4f0cc Start to implement double support.
discards a7b6dfe Fix bug in PE module
discards 6280cd4 Fix segmentation fault in ELF module
discards f0ea82a Merge pull request #214 from ortizmj12/patch-1
discards a64c155 Merge branch 'master' into resource_name_and_entropy
discards c8c0925 Improve resource handling and add entropy.
discards 963f1ba Fix issue #213
discards 56566c5 Fixed command to install yara-python extension
discards 0434bb9 Fix compile error due to undefined identifier
discards a430718 Fix some issues while compiling in Windows
discards a3af96a Update Windows project
discards 0bb3273 Minor style changes
discards 9ae81c0 Merge pull request #209 from pozdnychev/master
discards 2524d0c fix: data leak in case of error in yr_process_get_memory
discards 279ae0b Minor style changes
discards fbeada1 Merge pull request #207 from pozdnychev/master
discards 7297977 Fix incorrect line number for syntax errors after a regexp declarations
discards 47ff529 internals: use ERROR_SUCCESS and ERROR_INSUFICIENT_MEMORY instead of 0/-1
discards 2773c9b fix issue #206
discards d3a1fff Fix issue in Python 2.4
discards f6c24df Fix warnings
discards d23f884 Fix warnings
discards a9bbb79 Fix issues while building in some systems
discards a292777 Accept None for argument "externals"
discards 089eb65 Merge pull request #203 from pozdnychev/master
discards eb3e20a fix: compilation error because of multiple function declarations
discards 7cc63b1 Avoid hitting a bug in lldb-320.4.152
discards cce7c5d Initialize timeout with a large number
discards c0628c8 Fix --timeout argument to work with directories
discards 08f9871 Fix segfault in PE module
discards 116b5e1 Replace argparse with my own argument parsing code
discards 3234c4b Implement --pring-namespace commad-line argument
discards c637143 Update Visual Studio project
discards dc71f72 Use integer arithmetic instead of floating point operations and fix problems in C++
discards e6db3bf Fix warnings
discards 141db64 Fix incorrect initialization of thread_storage_key in Windows
discards f51c608 Use argparse library to parse command line arguments and some other improvements
discards 2aeb167 Avoid segfault when yr_re_finalize is called before yr_re_initialize
discards 8e55590 Fix memory and handle leaks
discards aff604d Fix issues when using dmalloc
discards 01dfe38 Merge pull request #199 from wxsBSD/ord_lookup_fix
discards 5cb324a Fix a problem with ord_lookup.
discards 81f4349 Fix segfault with some syntax errors and improve error reporting
discards 344d27a Increment ARENA_FILE_VERSION
discards 5480ab8 Add missing library to setupwinXX.py
discards ba58fe2 Bump to version 3.2.0
discards f3edcf2 Improve syntax error recovery
discards 3b2b9fd Update documentation
discards 76bfdec Implement "checksum" function
discards 72af49a Improve legibility of hash module
discards 72136d8 Update documentation
discards d293513 Check for undefined arguments in hash functions
discards 86c4afb Remove "hash" function from "rich_signature"
discards 2d93221 Implement hash functions receiving string arguments
discards d79d7b6 Add missing type check
discards accf5e1 Add missing type check
discards ac33844 Include "offset" and "length" in pe.rich_signature and remove "start"
discards ab2d2df Add big-endian versions for intXX and uintXX functions
discards 5efae9c Improve DLL name validation by rejecting empty names
discards dd2afc6 Sanitise DLL names in import table and fix memory leak
discards 6832b36 Improve sanitation in PE module to avoid segfaults
discards 0cd95ae Implement functions sha1 and sha256 in "hash" module
discards f006dc8 Fix incorrect handling of undefined boolean expressions in a for loop
discards 400a62c Merge branch 'master' of https://github.com/plusvic/yara
discards 2f31e89 Simplify "valid_on" function and remove "valid_before" and "valid_after"
discards 1ab5a43 Make WIN_CERTIFICATE declaration available in Windows
discards 11c7825 Implement timegm for platforms not including it
discards 395daec Fix false positive in "fullword" matches when string is declared both "ascii" and "wide"
discards 2dc3473 Merge pull request #197 from wxsBSD/import_fix
discards 987b81d Address an import parsing problem.
discards f678d4b Fix bug introduced in previous commit
discards 46fee1a Improve sanity checks in pe_parse_certificates
discards 7bf0c83 Fix bug in "imports" function of PE module
discards 93cce90 Add missing define
discards 88088c0 Check for memmem function during configuration
discards 65403b5 Change some char* to const char*
discards 4344883 Add Metaflows to "who's using YARA"
discards 42236e6 Fix some possible memory leaks
discards 59b643b Remove unnecessary call to BIO_set_close, BIO_CLOSE flag is set by default
discards 0e67efe Remove unnecessary counter decrement
discards 3455dc7 Fix wrong identifier
discards bcabb68 Simplify the serial number length computation
discards 5f39dcc Use statically allocated buffer with X509_NAME_online.
discards dda6c74 Move utility functions out of pe.c and other minor changes
discards eafd5b5 Merge pull request #191 from wxsBSD/authenticode
discards 9a70c64 Implement valid_on().
discards c8f03ac Implement valid_before() and valid_after().
discards 10d6554 Make not_before and not_after be integers.
discards 8c1ce59 Use HAVE_LIBCRYPTO.
discards 7f31078 Merge branch 'master' into authenticode
discards b86a6f6 Return error if hex strings are too long
discards b5a4229 Fix problem from cherry-picked commit.
discards 9214193 Implement overloaded not_before() and not_after().
discards 592d2ff Merge branch 'master' into authenticode
discards 557aa9a Add test case for functions receiving strings
discards ccd52bc Fix string_argument macro to correctly handle SIZED_STRINGs
discards f901baa Fix warning caused by comparison between integer and pointer
discards 3e260f3 Fix issue #195
discards 9057a81 Adhere to upstream style.
discards 083ec11 Merge branch 'master' into authenticode
discards 3c4b246 Fix issue with functions declared in a structure contained in an array
discards a039141 Replace tabs with spaces
discards 0d4d719 Fix bug in overloaded functions
discards 5ba87be Add OpenSSL to Windows project
discards c8b74ed Fix warning
discards deff68d Add missing semicolon
discards d2b98fe Implement "memmem" function and fix minor style issues
discards 62d8318 Fix some warnings and errors while compiling on Windows
discards a2d920a Merge branch 'master' into authenticode
discards aaee659 Detect presence of OpenSSL library and build accordingly
discards 5aa4262 Free stack of certs.
discards b89c211 Track ASN1_TIME structures in a list.
discards 6fc5eed Use not_before and not_after.
discards 86db33c Pluralize "signature" and use "number_of_signatures"
discards 1e04878 Conditionalize the counter decrementing.
discards fe83cf1 Fix bug where array length was off by one.
discards 4be9088 Implement signature as an array.
discards 3939b90 Merge branch 'master' into authenticode
discards 438430a Add Trend Micro to "who's using YARA" list
discards e9ba9c2 Remove unnecessary code.
discards a6f3e43 Fix comparisons.
discards 0f26410 IMAGE_SECURITY_DESCRIPTOR -> WIN_CERTIFICATE
discards d8a2bc2 Cleanup bounds checks and comments.
discards 88624bc Make length check bounded to directory.
discards 5c32607 Add extra comment explaining why this check most likely fails.
discards b2e9cd0 Fix length check. The docs are confusing.
discards 7c2d090 Fix some bugs.
discards 195a022 Merge branch 'master' into authenticode
discards bd6dac6 Merge pull request #188 from wxsBSD/null_ptr_fix
discards a2eef63 Properly calculate the next certificate entry.
discards 97faa69 Merge branch 'null_ptr_fix' into authenticode
discards a679710 imphash returns a string.
discards d8b14f6 Merge branch 'null_ptr_fix' into authenticode
discards 3797107 Fix a NULL ptr deref.
discards a89b293 Merge branch 'master' into authenticode
discards 7e3156f Fix serial handling.
discards 1c0968d Fix wrong boundaries check causing segfault
discards cdadb9e Fix warning
discards a7ce07e Remove references to "aprintf" and fix a memory leak
discards df87f7e Fix possible buffer overrun
discards 96e6d9e Implement yr_strndup
discards 2b73387 Merge branch 'master' into authenticode
discards d3f2707 Add missing include
discards c815301 Minor improvements in PE module
discards f9fbd86 Issue warning on regular expressions containing .*
discards fbafd23 Remove old comment.
discards a1fe3e1 Cleanup comments, fix leaks, etc.
discards 50f598d Start to implement certificate parsing.
discards 3ea3db2 Fix misplaced constants
discards fda7ef9 Remove unused variable
discards 561f61e Replace htonl with bigendian macro
discards 10d1c97 Merge pull request #186 from wxsBSD/length_fix
discards 77ad1e7 Fix a copy/paste mistake in richhash.
discards ea89d01 Merge pull request #185 from wxsBSD/pe_parse_imports_fix
discards 6e1b851 Fix build on OS X.
discards 2fe67ce Homogenize comments
discards 95c8160 Refactor parse_imports to to reduce complexity and indentation levels
discards 2338e6c Use OpenSSL to calculate hashes and change prototypes for "richhash" and "imphash"
discards 326c09f Comply with YARA's style
discards 3a8bd42 Fix issues with pull request #184
discards 0820967 Merge pull request #184 from wxsBSD/richpe
discards 8b56f40 Address concerns around set_string().
discards bf5a1e4 Implement yr_calloc() and switch yr_malloc() back.
discards 7afe1c3 Merge branch 'master' into richpe
discards c0c1761 Add Wesley Shields to AUTHORS and CONTRIBUTORS
discards a9d7b78 Merge branch 'master' into richpe
discards c9fd5ab Fix copy/paste mistake.
discards b34c0db Fix minor style issues in modules/hash.c
discards c82cc9e Merge pull request #183 from karlhiramoto/hash
discards 5af437a Update Visual Studio projects to use C++ instead of C compiler
discards d4e5eb8 Fix warnings in while compiling in C++
discards f698147 Fix minor issues while compiling in Windows
discards 925da0d Add YR_API macro for declaring functions as extern "C" in C++
discards ce8f8c4 Remove DirectoryEntries from IMAGE_RESOURCE_DIRECTORY
discards 88a25d2 Function 'input' is called 'yyinput' in C++
discards 4f3c9a0 Fix pe.h
discards c2a36b6 Fix multiple warnings when compiling as C++
discards 09b306f Fix multiple warnings when compiling as C++
discards ce43573 hash module
discards ae6f8a4 Declare lexers as never-interactive
discards f3722ba Fix one-byte overflow.
discards 55c0280 Remove unnecessary assignment.
discards 4a65288 Merge branch 'master' into richpe
discards ff6646c Implement sha256 of rich signature.
discards e5369ca Avoid stack overflow
discards f37e97e Improve atom quality calculation
discards 21cc617 Add some sanity checks to resources iteration routine in PE module
discards 719995c Fix early returns.
discards cde939e Merge branch 'master' into richpe
discards 362c667 Switch from using OpenSSL to stand-alone MD5.
discards 7e99c64 Fix bugs while parsing PE version information
discards c80a56b Improve atom quality calculation
discards 5ed3203 Improve detection of strings slowing down the scanning
discards c20bac2 Rename cur_rule to iter_current_rule
discards 9f7a178 Fix segfault in yara-python
discards 0763b7a Fix issue #181
discards 4db20e7 Improve ACX_PTHREAD usage
discards a19faec Fix comment.
discards bf6ce6a Pass length of string properly.
discards fd30212 Remove comment that is OBE.
discards 9c00c3d Remove comment that is OBE.
discards 8f3866f Use -lcrypto.
discards c31b756 Fix missing IMAGE_FILE_MACHINE_AMD64.
discards 3c95eca Merge branch 'master' into richpe
discards 6df98c0 Implement import hashing.
discards 1c8b82e Use calloc() instead of malloc().
discards 5ade2bf Fix warning due to a wrong format specifier for printf
discards c8d9821 Fix warning due to uninitialized variable
discards d15585f Fix issue #180
discards 9dea8c6 Use ACX_PTHREAD macro for configuring PTHREADS
discards a25f996 Chase string_argument revert.
discards 2a61599 Revert string_argument being SIZED_STRING.
discards 1b48ae8 Merge branch 'master' into richpe
discards 5ae1a05 Update documentation
discards 55ee00d Implement yr_rules_foreach and use it where appropriate
discards 6a1c56a Merge pull request #178 from wxsBSD/IMAGE_FILE_MACHINE_AMD64
discards f4b2c31 Use IMAGE_FILE_MACHINE_AMD64 appropriately.
discards 55c6c83 Use IMAGE_FILE_MACHINE_AMD64 appropriately.
discards 77082a6 Merge branch 'master' into richpe
discards 86ec8c7 Fix uninitialized variable warning
discards 7a83bd9 Fix uninitialized variable warning
discards a8eccdd Fix typos
discards 97ea49c Update documentation
discards b85adb0 Add 'begin_struct_dictionary' and 'end_struct_dictionary'
discards 81ff989 Fix issues in PE module
discards 80eeb8e Implement module data printing
discards f002d92 Implement "locale" function in PE module and improve buffer bounds checking
discards 72f0cc5 Implement overloaded functions
discards 903ba46 Remove dead code.
discards 2446f23 Merge pull request #175 from wxsBSD/rule_iter
discards 430b941 Implement "matches" for strings.
discards 4c08d65 Implement rule iterators.
discards 4a73f8b Start to implement rich_signature.
discards 39fcd4a Merge pull request #174 from wxsBSD/elf_fix
discards cd54bea Fix "duplicate structure member" error in elf.
discards b82ad28 Add Tanium to the "who's using YARA" list
discards b746e50 Implement .version_info dictionary in PE module
discards 0bff066 Implement dictionaries
discards b0b592d Fix issue #171
discards 76dee58 Fix issue #169
discards 4a0e558 Fix bugs in previous commit
discards a5a8b51 Improve scanning speed by matching certain strings only at fixed offsets
discards 367b0ea Implement resources parser and language identification in PE module
discards cbd096f Fix typo. "Duplicated" instead of "duplicate".
discards 1bbc215 Return error when declaring duplicated structure members
discards ab30621 Document ELF module
discards c9622ab Implement ELF module
discards d6b4afe Add missing include
discards 0cbd3d2 Add missing include
discards 3f97c63 Fix wrong includes
discards 8b51e22 Fix wrong includes
discards 6d2dee1 Fix wrong file name in hex_lexer.h
discards 1ed3d39 Fix wrong file name in Makefile.am
discards 80b340b Fix issue #165 by reorganizing header files
discards 41493c9 Fix #164
discards a6ad94b Add config.h for Windows
discards 356e013 Remove unnecessary files
discards 9c71ec1 Update README file
discards 3462b7f Release version 3.1.0
discards 03b015e Don't generate debug information for release version
discards ffc0a33 Replace WIN32 with _WIN32
discards 3daf2bd Update the documentation
discards 87df834 Fix bug introduced in previous commit
discards d196b97 Provide an implementation for strlcat and strlcpy and use them where appropriate
discards 8df08b8 Use strlcat, strlcpy, and snprintf instead of strcat, strcpy and sprint to avoid warning in OpenBSD
discards a85a72f Use strlcat, strlcpy, and snprintf instead of strcat, strcpy and sprint to avoid warning in OpenBSD
discards 689c41d Merge pull request #163 from swdunlop/master
discards b274520 added new libyara headers to yarainclude_HEADERS
discards 829348a Add missing newlines at the end of files
discards 174cda2 Homogenize newlines at the end of files
discards a7c1dc2 Fix issues with Bison 3.0
discards bc3bc53 Fix issues with Bison 3.0
discards 0de8878 Merge pull request #161 from billmarczak/master
discards f329724 make 'dns_lookup' usable
discards 61f517d Implement "magic" module based on Armin Buescher's original idea.
discards ac87a92 Fix double invocation side-effect when passing a function to return_string() macro, like in return_string(f(...))
discards a22f289 Accept functions without arguments
discards 2d04878 Improve error reporting when a function is called with wrong number of arguments
discards 5e3282b Fix some warnings
discards 75139e2 Handle zero-length files as normal files and remove zero-length errors.
discards 1c5ac31 Fix issues introduced in yara-python
discards f56608c Improve error handling
discards d5ed62e Implement module_initialize and module_finalize
discards 7b3f904 Remove reference to yara-python installation with PIP
discards 500e588 Merge pull request #158 from sroberts/patch-1
discards 5274d45 Added Homebrew installation instructions.
discards 68d8a49 Fix issue #157
discards 797c485 Show appropriate error message when importing an unknown module
discards 3b5ddd0 Replace WIN32 with _WIN32. The latest is defined by the compiler and doesn't need to be defined externally.
discards e6db404 Fix non-escaped characters in documentation
discards 2dd8274 Improve buffer bounds checking in PE module
discards 2eaafa8 Fix buffer overrun in PE module
discards a9db0ea Update documentation
discards 48c43c5 Merge pull request #151 from corumir/patch-1
discards 36dadb0 Update writingmodules.rst
discards dcf80f7 Update version number in documentation
discards 8e85126 Fix some issues while compiling in Windows
discards 8cc6a99 Add missing patch version
discards 35d9ce6 Release version 3.0.0
discards 542c955 Document the command-line -x option in the man page and add example to documentation
discards 37bdd55 Fix typo
discards c195f6f Update documentation
discards 91f4e74 Update documentation
discards 8e869c6 Replace fast_scan_mode boolean argument with flags for greater flexibility in the future
discards 6d1a26b Implement iteration macros
discards d972eed Update exported symbols
discards d75fc00 Change some "char*" to "const char*"
discards 33bd8fd Fix issue #148 by asserting that yr_compiler_get_rules was not called before yr_compiler_add_file/yr_compiler_add_string
discards 57ef744 Fix issue #147
discards ba112e0 Update documentation
discards d06a778 Remove yr_compiler_push_file_name from the public API
discards 92e1c36 Rename YR_COMPILER_CALLBACK to YR_COMPILER_CALLBACK_FUNC
discards 425dade Implement yr_compiler_set_callback
discards 70852a8 Add declare_ prefix declaration macros to avoid collision with type "string" in C++
discards 6751779 Raise warning when the deprecated "entrypoint" keyword is used
discards 7958ed4 Add extern "C" directive to yara.h
discards ec5eb9f Bug fix: Start of string anchor (^) not working properly with wide strings
discards 285d538 Fix warning about uninitialised variable and add assert
discards f8fd52d Enable optimisations by default
discards e33266d Fix issues with parent() in Cuckoo module
discards 1387428 Remove dmalloc from config.h
discards 077fba2 Add Blueliv and Adlice to "Who's using YARA"
discards 8552b47 Add test case for functions in modules
discards f3e8b0f Update documentation
discards 0c1a27a Rename self() to parent() and add module() to module's API
discards c4ae098 Implement imports() function and other small changes in PE module
discards b86ef21 Implement exports() function in PE module and add support for 64-bit PEs
discards 9575382 Update documentation
discards 2f16c3a Make scan context accesible to module functions
discards a8ddf6f Update documentation
discards 912bb62 Add first_memory_block macro
discards 3c577a7 Update documentation and remove old one
discards 0780c6e Fix issue with documentation config in readthedocs.org
discards 4ff1b48 Add more tests and remove unnecessary #undef directives
discards c285e54 Add string_array macro to modules.h
discards 044be47 Add demo module
discards a9fd7f2 Replace uint8_t* type with RE_CODE for regular expression code
discards 7fdcb84 First draft of documentation
discards 86b09b4 Rename modules/list to modules/module_list
discards c864034 Setup new documentation
discards b0b3c7f Fix problem with string matches offsets not being treated as virtual addresses while scanning a process
discards f609e10 Set multi-byte character set for Windows projects
discards b056a7d Fix bug in Window's version of is_directory function
discards a9dd9e4 Fix bug in PE module caused by misplaced break
discards b41d264 Add missing Jansson files
discards 6a11508 Fix compilation in Windows
discards 609ee5a Add missing includes in Windows
discards 7857a47 Put leading and trailing underscores to tokens, to avoid conflicts with other types and macros
discards 82b2c61 Rename token SIZE to FILESIZE to avoid conflicts with windef.h in Windows
discards f5c045a Calculate pe.entry_point value differently for file and process memory scans
discards 65170ff Remove unnecessary file
discards 26c456d Add more test cases
discards d907fdd Rename YR_EVALUATION_CONTEXT to YR_SCAN_CONTEXT and some other minor changes
discards 7690f84 Rename YR_EVALUATION_CONTEXT to YR_SCAN_CONTEXT and some other minor changes
discards 3773bb1 Fix bug in yara-python causing segmentation faults
discards 3344ada Fix issues with includes
discards fcc71e0 Remove unnecessary code
discards f81eeaf Fix bug in yara-python
discards 51aeb0e Fix issue with undefined strings
discards 1d65669 Fix bug caused by missing flags initialisation while splitting a regular expression
discards bd40304 Add subdir-objects to automate options
discards a890012 Implement modules support
discards f40567a Add Blue Coat to "Who's using YARA"
discards 13096f3 Merge pull request #137 from kcreyts/patch-2
discards f6d91d7 Fix issue with files larger than 4GB
discards f884da4 Update README.md
discards af78ed3 Add Fox-IT to "who's using YARA"
discards e13a5bc Merge pull request #134 from wxsBSD/master
discards ee6289b Increment initial arena sizes to reduce the number of memory allocations
discards 035b2a2 Avoid segfault while scanning some processes in Windows
discards f0e80c7 Fix wrong #ifdef
discards 89cde68 Implement profiling support
discards 3216460 Minor style fixes
discards cb4d544 Fix minor issues in arena.c
discards 0ce0d33 Adjust value for RE_MAX_CODE_SIZE
discards 79304f3 Fix issue caused by regexp code spanning over non-contiguous arena pages
discards efd5b45 Remove unused prototype.
discards 67eb56c Fix bug introduced in commit 08c8456a0728522b347e936f66b98676a890cd09
discards 74a7e4e Fix issue #131
discards 01bb023 Add ThreatStream to "who's using YARA"
discards f1999cb Fix bug while handling nested includes
discards 08c8456 Fix bug in regular expression engine causing false negative matches
discards bfe9980 Fix segmentation fault caused by invalid characters in regular expressions.
discards 74ca113 Fix issue #127
discards a5736f9 Add Bayshore Networks to "Who's using YARA"
discards e87621b Fix typo
discards f22999b Enable optimization settings
discards 9cae43b Add test case for nested loops
discards c9d6d93 Fix bug causing segmentation fault when using nested loops
discards 24d001d Fix buffer overflow
discards 372ce64 Fix warning about uninitialized variable
discards 345bf84 Fix bug in yr_re_exec logic
discards 4dc0442 Fix issue with ^ anchor in regular expressions used with "matches" operator. Make yr_re_exec easier to read.
discards df57f01 Fixed structure member name typo.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list