July 2017 Archives by thread
Starting: Sat Jul 1 10:23:12 UTC 2017
Ending: Wed Jul 26 13:50:02 UTC 2017
Messages: 1383
- [Forensics-changes] [yara] branch master updated (0f34c5c -> fc887e9)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag debian/3.6.2+dfsg-2 created (now f1d5b5d)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag debian/3.6.2+dfsg-3 created (now a510e40)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v2.1.0 created (now 6530e73)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v3.1.0 created (now 803c35d)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v3.3.0 created (now 85e913e)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v3.4.0 created (now 5bd0992)
Hilko Bengen
- [Forensics-changes] [yara] 01/368: Fixed structure member name typo.
Hilko Bengen
- [Forensics-changes] [yara] 02/368: Add exception handling when scanning memory blocks
Hilko Bengen
- [Forensics-changes] [yara] 03/368: Merge pull request #322 from hillu/setjmp-exception
Hilko Bengen
- [Forensics-changes] [yara] 04/368: Minor style changes to maintain uniformity
Hilko Bengen
- [Forensics-changes] [yara] 05/368: Fix warning "not all control paths return a value" when compiling with Visual Studio
Hilko Bengen
- [Forensics-changes] [yara] 06/368: Use assert() instead of abort() in exception.h
Hilko Bengen
- [Forensics-changes] [yara] 07/368: Fix segfault while parsing corrupted regexps
Hilko Bengen
- [Forensics-changes] [yara] 08/368: Fix name collision while compiling in Windows
Hilko Bengen
- [Forensics-changes] [yara] 09/368: Fix issue #324
Hilko Bengen
- [Forensics-changes] [yara] 10/368: Fix issue #325
Hilko Bengen
- [Forensics-changes] [yara] 11/368: Handle divisions by zero
Hilko Bengen
- [Forensics-changes] [yara] 12/368: Treat external variables defined as integers unless they contain a dot
Hilko Bengen
- [Forensics-changes] [yara] 13/368: Re-format hex_grammar.y
Hilko Bengen
- [Forensics-changes] [yara] 14/368: Re-format re_grammar.y
Hilko Bengen
- [Forensics-changes] [yara] 15/368: Remove unnecessary code
Hilko Bengen
- [Forensics-changes] [yara] 16/368: Reject hex strings starting or ending with jumps.
Hilko Bengen
- [Forensics-changes] [yara] 17/368: More integrity checks while loading compiled rules
Hilko Bengen
- [Forensics-changes] [yara] 18/368: Return error instead of aborting when regular expression is too large
Hilko Bengen
- [Forensics-changes] [yara] 19/368: Fix warning
Hilko Bengen
- [Forensics-changes] [yara] 20/368: Fix bug causing external variable defined as -d s="." being handled as a float instead of a string
Hilko Bengen
- [Forensics-changes] [yara] 21/368: Reject zero length jumps in hex strings
Hilko Bengen
- [Forensics-changes] [yara] 22/368: Filter out invalid characters in hex strings
Hilko Bengen
- [Forensics-changes] [yara] 23/368: Add Symantec and BAE Systems to "who's using YARA", and sort the list
Hilko Bengen
- [Forensics-changes] [yara] 24/368: Fix issue causing ungreedy regular expressions resulting in greedy matches
Hilko Bengen
- [Forensics-changes] [yara] 26/368: Align structures to 8-byte boundaries for better performance
Hilko Bengen
- [Forensics-changes] [yara] 27/368: Fix indentation
Hilko Bengen
- [Forensics-changes] [yara] 28/368: Remove unneeded macro
Hilko Bengen
- [Forensics-changes] [yara] 29/368: Fix indentation
Hilko Bengen
- [Forensics-changes] [yara] 30/368: Fix bug when section's name is IMAGE_SIZEOF_SHORT_NAME long
Hilko Bengen
- [Forensics-changes] [yara] 31/368: Use strncpy as proposed by Hilko Bengen in PR #314
Hilko Bengen
- [Forensics-changes] [yara] 32/368: Posix compliant +1 to include null terminator
Hilko Bengen
- [Forensics-changes] [yara] 33/368: Fix issue #340
Hilko Bengen
- [Forensics-changes] [yara] 34/368: Add Laika BOSS to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 35/368: Add FSF to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 36/368: Exporting the library version to Python.
Hilko Bengen
- [Forensics-changes] [yara] 37/368: Also export the version as __version__.
Hilko Bengen
- [Forensics-changes] [yara] 38/368: Merge pull request #338 from tijko/master
Hilko Bengen
- [Forensics-changes] [yara] 39/368: Merge pull request #341 from grrrrrrrrr/master
Hilko Bengen
- [Forensics-changes] [yara] 40/368: Merge pull request #323 from hillu/master
Hilko Bengen
- [Forensics-changes] [yara] 41/368: Add missing result check
Hilko Bengen
- [Forensics-changes] [yara] 42/368: Prepare Windows project for linking libyara as a DLL
Hilko Bengen
- [Forensics-changes] [yara] 43/368: Override pe.imports().
Hilko Bengen
- [Forensics-changes] [yara] 45/368: Add yara-python as a submodule
Hilko Bengen
- [Forensics-changes] [yara] 46/368: Remove yara-python submodule
Hilko Bengen
- [Forensics-changes] [yara] 47/368: Fix warnings "implicit conversion shortens 64-bit value into a 32-bit value"
Hilko Bengen
- [Forensics-changes] [yara] 48/368: Fix multiple warnings
Hilko Bengen
- [Forensics-changes] [yara] 49/368: Fix warnings
Hilko Bengen
- [Forensics-changes] [yara] 50/368: Fix warnings
Hilko Bengen
- [Forensics-changes] [yara] 51/368: Fix warnings
Hilko Bengen
- [Forensics-changes] [yara] 52/368: Remove -Wshorten-64-to-32 and -Wstrict-prototypes from CFLAGS
Hilko Bengen
- [Forensics-changes] [yara] 53/368: Add missing #define in Windows
Hilko Bengen
- [Forensics-changes] [yara] 54/368: Merge branch 'master' into imports_dll
Hilko Bengen
- [Forensics-changes] [yara] 55/368: Implement imports_ordinal().
Hilko Bengen
- [Forensics-changes] [yara] 56/368: Add docs for new functions.
Hilko Bengen
- [Forensics-changes] [yara] 57/368: Fix hash module.
Hilko Bengen
- [Forensics-changes] [yara] 58/368: Merge pull request #346 from wxsBSD/hash_fix
Hilko Bengen
- [Forensics-changes] [yara] 59/368: Allow multiple calls to yr_initialize/yr_finalize
Hilko Bengen
- [Forensics-changes] [yara] 60/368: Escape special characters when printing metadata strings
Hilko Bengen
- [Forensics-changes] [yara] 61/368: Merge pull request #343 from wxsBSD/imports_dll
Hilko Bengen
- [Forensics-changes] [yara] 62/368: Remove unnecessary assertion
Hilko Bengen
- [Forensics-changes] [yara] 63/368: Fix crash in libcrypto when multithreaded.
Hilko Bengen
- [Forensics-changes] [yara] 64/368: Merge branch 'master' into crypto_crash_fix
Hilko Bengen
- [Forensics-changes] [yara] 65/368: Bump MAX_PE_IMPORTS to 16384.
Hilko Bengen
- [Forensics-changes] [yara] 66/368: Move this check earlier.
Hilko Bengen
- [Forensics-changes] [yara] 68/368: Merge branch 'port_to_c89' of https://github.com/plusvic/yara
Hilko Bengen
- [Forensics-changes] [yara] 69/368: Fix bug introduced in f502bdf4903545cfc75dfe15bed650138da53a81
Hilko Bengen
- [Forensics-changes] [yara] 70/368: Avoid incrementing init_count when yr_initialize fails
Hilko Bengen
- [Forensics-changes] [yara] 71/368: Indent using spaces
Hilko Bengen
- [Forensics-changes] [yara] 72/368: Fix infinite loop introduced in 11fd5e4784fa135cbdb64906cc628edb9e9d50ee
Hilko Bengen
- [Forensics-changes] [yara] 73/368: Fix infinite loop introduced in 11fd5e4784fa135cbdb64906cc628edb9e9d50ee
Hilko Bengen
- [Forensics-changes] [yara] 74/368: Fix warning
Hilko Bengen
- [Forensics-changes] [yara] 75/368: Force parsers to user yr_malloc/yr_free
Hilko Bengen
- [Forensics-changes] [yara] 76/368: Fix warnings
Hilko Bengen
- [Forensics-changes] [yara] 77/368: Fix potential stack overflow
Hilko Bengen
- [Forensics-changes] [yara] 78/368: Fix warnings
Hilko Bengen
- [Forensics-changes] [yara] 79/368: Remove old comment.
Hilko Bengen
- [Forensics-changes] [yara] 80/368: Fix build on OS X.
Hilko Bengen
- [Forensics-changes] [yara] 81/368: Merge pull request #348 from wxsBSD/issue_337
Hilko Bengen
- [Forensics-changes] [yara] 82/368: Merge pull request #352 from wxsBSD/osx_build_fix
Hilko Bengen
- [Forensics-changes] [yara] 83/368: Move declaration to the beginning to be C89 conformant.
Hilko Bengen
- [Forensics-changes] [yara] 84/368: Add ReversingLabs to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 85/368: Merge pull request #347 from wxsBSD/crypto_crash_fix
Hilko Bengen
- [Forensics-changes] [yara] 86/368: Create new option -k for stack size
Hilko Bengen
- [Forensics-changes] [yara] 87/368: Fix up the variable name for stacksize
Hilko Bengen
- [Forensics-changes] [yara] 88/368: Pass the stacksize down to YR_CONTEXT
Hilko Bengen
- [Forensics-changes] [yara] 89/368: Use stack-size from context, rather than #define
Hilko Bengen
- [Forensics-changes] [yara] 90/368: Make the stacksize default a #define in yara.c
Hilko Bengen
- [Forensics-changes] [yara] 91/368: Document -k/--stack-size option and change wording
Hilko Bengen
- [Forensics-changes] [yara] 92/368: Fix issue #357
Hilko Bengen
- [Forensics-changes] [yara] 93/368: Add Thug to the "who's using YARA" list
Hilko Bengen
- [Forensics-changes] [yara] 94/368: Fix issue #359
Hilko Bengen
- [Forensics-changes] [yara] 95/368: Export hash-table features in YARA's API
Hilko Bengen
- [Forensics-changes] [yara] 96/368: Add missing include
Hilko Bengen
- [Forensics-changes] [yara] 97/368: Merge remote-tracking branch 'core/master'
Hilko Bengen
- [Forensics-changes] [yara] 98/368: Exposing module data to user and making printout thread-safe.
Hilko Bengen
- [Forensics-changes] [yara] 99/368: Enable usage of yr_object_print_data() from C++ code.
Hilko Bengen
- [Forensics-changes] [yara] 100/368: Fixed undefined behaviour.
Hilko Bengen
- [Forensics-changes] [yara] 101/368: Removed redundant cast.
Hilko Bengen
- [Forensics-changes] [yara] 102/368: Add Picus Security to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 103/368: Fix multiple integer overflow bugs reported by @_icewall
Hilko Bengen
- [Forensics-changes] [yara] 104/368: Remove sanity check introduced in previous commit.
Hilko Bengen
- [Forensics-changes] [yara] 105/368: Add SpamStopsHere to Who's using YARA
Hilko Bengen
- [Forensics-changes] [yara] 106/368: Fix certificate parsing and improve legibility
Hilko Bengen
- [Forensics-changes] [yara] 107/368: Merge remote-tracking branch 'core/master'
Hilko Bengen
- [Forensics-changes] [yara] 108/368: Properly handle negative serial numbers.
Hilko Bengen
- [Forensics-changes] [yara] 109/368: Fix segfault when "matches" operator is used with undefined string
Hilko Bengen
- [Forensics-changes] [yara] 110/368: Add PhishMe to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 111/368: Fix issue #368
Hilko Bengen
- [Forensics-changes] [yara] 112/368: Fix bug introduced in 4a532176bd1c973954cf859591b3747f7f76a096
Hilko Bengen
- [Forensics-changes] [yara] 113/368: Check for full stack in _yr_scan_fast_hex_re_exec
Hilko Bengen
- [Forensics-changes] [yara] 114/368: Add EnCase Endpoint Security and The DigiTrust Group to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 115/368: Change EndCase Endpoint Security to Guidance Software
Hilko Bengen
- [Forensics-changes] [yara] 116/368: added rich_version function (+ documentation)
Hilko Bengen
- [Forensics-changes] [yara] 117/368: moved rich_version to rich_signature.version and added a rich_signature.toolid version for checking toolid's
Hilko Bengen
- [Forensics-changes] [yara] 118/368: implemented suggestions (now both rich_signature.version and rich_signature.toolid have overloads)
Hilko Bengen
- [Forensics-changes] [yara] 119/368: Merge pull request #366 from wxsBSD/negative_serials
Hilko Bengen
- [Forensics-changes] [yara] 120/368: Minor changes in spacing and line length
Hilko Bengen
- [Forensics-changes] [yara] 121/368: Merge pull request #374 from mrexodia/rich_version
Hilko Bengen
- [Forensics-changes] [yara] 122/368: Minor style changes
Hilko Bengen
- [Forensics-changes] [yara] 123/368: Merge pull request #364 from gregcopenhaver/spamstopshere
Hilko Bengen
- [Forensics-changes] [yara] 124/368: Merge remote-tracking branch 'core/master'
Hilko Bengen
- [Forensics-changes] [yara] 125/368: Implemented new callback for when module was successfully imported.
Hilko Bengen
- [Forensics-changes] [yara] 126/368: Convert logo to vectorial format
Hilko Bengen
- [Forensics-changes] [yara] 127/368: Fix bad returns.
Hilko Bengen
- [Forensics-changes] [yara] 128/368: Merge pull request #382 from wxsBSD/fix_bad_returns
Hilko Bengen
- [Forensics-changes] [yara] 129/368: Update man page to new command line syntax
Hilko Bengen
- [Forensics-changes] [yara] 130/368: Merge pull request #360 from msuvajac/master
Hilko Bengen
- [Forensics-changes] [yara] 131/368: Minor style changes
Hilko Bengen
- [Forensics-changes] [yara] 132/368: Document CALLBACK_MSG_MODULE_IMPORTED.
Hilko Bengen
- [Forensics-changes] [yara] 133/368: Document modules_callback for yara-python.
Hilko Bengen
- [Forensics-changes] [yara] 134/368: Add is_dll(), is_3bit() and is_64bit() to pe.
Hilko Bengen
- [Forensics-changes] [yara] 135/368: Add docs for convenience functions.
Hilko Bengen
- [Forensics-changes] [yara] 136/368: Merge pull request #391 from wxsBSD/convenience_functions
Hilko Bengen
- [Forensics-changes] [yara] 137/368: Fixes issue #388 (nested dictionaries causing segfault)
Hilko Bengen
- [Forensics-changes] [yara] 138/368: Fixes for #388
Hilko Bengen
- [Forensics-changes] [yara] 139/368: Revert files to state before my testing on nested dicts
Hilko Bengen
- [Forensics-changes] [yara] 140/368: Fix typo
Hilko Bengen
- [Forensics-changes] [yara] 141/368: Merge pull request #1 from plusvic/master
Hilko Bengen
- [Forensics-changes] [yara] 142/368: Fixes the array issue with #388
Hilko Bengen
- [Forensics-changes] [yara] 143/368: Merge pull request #393 from hillu/fix-typo
Hilko Bengen
- [Forensics-changes] [yara] 144/368: Implemented @plusvic's suggestions to #392 and rm'd unused variable.
Hilko Bengen
- [Forensics-changes] [yara] 145/368: Add test to check layouts of data types that may be read from disk
Hilko Bengen
- [Forensics-changes] [yara] 146/368: Add explicit alignments to data types taht may be read from disk.
Hilko Bengen
- [Forensics-changes] [yara] 147/368: Merge pull request #2 from plusvic/master
Hilko Bengen
- [Forensics-changes] [yara] 148/368: Merge pull request #392 from Northern-Lights/master
Hilko Bengen
- [Forensics-changes] [yara] 149/368: Merge pull request #394 from hillu/fix-rule-alignments
Hilko Bengen
- [Forensics-changes] [yara] 150/368: Move tests out of libyara
Hilko Bengen
- [Forensics-changes] [yara] 151/368: Merge pull request #386 from wxsBSD/msg_module_imported_docs
Hilko Bengen
- [Forensics-changes] [yara] 152/368: Fix match issue.
Hilko Bengen
- [Forensics-changes] [yara] 153/368: Merge pull request #396 from wxsBSD/strncmp
Hilko Bengen
- [Forensics-changes] [yara] 154/368: Some style changes in commit 5b5a0795db2238be4ed079d9583c2fb0b79866cf
Hilko Bengen
- [Forensics-changes] [yara] 155/368: Fix typos
Hilko Bengen
- [Forensics-changes] [yara] 156/368: Fix spacing
Hilko Bengen
- [Forensics-changes] [yara] 157/368: Fix issue #369.
Hilko Bengen
- [Forensics-changes] [yara] 158/368: Fix bug in previous commit
Hilko Bengen
- [Forensics-changes] [yara] 159/368: More accurate line numbers in while reporting duplicate string identifier errors
Hilko Bengen
- [Forensics-changes] [yara] 160/368: Fix typo
Hilko Bengen
- [Forensics-changes] [yara] 161/368: Add ActiveCanopy to "who's using YARA" list
Hilko Bengen
- [Forensics-changes] [yara] 162/368: Fix issue #397
Hilko Bengen
- [Forensics-changes] [yara] 163/368: Fix regression introduced in #369
Hilko Bengen
- [Forensics-changes] [yara] 164/368: Add Kaspersky to "who's using YARA" list
Hilko Bengen
- [Forensics-changes] [yara] 165/368: Add Christian Blichmann to CONTRIBUTERS
Hilko Bengen
- [Forensics-changes] [yara] 166/368: Make yywarning a variadic function
Hilko Bengen
- [Forensics-changes] [yara] 167/368: Show warning when string literal is used as operand in a boolean expression
Hilko Bengen
- [Forensics-changes] [yara] 168/368: Fixing compilation warnings in Visual Studio 2013.
Hilko Bengen
- [Forensics-changes] [yara] 169/368: Add support for compiling under cygwin.
Hilko Bengen
- [Forensics-changes] [yara] 170/368: Merge pull request #403 from scudette/cygwin
Hilko Bengen
- [Forensics-changes] [yara] 171/368: Merge pull request #2 from plusvic/master
Hilko Bengen
- [Forensics-changes] [yara] 172/368: Merge pull request #3 from Security513/master
Hilko Bengen
- [Forensics-changes] [yara] 173/368: Add yr_set/get_configuration and use this to set stack size
Hilko Bengen
- [Forensics-changes] [yara] 174/368: Remove the old pass-by-argument stacksize
Hilko Bengen
- [Forensics-changes] [yara] 175/368: Remove stacksize from context
Hilko Bengen
- [Forensics-changes] [yara] 176/368: Use existing error code for return vals
Hilko Bengen
- [Forensics-changes] [yara] 177/368: Move the stack size setting code to near init call in main()
Hilko Bengen
- [Forensics-changes] [yara] 178/368: Fix infinite loop with certain regular expressions like (a*)* and (a|)*
Hilko Bengen
- [Forensics-changes] [yara] 179/368: Put a limit to the number of fibers while executing a regex
Hilko Bengen
- [Forensics-changes] [yara] 180/368: Show warning if OpenSSL is not installed when running ./configure script
Hilko Bengen
- [Forensics-changes] [yara] 181/368: Change include path while compiling in Mac OS X
Hilko Bengen
- [Forensics-changes] [yara] 182/368: Fix warning
Hilko Bengen
- [Forensics-changes] [yara] 183/368: Fix indentation
Hilko Bengen
- [Forensics-changes] [yara] 184/368: Fix bug introduced in a76bfc07fc73160e320abe10ffe73d66f92c183f
Hilko Bengen
- [Forensics-changes] [yara] 185/368: Spelling stack_sz & stacksize -> stack_size. Make it signed int type.
Hilko Bengen
- [Forensics-changes] [yara] 186/368: Merge pull request #402 from maximelb/master
Hilko Bengen
- [Forensics-changes] [yara] 187/368: Adding base project files and solution for 2015
Hilko Bengen
- [Forensics-changes] [yara] 188/368: Remove windows/include from projects because it will come from nuget
Hilko Bengen
- [Forensics-changes] [yara] 189/368: Cumulative fixes for building on Windows gitignore updated for Visual Studio
Hilko Bengen
- [Forensics-changes] [yara] 190/368: Update projects to use dependency NuGets
Hilko Bengen
- [Forensics-changes] [yara] 191/368: POC section reader working for Windows
Hilko Bengen
- [Forensics-changes] [yara] 192/368: Adding a block iterator concept to yr_rules_scan_mem_blocks Abstraction to fetch blocks from a linked list of blocks or a section reader Needed new type YR_BLOCK_READER to keep state in the case of the linked list
Hilko Bengen
- [Forensics-changes] [yara] 193/368: Starting implementation of more generic block_iterator
Hilko Bengen
- [Forensics-changes] [yara] 194/368: using block iterator every where the block linked list was used had to include null checking everywhere the data was used
Hilko Bengen
- [Forensics-changes] [yara] 195/368: rough implementation of process iterator for Windows
Hilko Bengen
- [Forensics-changes] [yara] 196/368: Some code cleanup
Hilko Bengen
- [Forensics-changes] [yara] 197/368: Update error number
Hilko Bengen
- [Forensics-changes] [yara] 198/368: Add error handling for block iteration on Windows
Hilko Bengen
- [Forensics-changes] [yara] 199/368: Fixing issues found when previewing PR
Hilko Bengen
- [Forensics-changes] [yara] 200/368: Merge remote-tracking branch 'upstream/master' into sectionreader
Hilko Bengen
- [Forensics-changes] [yara] 201/368: Adding Linux block iterator
Hilko Bengen
- [Forensics-changes] [yara] 202/368: PE module to use iterator, change lost during merge
Hilko Bengen
- [Forensics-changes] [yara] 203/368: Port most of the the rule-related tests from yara-python
Hilko Bengen
- [Forensics-changes] [yara] 204/368: Accept negative integers in meta fields
Hilko Bengen
- [Forensics-changes] [yara] 205/368: Fixes for building on linux
Hilko Bengen
- [Forensics-changes] [yara] 206/368: fix wrong pointer bug in linux get_process_blocks
Hilko Bengen
- [Forensics-changes] [yara] 207/368: Adding Mac support for process iterator
Hilko Bengen
- [Forensics-changes] [yara] 208/368: Fix build problems on Mac
Hilko Bengen
- [Forensics-changes] [yara] 209/368: Merge pull request #413 from hillu/port-tests
Hilko Bengen
- [Forensics-changes] [yara] 210/368: Apply YARA's coding style to tests
Hilko Bengen
- [Forensics-changes] [yara] 211/368: Add files generated by "make check" to .gitignore
Hilko Bengen
- [Forensics-changes] [yara] 212/368: Merge pull request #411 from hillu/signed-numbers
Hilko Bengen
- [Forensics-changes] [yara] 213/368: Update grammar.c with changes introduced in 9c044f32763fa793f7e0a2c0e00dd3606e891b90
Hilko Bengen
- [Forensics-changes] [yara] 214/368: Add NBS Systems to "who's using YARA" list
Hilko Bengen
- [Forensics-changes] [yara] 215/368: Remove the trailing "s" from NBS Systems
Hilko Bengen
- [Forensics-changes] [yara] 216/368: Merge pull request #387 from wxsBSD/modules_callback_docs
Hilko Bengen
- [Forensics-changes] [yara] 217/368: Merge pull request #355 from Security513/stack-option
Hilko Bengen
- [Forensics-changes] [yara] 218/368: tests: Output compile errors
Hilko Bengen
- [Forensics-changes] [yara] 219/368: tests: Minor formatting update
Hilko Bengen
- [Forensics-changes] [yara] 220/368: Allocate struct for mach context in process scanning
Hilko Bengen
- [Forensics-changes] [yara] 221/368: Merge remote-tracking branch 'upstream/master' into sectionreader
Hilko Bengen
- [Forensics-changes] [yara] 222/368: Fix RVA calculation corner cases.
Hilko Bengen
- [Forensics-changes] [yara] 223/368: Merge pull request #420 from wxsBSD/entry_point_fix
Hilko Bengen
- [Forensics-changes] [yara] 224/368: Merge pull request #417 from hillu/master
Hilko Bengen
- [Forensics-changes] [yara] 225/368: Add Travis CI integration
Hilko Bengen
- [Forensics-changes] [yara] 226/368: Merge pull request #422 from hillu/travis
Hilko Bengen
- [Forensics-changes] [yara] 227/368: Add Travis CI status badge to README.md
Hilko Bengen
- [Forensics-changes] [yara] 228/368: pe: Move, improve OptionalHeader macro
Hilko Bengen
- [Forensics-changes] [yara] 229/368: tests: Add code for working with external files
Hilko Bengen
- [Forensics-changes] [yara] 230/368: tests: Add checks for #373, #399
Hilko Bengen
- [Forensics-changes] [yara] 231/368: pe: pe_rva_to_offset: Round to File Alignment
Hilko Bengen
- [Forensics-changes] [yara] 232/368: Merge pull request #425 from hillu/fix-rva-calculation
Hilko Bengen
- [Forensics-changes] [yara] 233/368: Re-styling changes
Hilko Bengen
- [Forensics-changes] [yara] 234/368: Update documentation for command-line arguments
Hilko Bengen
- [Forensics-changes] [yara] 235/368: Add --stack-size option to man page
Hilko Bengen
- [Forensics-changes] [yara] 236/368: Re-styling changes
Hilko Bengen
- [Forensics-changes] [yara] 237/368: Fix link to Travis CI badge
Hilko Bengen
- [Forensics-changes] [yara] 238/368: pe: Recognize RVAs below mapped sections
Hilko Bengen
- [Forensics-changes] [yara] 239/368: pe: imports: Actually look at FirstThunk if OriginalFirstThunk is zero.
Hilko Bengen
- [Forensics-changes] [yara] 240/368: Merge pull request #427 from hillu/rva-before-sections
Hilko Bengen
- [Forensics-changes] [yara] 241/368: Removed exclusion of period-prefixed directories in recursive directory scan
Hilko Bengen
- [Forensics-changes] [yara] 242/368: Merge pull request #428 from jallmantalbot/master
Hilko Bengen
- [Forensics-changes] [yara] 243/368: Break line with more than 80 columns
Hilko Bengen
- [Forensics-changes] [yara] 244/368: Remove duplicate test introduced in 6757bcd40cb50fcc3a4318838a10d1b671978497
Hilko Bengen
- [Forensics-changes] [yara] 245/368: Add assert_false_rule_file macro
Hilko Bengen
- [Forensics-changes] [yara] 246/368: Add test case for #429
Hilko Bengen
- [Forensics-changes] [yara] 247/368: Round section offsets to 0x200 if FileAlignment > 0x200
Hilko Bengen
- [Forensics-changes] [yara] 248/368: Corrected some of the grammatical/spelling errors and minor inconsistencies in example code.
Hilko Bengen
- [Forensics-changes] [yara] 249/368: Formatting and grammar/spelling corrections.
Hilko Bengen
- [Forensics-changes] [yara] 250/368: Add yr_filemap_unmap_fd() that leaves the filehandle open after scanning
Hilko Bengen
- [Forensics-changes] [yara] 251/368: Merge pull request #434 from scotmatson/master
Hilko Bengen
- [Forensics-changes] [yara] 252/368: Merge pull request #435 from hillu/yr_filemap_unmap_fd
Hilko Bengen
- [Forensics-changes] [yara] 253/368: Merge pull request #430 from hillu/fix-429
Hilko Bengen
- [Forensics-changes] [yara] 254/368: Adding base project files and solution for 2015
Hilko Bengen
- [Forensics-changes] [yara] 255/368: Remove windows/include from projects because it will come from nuget
Hilko Bengen
- [Forensics-changes] [yara] 256/368: Cumulative fixes for building on Windows gitignore updated for Visual Studio
Hilko Bengen
- [Forensics-changes] [yara] 257/368: Update projects to use dependency NuGets
Hilko Bengen
- [Forensics-changes] [yara] 259/368: Fix some issues while building for Windows
Hilko Bengen
- [Forensics-changes] [yara] 260/368: Configure Visual Studio 2015 projects for static linking
Hilko Bengen
- [Forensics-changes] [yara] 261/368: Fix warning while compiling with Visual Studio 2015
Hilko Bengen
- [Forensics-changes] [yara] 262/368: Set the NAMESPACE_TFLAGS_UNSATISFIED_GLOBAL flag during condition evaluation instead of having to iterate over the rules twice.
Hilko Bengen
- [Forensics-changes] [yara] 263/368: Replace tabs with spaces
Hilko Bengen
- [Forensics-changes] [yara] 264/368: Fix bug that can cause segfaults while scanning corrupted PE files.
Hilko Bengen
- [Forensics-changes] [yara] 265/368: Implement function for optimizing Aho-Corasick automaton
Hilko Bengen
- [Forensics-changes] [yara] 266/368: Merge remote-tracking branch 'upstream/master'
Hilko Bengen
- [Forensics-changes] [yara] 267/368: pe: '-' is a valid character for a DLL name.
Hilko Bengen
- [Forensics-changes] [yara] 268/368: Merge pull request #440 from hillu/master
Hilko Bengen
- [Forensics-changes] [yara] 269/368: Fix memory leaks in tests
Hilko Bengen
- [Forensics-changes] [yara] 270/368: Fix use of uninitialized pointer
Hilko Bengen
- [Forensics-changes] [yara] 271/368: Replace "backslashes" with "forward slashes" in documentation as reported in issue #443
Hilko Bengen
- [Forensics-changes] [yara] 272/368: Add --enable-debug option to "configure" script
Hilko Bengen
- [Forensics-changes] [yara] 273/368: Increase RE_MAX_FIBERS
Hilko Bengen
- [Forensics-changes] [yara] 274/368: Fix issue #444
Hilko Bengen
- [Forensics-changes] [yara] 275/368: Fix issue #444
Hilko Bengen
- [Forensics-changes] [yara] 276/368: Make yr_rules_define_* fail if variable does not exist
Hilko Bengen
- [Forensics-changes] [yara] 277/368: Implement Aho-Corasick automaton with interleaved arrays.
Hilko Bengen
- [Forensics-changes] [yara] 278/368: Fix warnings while building in Windows
Hilko Bengen
- [Forensics-changes] [yara] 279/368: Fix alignment tests
Hilko Bengen
- [Forensics-changes] [yara] 280/368: Fix warning
Hilko Bengen
- [Forensics-changes] [yara] 281/368: Merge pull request #445 from hillu/fix-defvar
Hilko Bengen
- [Forensics-changes] [yara] 282/368: Add build matrix that includes 32bit build
Hilko Bengen
- [Forensics-changes] [yara] 283/368: test-alignment: Fix number formatting in printf
Hilko Bengen
- [Forensics-changes] [yara] 284/368: Merge pull request #454 from hillu/travis-i386
Hilko Bengen
- [Forensics-changes] [yara] 285/368: Remove YR_AC_STATE and YR_AC_AUTOMATON from alignments tests
Hilko Bengen
- [Forensics-changes] [yara] 286/368: Merge remote-tracking branch 'upstream/master'
Hilko Bengen
- [Forensics-changes] [yara] 287/368: Fix issues in 32-bits mode introduced in 0db16d3639140c0b6a7a6d0de06e5e2622e90c04
Hilko Bengen
- [Forensics-changes] [yara] 288/368: Extend the lexer to accept hex strings with inline comments.
Hilko Bengen
- [Forensics-changes] [yara] 289/368: Merge pull request #455 from cblichmann/inlinecomments
Hilko Bengen
- [Forensics-changes] [yara] 290/368: tests: Check layout of SIZED_STRING
Hilko Bengen
- [Forensics-changes] [yara] 291/368: Ensure equal SIZED_STRING layout on 32 and 64 bit architectures
Hilko Bengen
- [Forensics-changes] [yara] 292/368: Fix warning while compiling for 32-bits
Hilko Bengen
- [Forensics-changes] [yara] 293/368: Configure coverity_scan
Hilko Bengen
- [Forensics-changes] [yara] 294/368: Fix Travis CI configuration
Hilko Bengen
- [Forensics-changes] [yara] 295/368: Add missing call to va_end
Hilko Bengen
- [Forensics-changes] [yara] 296/368: Fix double free bug
Hilko Bengen
- [Forensics-changes] [yara] 298/368: Fix multiple memory leaks
Hilko Bengen
- [Forensics-changes] [yara] 297/368: Fix use of uninitialized variable
Hilko Bengen
- [Forensics-changes] [yara] 299/368: Fix wrong condition due to a typo
Hilko Bengen
- [Forensics-changes] [yara] 300/368: Fix use of uninitialized variable
Hilko Bengen
- [Forensics-changes] [yara] 301/368: Move return statement out of va_start, va_end block
Hilko Bengen
- [Forensics-changes] [yara] 302/368: Fix out-of-bounds accesses
Hilko Bengen
- [Forensics-changes] [yara] 303/368: Fix dead code warning in Coverity
Hilko Bengen
- [Forensics-changes] [yara] 304/368: Update COVERITY_SCAN_TOKEN
Hilko Bengen
- [Forensics-changes] [yara] 305/368: Fix unused variable warning
Hilko Bengen
- [Forensics-changes] [yara] 306/368: Fix memory leak
Hilko Bengen
- [Forensics-changes] [yara] 307/368: Merge pull request #458 from plusvic/master
Hilko Bengen
- [Forensics-changes] [yara] 308/368: Change Travis badge URL
Hilko Bengen
- [Forensics-changes] [yara] 309/368: Update Gitter badge URL
Hilko Bengen
- [Forensics-changes] [yara] 310/368: Update Gitter badge URL
Hilko Bengen
- [Forensics-changes] [yara] 311/368: fixed building on VS2010
Hilko Bengen
- [Forensics-changes] [yara] 312/368: Merge pull request #460 from mrexodia/vs10_fix
Hilko Bengen
- [Forensics-changes] [yara] 313/368: Merge pull request #418
Hilko Bengen
- [Forensics-changes] [yara] 314/368: Fix issue introduced in 23759af0b29bad2f407dd031de28598ea6952b96
Hilko Bengen
- [Forensics-changes] [yara] 315/368: Force scan.coverity.com certificate to be accepted by Travis instances
Hilko Bengen
- [Forensics-changes] [yara] 316/368: Fix potential division-by-zero errors
Hilko Bengen
- [Forensics-changes] [yara] 317/368: Explicit initialization of pointer to avoid Coverity complaining
Hilko Bengen
- [Forensics-changes] [yara] 318/368: Invoke yr_modules_unload_all from exec.c
Hilko Bengen
- [Forensics-changes] [yara] 319/368: Fix potential null dereference issue
Hilko Bengen
- [Forensics-changes] [yara] 320/368: Fix resource leak
Hilko Bengen
- [Forensics-changes] [yara] 321/368: Fix potential memory leak
Hilko Bengen
- [Forensics-changes] [yara] 322/368: Fix null pointer dereference
Hilko Bengen
- [Forensics-changes] [yara] 323/368: Add assertion to make sure that "chained_to" field is set
Hilko Bengen
- [Forensics-changes] [yara] 324/368: Fix memory leaks
Hilko Bengen
- [Forensics-changes] [yara] 325/368: Avoid redefinition of external variables with a different type
Hilko Bengen
- [Forensics-changes] [yara] 326/368: Fix segfault when yr_finalize is invoked without calling yr_initialize first
Hilko Bengen
- [Forensics-changes] [yara] 328/368: Merge pull request #447 from hillu/fix-sized-string
Hilko Bengen
- [Forensics-changes] [yara] 329/368: Merge branch 'master' of https://github.com/VirusTotal/yara
Hilko Bengen
- [Forensics-changes] [yara] 330/368: Move Visual Studio 2010 project to its own directory
Hilko Bengen
- [Forensics-changes] [yara] 331/368: Update documentation
Hilko Bengen
- [Forensics-changes] [yara] 332/368: Change type of SIZED_STRING's length to uint32_t
Hilko Bengen
- [Forensics-changes] [yara] 333/368: Update URLs
Hilko Bengen
- [Forensics-changes] [yara] 334/368: Fix warnings
Hilko Bengen
- [Forensics-changes] [yara] 335/368: Fix warnings
Hilko Bengen
- [Forensics-changes] [yara] 336/368: Fix some issues with Visual Studio 2010 project
Hilko Bengen
- [Forensics-changes] [yara] 337/368: Fix issue with missing include file while compiling in Visual Studio 2010
Hilko Bengen
- [Forensics-changes] [yara] 338/368: Move variable declaration to satisfy VC++
Hilko Bengen
- [Forensics-changes] [yara] 339/368: Enable "cuckoo" and "magic" modules while building in Travis
Hilko Bengen
- [Forensics-changes] [yara] 340/368: Fix references to block data. (#466)
Hilko Bengen
- [Forensics-changes] [yara] 341/368: Travis: Show test-suite.log on failure (#467)
Hilko Bengen
- [Forensics-changes] [yara] 343/368: Improve mem block iterators (#471)
Hilko Bengen
- [Forensics-changes] [yara] 344/368: Add Cuckoo Sandbox to Yara users (#469)
Hilko Bengen
- [Forensics-changes] [yara] 345/368: Bump ARENA_FILE_VERSION, add corresponding check to tests (#468)
Hilko Bengen
- [Forensics-changes] [yara] 346/368: Implement yr_hash_table_add_raw_key and yr_hash_table_lookup_raw_key functions
Hilko Bengen
- [Forensics-changes] [yara] 347/368: Implement caching in "hash" module
Hilko Bengen
- [Forensics-changes] [yara] 348/368: Rename defines used in conditional module compilation
Hilko Bengen
- [Forensics-changes] [yara] 349/368: Exclude checks using the "hash" module if it wasn't compiled into YARA
Hilko Bengen
- [Forensics-changes] [yara] 350/368: Remove unused variables
Hilko Bengen
- [Forensics-changes] [yara] 351/368: Don't use libcrypto locking function for OpenSSL >= 1.1
Hilko Bengen
- [Forensics-changes] [yara] 352/368: pe: OpenSSL 1.1 changes
Hilko Bengen
- [Forensics-changes] [yara] 353/368: Add missing include
Hilko Bengen
- [Forensics-changes] [yara] 354/368: Fix issue with boolean external variables being defined as integer
Hilko Bengen
- [Forensics-changes] [yara] 355/368: Update documentation
Hilko Bengen
- [Forensics-changes] [yara] 356/368: Merge pull request #472 from hillu/openssl-1.1
Hilko Bengen
- [Forensics-changes] [yara] 357/368: Add missing typecasts
Hilko Bengen
- [Forensics-changes] [yara] 358/368: Put variable declarations at the beginning of code blocks
Hilko Bengen
- [Forensics-changes] [yara] 359/368: Fix typo
Hilko Bengen
- [Forensics-changes] [yara] 360/368: Null-terminate string objects explicitly. (#477)
Hilko Bengen
- [Forensics-changes] [yara] 361/368: Default to 0 signatures until otherwise known. (#476)
Hilko Bengen
- [Forensics-changes] [yara] 362/368: Added stdint.h fallback support. (#478)
Hilko Bengen
- [Forensics-changes] [yara] 363/368: Changes to make math and pe modules C89 compatible. (#479)
Hilko Bengen
- [Forensics-changes] [yara] 364/368: Fix some issues with Windows projects
Hilko Bengen
- [Forensics-changes] [yara] 365/368: Set version number to 3.5.0
Hilko Bengen
- [Forensics-changes] [yara] 366/368: Add yara/integers.h to deployed headers
Hilko Bengen
- [Forensics-changes] [yara] 367/368: Visual Studio 2015 (_MSC_VER == 1900) defines the snprintf function, so avoid defining it in those cases. (#483)
Hilko Bengen
- [Forensics-changes] [yara] 368/368: Gets pe_utils.c to compile with VS2015. (#488)
Hilko Bengen
- [Forensics-changes] [yara] 01/192: DllCharacteristics and subsystem PE flags.
Hilko Bengen
- [Forensics-changes] [yara] 02/192: Rename dllcharacteristics to dll_characteristics and shorten mask names.
Hilko Bengen
- [Forensics-changes] [yara] 03/192: fixup dll_characteristics integer declaration
Hilko Bengen
- [Forensics-changes] [yara] 04/192: Remove duplicated colon
Hilko Bengen
- [Forensics-changes] [yara] 05/192: Added missing return statements -> yarapython documentation (#489)
Hilko Bengen
- [Forensics-changes] [yara] 06/192: Add support for CLI parsing. (#356)
Hilko Bengen
- [Forensics-changes] [yara] 07/192: Conditional compilation for dotnet module
Hilko Bengen
- [Forensics-changes] [yara] 08/192: Change modules macro names in VS 2010 project
Hilko Bengen
- [Forensics-changes] [yara] 09/192: Added missing apt-get command "install" (#500)
Hilko Bengen
- [Forensics-changes] [yara] 10/192: Add dotnet docs. (#497)
Hilko Bengen
- [Forensics-changes] [yara] 11/192: Add pe.overlay.offset and pe.overlay.size (closes #432) (#505)
Hilko Bengen
- [Forensics-changes] [yara] 12/192: Add number_of_imports to PE. (#501)
Hilko Bengen
- [Forensics-changes] [yara] 13/192: Fix issue #506
Hilko Bengen
- [Forensics-changes] [yara] 14/192: Fix issue #507
Hilko Bengen
- [Forensics-changes] [yara] 15/192: Check error codes returned by json_unpack
Hilko Bengen
- [Forensics-changes] [yara] 16/192: Better error reporting for regexps exceeding RE_MAX_SPLIT_ID
Hilko Bengen
- [Forensics-changes] [yara] 17/192: Handle newer and older versions for Cuckoo report format
Hilko Bengen
- [Forensics-changes] [yara] 18/192: Fix regression introduced in previous commit
Hilko Bengen
- [Forensics-changes] [yara] 19/192: Fix issue causing bad quality atoms to be discarded
Hilko Bengen
- [Forensics-changes] [yara] 20/192: Remove files used for testing purposes that were being detected by antivirus programs. Remove .exe extension from some other files. (#512)
Hilko Bengen
- [Forensics-changes] [yara] 21/192: Return error if the number of threads specified with --threads is greater than MAX_THREADS
Hilko Bengen
- [Forensics-changes] [yara] 22/192: Allow MAX_THREADS to be set arbitrarily (#513)
Hilko Bengen
- [Forensics-changes] [yara] 23/192: Add yr_compiler_add_fd (#475)
Hilko Bengen
- [Forensics-changes] [yara] 24/192: Re-generate lexer.c after latest changes in lexer.l
Hilko Bengen
- [Forensics-changes] [yara] 25/192: Mark yr_compiler_add_fd function as added in version 3.6.0 in documentation
Hilko Bengen
- [Forensics-changes] [yara] 26/192: Fix out-of-bounds array access
Hilko Bengen
- [Forensics-changes] [yara] 27/192: Minor style changes
Hilko Bengen
- [Forensics-changes] [yara] 28/192: Fix issue #517
Hilko Bengen
- [Forensics-changes] [yara] 29/192: Make yr_lex_parse_rules_fd compatible with Win32 (#520)
Hilko Bengen
- [Forensics-changes] [yara] 30/192: Update lexer.c
Hilko Bengen
- [Forensics-changes] [yara] 31/192: Include windows.h instead of fileapi.h
Hilko Bengen
- [Forensics-changes] [yara] 32/192: Fix issue #524
Hilko Bengen
- [Forensics-changes] [yara] 33/192: Other minor fixes in pe_utils.c
Hilko Bengen
- [Forensics-changes] [yara] 34/192: Add pe_utils.c to Visual Studio 2015 project
Hilko Bengen
- [Forensics-changes] [yara] 35/192: Fix conditionals
Hilko Bengen
- [Forensics-changes] [yara] 36/192: Travis: Cross compile with MinGW (#525)
Hilko Bengen
- [Forensics-changes] [yara] 37/192: Make our memmem implementation available in dotnet.c (#521)
Hilko Bengen
- [Forensics-changes] [yara] 38/192: Do "make clean" before "make"
Hilko Bengen
- [Forensics-changes] [yara] 39/192: Fix warning caused by uninitalized array
Hilko Bengen
- [Forensics-changes] [yara] 40/192: Fix issue with mingw not recognising %llx and %lld printf formats
Hilko Bengen
- [Forensics-changes] [yara] 41/192: Add appveyor config file
Hilko Bengen
- [Forensics-changes] [yara] 42/192: Add AppVeyor's badge
Hilko Bengen
- [Forensics-changes] [yara] 43/192: Update Visual Studio 2015 project
Hilko Bengen
- [Forensics-changes] [yara] 44/192: pe: Add checksum field, function to calculate the checksum (#528)
Hilko Bengen
- [Forensics-changes] [yara] 45/192: Fix variable redefinition (#529)
Hilko Bengen
- [Forensics-changes] [yara] 46/192: Add root9B to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 47/192: Clarify yr_rules_{load, save}* descriptions (#536)
Hilko Bengen
- [Forensics-changes] [yara] 49/192: travis: Build on Mac OS X (#537)
Hilko Bengen
- [Forensics-changes] [yara] 50/192: Adding scanii to the list of companies using YARA (#532)
Hilko Bengen
- [Forensics-changes] [yara] 51/192: Fix pe, elf module for big-endian architectures (related to #493) (#538)
Hilko Bengen
- [Forensics-changes] [yara] 52/192: Move #include out of #ifdef
Hilko Bengen
- [Forensics-changes] [yara] 53/192: Move yr_*toh() macros to their own header file (#542)
Hilko Bengen
- [Forensics-changes] [yara] 54/192: Use a union instead of a int64_t for arguments to module functions. This makes the code clearer, reduce typecasting and solve warnings.
Hilko Bengen
- [Forensics-changes] [yara] 55/192: Added stoQ to "who's using yara" (#543)
Hilko Bengen
- [Forensics-changes] [yara] 56/192: Add JASK to "who's using YARA"
Hilko Bengen
- [Forensics-changes] [yara] 57/192: Don't unmask signals when setting up exception handler (Unix) (#546)
Hilko Bengen
- [Forensics-changes] [yara] 58/192: Minor re-styling
Hilko Bengen
- [Forensics-changes] [yara] 59/192: tests: Use larger file to demonstrate SIGBUS (#549)
Hilko Bengen
- [Forensics-changes] [yara] 60/192: Exception handler (Unix): Install a handler for SIGSEGV (#552)
Hilko Bengen
- [Forensics-changes] [yara] 61/192: Add scan flag for disabling exceptions
Hilko Bengen
- [Forensics-changes] [yara] 62/192: Fix isnan already defined
Hilko Bengen
- [Forensics-changes] [yara] 63/192: Windows mutex replaced with CriticalSection
Hilko Bengen
- [Forensics-changes] [yara] 64/192: CritSection in try block and return value fixed
Hilko Bengen
- [Forensics-changes] [yara] 65/192: removed __try block around CritSection
Hilko Bengen
- [Forensics-changes] [yara] 66/192: Fix warning
Hilko Bengen
- [Forensics-changes] [yara] 67/192: Fix warning and minor style issues
Hilko Bengen
- [Forensics-changes] [yara] 68/192: Add include directory for OpenSSL in Mac OS X
Hilko Bengen
- [Forensics-changes] [yara] 69/192: Add support for big-endian ELF files (#560)
Hilko Bengen
- [Forensics-changes] [yara] 70/192: Add support for big-endian ELF files (#560) (#562)
Hilko Bengen
- [Forensics-changes] [yara] 71/192: Minor re-styling
Hilko Bengen
- [Forensics-changes] [yara] 72/192: Merge pull request #558 from CaldurG/CritSection
Hilko Bengen
- [Forensics-changes] [yara] 73/192: Merge pull request #556 from assafnativ/nativ/fix_vs15_compilation
Hilko Bengen
- [Forensics-changes] [yara] 74/192: Add McAfee to the "who's using YARA" list
Hilko Bengen
- [Forensics-changes] [yara] 75/192: Merge branch 'master' of https://github.com/VirusTotal/yara
Hilko Bengen
- [Forensics-changes] [yara] 76/192: Fix issue #564
Hilko Bengen
- [Forensics-changes] [yara] 77/192: Implement —fail-on-warnings command-line argument
Hilko Bengen
- [Forensics-changes] [yara] 78/192: Merge pull request #554 from hillu/exceptions
Hilko Bengen
- [Forensics-changes] [yara] 79/192: Remove C99-only structure initialization
Hilko Bengen
- [Forensics-changes] [yara] 80/192: Update writingrules.rst
Hilko Bengen
- [Forensics-changes] [yara] 81/192: Minor grammar error - singular / plural
Hilko Bengen
- [Forensics-changes] [yara] 82/192: Merge pull request #571 from Neo23x0/patch-2
Hilko Bengen
- [Forensics-changes] [yara] 83/192: Merge pull request #568 from raviteja7/raviteja7-patch-1
Hilko Bengen
- [Forensics-changes] [yara] 84/192: Spelling (#582)
Hilko Bengen
- [Forensics-changes] [yara] 85/192: Add Payload Security to “who’s using YARA”
Hilko Bengen
- [Forensics-changes] [yara] 86/192: Fix issue #576
Hilko Bengen
- [Forensics-changes] [yara] 87/192: Fix issue #575
Hilko Bengen
- [Forensics-changes] [yara] 88/192: Fix indentation
Hilko Bengen
- [Forensics-changes] [yara] 89/192: Make sure that loop depth is greater than 0 before decrementing it.
Hilko Bengen
- [Forensics-changes] [yara] 90/192: Update grammars
Hilko Bengen
- [Forensics-changes] [yara] 91/192: added ESET to who is using yara (#578)
Hilko Bengen
- [Forensics-changes] [yara] 92/192: re_lexer: Make reading escape sequences more robust (#586)
Hilko Bengen
- [Forensics-changes] [yara] 93/192: Upgrade Mac OS X configuration in travis.yml to xcode7.3 as xcode7 is now deprecated.
Hilko Bengen
- [Forensics-changes] [yara] 94/192: Fix issue #597
Hilko Bengen
- [Forensics-changes] [yara] 95/192: Put loop variable declaration out of the “for” statement as required by C89.
Hilko Bengen
- [Forensics-changes] [yara] 96/192: Put loop variable declaration out of the “for” statement as required by C89.
Hilko Bengen
- [Forensics-changes] [yara] 97/192: Fix issues with __builtin_bswapXX functions not defined by all compilers
Hilko Bengen
- [Forensics-changes] [yara] 98/192: Fix issue introduced in previous commit.
Hilko Bengen
- [Forensics-changes] [yara] 99/192: Fix errors in endian.h
Hilko Bengen
- [Forensics-changes] [yara] 100/192: Don’t force the use of __builtin_bswapXX for gcc >= 4.8. Fix wrong function name.
Hilko Bengen
- [Forensics-changes] [yara] 101/192: Fix issue with Travis CI
Hilko Bengen
- [Forensics-changes] [yara] 102/192: Fix incorrect examples (#608)
Hilko Bengen
- [Forensics-changes] [yara] 103/192: Fix endian issues with section name extraction (#607)
Hilko Bengen
- [Forensics-changes] [yara] 104/192: Use the program headers to determine the physical offset of the ELF entry point (#606)
Hilko Bengen
- [Forensics-changes] [yara] 105/192: Minor spelling/grammar fixups. (#609)
Hilko Bengen
- [Forensics-changes] [yara] 106/192: Fix wrong examples in the documentation.
Hilko Bengen
- [Forensics-changes] [yara] 107/192: Document YR_NAMESPACE structure in C API (#616)
Hilko Bengen
- [Forensics-changes] [yara] 108/192: Fix issue #516
Hilko Bengen
- [Forensics-changes] [yara] 109/192: Improve test cases dealing with errors. Add test cases for invalid module names.
Hilko Bengen
- [Forensics-changes] [yara] 110/192: Merge branch 'master' of https://github.com/campt/yara into campt-master
Hilko Bengen
- [Forensics-changes] [yara] 112/192: Add some comments and do minor style improvements.
Hilko Bengen
- [Forensics-changes] [yara] 113/192: Expose rva_to_offset in PE module
Hilko Bengen
- [Forensics-changes] [yara] 114/192: Implement dotnet module
Hilko Bengen
- [Forensics-changes] [yara] 115/192: Make dotnet module optional
Hilko Bengen
- [Forensics-changes] [yara] 116/192: Do some re-styling in dotnet.c
Hilko Bengen
- [Forensics-changes] [yara] 117/192: Fix dead code and reduce number of return points in _pe_iterate_resources
Hilko Bengen
- [Forensics-changes] [yara] 118/192: Use set_sized_string for setting version in dot net module. (#621)
Hilko Bengen
- [Forensics-changes] [yara] 119/192: Update “Getting started” section in the documentation to mention dotnet module. Change link to Windows binaries.
Hilko Bengen
- [Forensics-changes] [yara] 120/192: Added command line argument for printing match lenght (#566)
Hilko Bengen
- [Forensics-changes] [yara] 121/192: Fix some style issues and add —print-string-length option to man page.
Hilko Bengen
- [Forensics-changes] [yara] 122/192: Refactor exports and new exports-related features to PE module.
Hilko Bengen
- [Forensics-changes] [yara] 123/192: Do some re-styling in pe.c
Hilko Bengen
- [Forensics-changes] [yara] 124/192: Remove unnecessary complexity.
Hilko Bengen
- [Forensics-changes] [yara] 126/192: Add missing endianness conversions
Hilko Bengen
- [Forensics-changes] [yara] 127/192: Fix ELF module issues on big endian system (#618)
Hilko Bengen
- [Forensics-changes] [yara] 128/192: Do some re-styling
Hilko Bengen
- [Forensics-changes] [yara] 129/192: Add test cases for PE module
Hilko Bengen
- [Forensics-changes] [yara] 130/192: Fix user after free bug
Hilko Bengen
- [Forensics-changes] [yara] 131/192: Rename exported_dlls to exported_functions
Hilko Bengen
- [Forensics-changes] [yara] 132/192: Fix bug in regexp engine introduced in recent changes.
Hilko Bengen
- [Forensics-changes] [yara] 133/192: Add missing NULL check, causing crash on truncated samples. (#589)
Hilko Bengen
- [Forensics-changes] [yara] 134/192: Fix build script so OSX builds don't get marked as failed (#587)
Hilko Bengen
- [Forensics-changes] [yara] 135/192: Linux Memory Scan Can Leave Process In Stopped State (#622)
Hilko Bengen
- [Forensics-changes] [yara] 136/192: Use the counter of actual constants that were added, not the ones that were attempted to be processed. (#628)
Hilko Bengen
- [Forensics-changes] [yara] 137/192: Added Tenable to Who's Using Yara (#633)
Hilko Bengen
- [Forensics-changes] [yara] 138/192: libyara.c: Fix openssl #include (#637)
Hilko Bengen
- [Forensics-changes] [yara] 139/192: Eliminate trailing space in hex string output (#638)
Hilko Bengen
- [Forensics-changes] [yara] 140/192: Declare as “static” global variables used within a single source file
Hilko Bengen
- [Forensics-changes] [yara] 141/192: Rename global variables to prevent naming conflicts
Hilko Bengen
- [Forensics-changes] [yara] 142/192: Fix conditional define
Hilko Bengen
- [Forensics-changes] [yara] 143/192: Fix warnings due to unused results from ‘write’ and ‘ftruncate’
Hilko Bengen
- [Forensics-changes] [yara] 144/192: Fix undefined behavior in hash (#642)
Hilko Bengen
- [Forensics-changes] [yara] 145/192: YR_TRYCATCH: Don't abort process if unrelated code triggers an exception while scanning. (Win32) (#643)
Hilko Bengen
- [Forensics-changes] [yara] 146/192: Fix issue #626
Hilko Bengen
- [Forensics-changes] [yara] 147/192: Keep misspelled symbol for API compatibility (#623)
Hilko Bengen
- [Forensics-changes] [yara] 148/192: Add comment to misspelled define directive
Hilko Bengen
- [Forensics-changes] [yara] 149/192: Allow defining MAX_THREADS during compile time
Hilko Bengen
- [Forensics-changes] [yara] 150/192: Remove unused struct field
Hilko Bengen
- [Forensics-changes] [yara] 151/192: Replace tab with spaces
Hilko Bengen
- [Forensics-changes] [yara] 152/192: Fix issue #647
Hilko Bengen
- [Forensics-changes] [yara] 153/192: Fix alignment tests
Hilko Bengen
- [Forensics-changes] [yara] 154/192: Fix issue with ERROR_TOO_MANY_RE_FIBERS being returned spuriously
Hilko Bengen
- [Forensics-changes] [yara] 155/192: Fix issue #646 (#648)
Hilko Bengen
- [Forensics-changes] [yara] 156/192: Refactor error returning in yr_re_exec
Hilko Bengen
- [Forensics-changes] [yara] 157/192: Handle return error in call to _yr_re_fiber_sync
Hilko Bengen
- [Forensics-changes] [yara] 158/192: Implement YR_TRYCATCH in terms of __try/__catch when using the Microsoft compiler (#639)
Hilko Bengen
- [Forensics-changes] [yara] 159/192: Add missing curly bracket
Hilko Bengen
- [Forensics-changes] [yara] 160/192: Set version number to 3.6.0
Hilko Bengen
- [Forensics-changes] [yara] 161/192: Change type from int to size_t
Hilko Bengen
- [Forensics-changes] [yara] 162/192: Fix wrong endianness conversion.
Hilko Bengen
- [Forensics-changes] [yara] 163/192: Make integer conversion explicit to avoid warnings
Hilko Bengen
- [Forensics-changes] [yara] 164/192: Make integer conversion explicit to avoid warnings
Hilko Bengen
- [Forensics-changes] [yara] 165/192: Fix variable length blob size offset (#651)
Hilko Bengen
- [Forensics-changes] [yara] 166/192: Fix assignment to uninitialized pointer (#652)
Hilko Bengen
- [Forensics-changes] [yara] 167/192: Handle malformed streams better. (#653)
Hilko Bengen
- [Forensics-changes] [yara] 168/192: Include yara/integers.h instead of stdint.h
Hilko Bengen
- [Forensics-changes] [yara] 169/192: Move variable definition to the beginning of code block
Hilko Bengen
- [Forensics-changes] [yara] 170/192: Move variable definitions to the beginning of code block
Hilko Bengen
- [Forensics-changes] [yara] 171/192: Fix issue #654
Hilko Bengen
- [Forensics-changes] [yara] 172/192: Fix issue #658
Hilko Bengen
- [Forensics-changes] [yara] 173/192: Improve legibility of object-related code
Hilko Bengen
- [Forensics-changes] [yara] 174/192: Fix issue #661
Hilko Bengen
- [Forensics-changes] [yara] 175/192: Fix warnings and minor code re-styling
Hilko Bengen
- [Forensics-changes] [yara] 176/192: Increase version number in librara.h
Hilko Bengen
- [Forensics-changes] [yara] 177/192: Remove dependencies from “config.h”
Hilko Bengen
- [Forensics-changes] [yara] 178/192: Add test case for making sure that version numbers in configure.ac and libyara.h are in sync
Hilko Bengen
- [Forensics-changes] [yara] 179/192: Remove unnecessary #include <config.h>
Hilko Bengen
- [Forensics-changes] [yara] 180/192: Remove unused file
Hilko Bengen
- [Forensics-changes] [yara] 181/192: Ignore stream names with no NULL byte. (#664)
Hilko Bengen
- [Forensics-changes] [yara] 182/192: Remove unnecessary #include <config.h>
Hilko Bengen
- [Forensics-changes] [yara] 183/192: Expose Windows executables generated by appveyor
Hilko Bengen
- [Forensics-changes] [yara] 184/192: Fix memory leak.
Hilko Bengen
- [Forensics-changes] [yara] 185/192: Add Coverity badge
Hilko Bengen
- [Forensics-changes] [yara] 187/192: Merge branch 'master' of https://github.com/VirusTotal/yara
Hilko Bengen
- [Forensics-changes] [yara] 188/192: Disable warning due to zero length array in Microsoft's compiler
Hilko Bengen
- [Forensics-changes] [yara] 189/192: Prevent warning due to possible loss of data while converting size_t to int16_t
Hilko Bengen
- [Forensics-changes] [yara] 190/192: Prevent warning due to macro redefinition
Hilko Bengen
- [Forensics-changes] [yara] 191/192: Small changes in documentation
Hilko Bengen
- [Forensics-changes] [yara] 192/192: Move variable declaration to beginning of block
Hilko Bengen
- [Forensics-changes] [yara] 01/17: Small changes in documentation
Hilko Bengen
- [Forensics-changes] [yara] 02/17: Make loop variable declaration C89-compliant
Hilko Bengen
- [Forensics-changes] [yara] 03/17: Make loop variable declaration C89-compliant
Hilko Bengen
- [Forensics-changes] [yara] 04/17: Fix issue #669
Hilko Bengen
- [Forensics-changes] [yara] 05/17: Fix issue #669
Hilko Bengen
- [Forensics-changes] [yara] 06/17: Add data file for test case
Hilko Bengen
- [Forensics-changes] [yara] 07/17: Add data file for test case
Hilko Bengen
- [Forensics-changes] [yara] 08/17: Make grammar improvements & wrap lines to 80char
Hilko Bengen
- [Forensics-changes] [yara] 09/17: Merge branch '3.6' of https://github.com/VirusTotal/yara into 3.6
Hilko Bengen
- [Forensics-changes] [yara] 10/17: Fix issue #674. Move regexp limits to limits.h.
Hilko Bengen
- [Forensics-changes] [yara] 11/17: Fix issue #674. Move regexp limits to limits.h.
Hilko Bengen
- [Forensics-changes] [yara] 12/17: Increase RE_MAX_AST_LEVELS from 1000 to 2000.
Hilko Bengen
- [Forensics-changes] [yara] 13/17: Fix issue #674 for hex strings.
Hilko Bengen
- [Forensics-changes] [yara] 14/17: Merge branch 'master' into 3.6
Hilko Bengen
- [Forensics-changes] [yara] 15/17: Initialize local variable to avoid random bytes from the stack from being saved to compiled rules in 32 bits mode.
Hilko Bengen
- [Forensics-changes] [yara] 16/17: Merge branch 'master' into 3.6
Hilko Bengen
- [Forensics-changes] [yara] 17/17: Increase version 3.6.0 --> 3.6.1
Hilko Bengen
- [Forensics-changes] [yara] 01/15: Check for header files in configure.ac
Hilko Bengen
- [Forensics-changes] [yara] 02/15: Fix buffer overrun (issue #678). Add assert for detecting this kind of issues earlier.
Hilko Bengen
- [Forensics-changes] [yara] 03/15: Increase RE_MAX_AST_LEVELS as discussed in https://github.com/VirusTotal/yara/issues/674
Hilko Bengen
- [Forensics-changes] [yara] 04/15: Fix build with LibreSSL
Hilko Bengen
- [Forensics-changes] [yara] 05/15: Fix issue #682.
Hilko Bengen
- [Forensics-changes] [yara] 06/15: Minor code re-styling
Hilko Bengen
- [Forensics-changes] [yara] 07/15: Remove unused variable
Hilko Bengen
- [Forensics-changes] [yara] 08/15: Add VMRay to "who's using YARA" list
Hilko Bengen
- [Forensics-changes] [yara] 09/15: Increase RE_MAX_AST_LEVELS
Hilko Bengen
- [Forensics-changes] [yara] 10/15: Fix typo in README.md
Hilko Bengen
- [Forensics-changes] [yara] 11/15: Fix issue #685
Hilko Bengen
- [Forensics-changes] [yara] 12/15: Fix issue with previous commit
Hilko Bengen
- [Forensics-changes] [yara] 13/15: Fix issue #684
Hilko Bengen
- [Forensics-changes] [yara] 14/15: Re-generate re_lexer.c
Hilko Bengen
- [Forensics-changes] [yara] 15/15: Increase version number 3.6.1 --> 3.6.2
Hilko Bengen
- [Forensics-changes] [yara] tag v3.0.0 created (now 8e85126)
Hilko Bengen
- [Forensics-changes] [yara] tag v3.2.0 created (now 344d27a)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v1.7.1 deleted (was bf2cd81)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v1.7.2 deleted (was 6271fdc)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v2.0.0-RC1 deleted (was c2b2262)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v2.1.0 deleted (was 6530e73)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v3.1.0 deleted (was 803c35d)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v3.3.0 deleted (was 85e913e)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v3.4.0 deleted (was 5bd0992)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag v3.5.0 deleted (was 86f37e1)
Hilko Bengen
- [Forensics-changes] [yara] tag v2.0.0 deleted (was d5dbefb)
Hilko Bengen
- [Forensics-changes] [yara] tag v3.0.0 deleted (was 8e85126)
Hilko Bengen
- [Forensics-changes] [yara] tag v3.2.0 deleted (was 344d27a)
Hilko Bengen
- [Forensics-changes] [rkhunter] branch master updated (5c7618d -> 6769cf3)
Francois Marier
- [Forensics-changes] [rkhunter] branch pristine-tar updated (28842f2 -> 293f9ac)
Francois Marier
- [Forensics-changes] [rkhunter] branch upstream updated (c459dfa -> eca1837)
Francois Marier
- [Forensics-changes] [rkhunter] annotated tag debian/1.4.4-1 created (now 3244f59)
Francois Marier
- [Forensics-changes] [rkhunter] annotated tag upstream/1.4.4 created (now 3b8d7f0)
Francois Marier
- [Forensics-changes] My Business
James.Angelone
- [Forensics-changes] [grokevt] branch debian/master updated (6de747e -> 3064d4d)
Samuel Henrique
- [Forensics-changes] [grokevt] branch debian/master updated (3064d4d -> 045c293)
Samuel Henrique
- [Forensics-changes] [grokevt] branch debian/master updated (045c293 -> cb9e76d)
Samuel Henrique
- [Forensics-changes] [yara] branch master updated (fc887e9 -> 7feadb1)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag debian/3.6.2+dfsg-4 created (now a6fb019)
Hilko Bengen
- [Forensics-changes] [rkhunter] branch master updated (6769cf3 -> c171c67)
Francois Marier
- [Forensics-changes] [rkhunter] annotated tag debian/1.4.4-2 created (now ad586de)
Francois Marier
- [Forensics-changes] [rkhunter] branch master updated (c171c67 -> 38bc1c1)
Francois Marier
- [Forensics-changes] [rkhunter] annotated tag debian/1.4.4-2 updated (ad586de -> 1d58a05)
Francois Marier
- [Forensics-changes] [yara] branch master updated (7feadb1 -> 65ad4c6)
Hilko Bengen
- [Forensics-changes] [yara] branch pristine-tar updated (6b63903 -> eb9db1a)
Hilko Bengen
- [Forensics-changes] [yara] branch upstream updated (897476f -> 854738e)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag debian/3.6.3+dfsg-1 created (now 9654cf0)
Hilko Bengen
- [Forensics-changes] [yara] annotated tag upstream/3.6.3+dfsg created (now 54dadc9)
Hilko Bengen
- [Forensics-changes] [rkhunter] branch jessie created (now 3aea530)
Francois Marier
- [Forensics-changes] [rkhunter] branch stretch created (now 4bc6a85)
Francois Marier
- [Forensics-changes] [rkhunter] branch wheezy created (now de66156)
Francois Marier
- [Forensics-changes] [rkhunter] annotated tag debian/1.4.2-0.4+deb8u1 created (now dbfc1e4)
Francois Marier
- [Forensics-changes] [rkhunter] annotated tag debian/1.4.2-6+deb9u1 created (now 69bb1db)
Francois Marier
- [Forensics-changes] [afflib] branch debian updated (37becd9 -> 4a331f8)
Joao Eriberto Mota Filho
- [Forensics-changes] [afflib] branch pristine-tar updated (0e0d1bf -> 6b25360)
Joao Eriberto Mota Filho
- [Forensics-changes] [afflib] branch upstream updated (c1aeddb -> c3dc622)
Joao Eriberto Mota Filho
- [Forensics-changes] [afflib] annotated tag debian/3.7.15-2 created (now fb3b34c)
Joao Eriberto Mota Filho
- [Forensics-changes] [afflib] annotated tag debian/3.7.16-1 created (now b8c9b01)
Joao Eriberto Mota Filho
- [Forensics-changes] [afflib] annotated tag upstream/3.7.16 created (now 350a397)
Joao Eriberto Mota Filho
- [Forensics-changes] [afflib] branch debian updated (4a331f8 -> a14d75c)
Joao Eriberto Mota Filho
- [Forensics-changes] [afflib] annotated tag debian/3.7.16-2 created (now 1bacaa9)
Joao Eriberto Mota Filho
- [Forensics-changes] [volatility] branch debian updated (46c80f3 -> 4c7e23c)
Joao Eriberto Mota Filho
- [Forensics-changes] [volatility] branch pristine-tar updated (839c6f2 -> 45ed912)
Joao Eriberto Mota Filho
- [Forensics-changes] [volatility] branch upstream updated (20b72c2 -> 07cbdb2)
Joao Eriberto Mota Filho
- [Forensics-changes] [volatility] annotated tag debian/2.6+git20170711.b3db0cc-1 created (now 3102968)
Joao Eriberto Mota Filho
- [Forensics-changes] [volatility] annotated tag upstream/2.6+git20170711.b3db0cc created (now 358709b)
Joao Eriberto Mota Filho
- [Forensics-changes] [forensics-all] branch debian updated (3dcb357 -> bcdc88d)
Joao Eriberto Mota Filho
- [Forensics-changes] [forensics-all] annotated tag debian/1.6 created (now 9e755f8)
Joao Eriberto Mota Filho
- [Forensics-changes] [bruteforce-salted-openssl] branch debian updated (091d72f -> 63cc333)
Joao Eriberto Mota Filho
- [Forensics-changes] [bruteforce-salted-openssl] branch pristine-tar updated (0d50654 -> 6870e00)
Joao Eriberto Mota Filho
- [Forensics-changes] [bruteforce-salted-openssl] branch upstream updated (20d86cb -> 7a41b1e)
Joao Eriberto Mota Filho
- [Forensics-changes] [bruteforce-salted-openssl] annotated tag debian/1.4.0-1 created (now 4f4f192)
Joao Eriberto Mota Filho
- [Forensics-changes] [bruteforce-salted-openssl] annotated tag upstream/1.4.0 created (now 294a19f)
Joao Eriberto Mota Filho
Last message date:
Wed Jul 26 13:50:02 UTC 2017
Archived on: Wed Jul 26 13:50:05 UTC 2017
This archive was generated by
Pipermail 0.09 (Mailman edition).