diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2023-10-11 23:16:21 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2023-10-11 23:16:21 (GMT) |
commit | ab6b87b7309e2d00926615f6557016bee6ab0b71 (patch) | |
tree | bf69b93d2f0548fc845e68ae1e8519bd33d1da24 /src/analysis/scan/matches | |
parent | 404097b7b07b336b427b3682ec2bc48d831cb2e9 (diff) |
Add two new functions to ROST grammar: modpath and maxcommon.
Diffstat (limited to 'src/analysis/scan/matches')
-rw-r--r-- | src/analysis/scan/matches/bytes-int.h | 3 | ||||
-rw-r--r-- | src/analysis/scan/matches/bytes.c | 56 | ||||
-rw-r--r-- | src/analysis/scan/matches/bytes.h | 6 | ||||
-rw-r--r-- | src/analysis/scan/matches/pending.c | 55 | ||||
-rw-r--r-- | src/analysis/scan/matches/pending.h | 6 |
5 files changed, 122 insertions, 4 deletions
diff --git a/src/analysis/scan/matches/bytes-int.h b/src/analysis/scan/matches/bytes-int.h index 6f7e60b..f57cb9f 100644 --- a/src/analysis/scan/matches/bytes-int.h +++ b/src/analysis/scan/matches/bytes-int.h @@ -42,6 +42,9 @@ struct _GScanBytesMatch phys_t start; /* Début du motif représenté */ phys_t len; /* Taille du motif représenté */ + size_t mod_path_index; /* Indice de construction */ + bool has_mod_path; /* Validité du champ précédent */ + }; /* Correspondance trouvée avec une chaîne (classe) */ diff --git a/src/analysis/scan/matches/bytes.c b/src/analysis/scan/matches/bytes.c index de101c4..f0b97fe 100644 --- a/src/analysis/scan/matches/bytes.c +++ b/src/analysis/scan/matches/bytes.c @@ -30,6 +30,7 @@ #include "bytes-int.h" +#include "../patterns/token.h" #include "../../../common/cpp.h" #include "../../../core/logs.h" @@ -121,6 +122,8 @@ static void g_scan_bytes_match_init(GScanBytesMatch *match) match->start = VMPA_NO_PHYSICAL; match->len = VMPA_NO_PHYSICAL; + match->has_mod_path = false; + } @@ -285,6 +288,59 @@ phys_t g_scan_bytes_match_get_location(const GScanBytesMatch *match, phys_t *sta } +/****************************************************************************** +* * +* Paramètres : match = informations de correspondance à compléter. * +* index = indice de la combinaison de modificateurs ciblée. * +* * +* Description : Mémorise l'origine d'une correspondance à partir d'un indice.* +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void g_scan_bytes_match_remember_modifier_path(GScanBytesMatch *match, size_t index) +{ + match->mod_path_index = index; + match->has_mod_path = true; + +} + + +/****************************************************************************** +* * +* Paramètres : match = informations de correspondance à consulter. * +* * +* Description : Retrouve l'origine d'une correspondance à partir d'un indice.* +* * +* Retour : Version humainement lisible de la combinaison gagnante. * +* * +* Remarques : - * +* * +******************************************************************************/ + +char *g_scan_bytes_match_get_modifier_path(const GScanBytesMatch *match) +{ + char *result; /* Combinaison à retourner */ + GBytesToken *pattern; /* Autre version du motif */ + + if (match->has_mod_path) + { + pattern = G_BYTES_TOKEN(G_SCAN_MATCH(match)->source); + result = g_bytes_token_get_modifier_path(pattern, match->mod_path_index); + } + + else + result = NULL; + + return result; + +} + + + /* ---------------------------------------------------------------------------------- */ /* IMPLEMENTATION DES FONCTIONS DE CLASSE */ /* ---------------------------------------------------------------------------------- */ diff --git a/src/analysis/scan/matches/bytes.h b/src/analysis/scan/matches/bytes.h index e599ee4..bd7425d 100644 --- a/src/analysis/scan/matches/bytes.h +++ b/src/analysis/scan/matches/bytes.h @@ -60,6 +60,12 @@ GBinContent *g_scan_bytes_match_get_content(const GScanBytesMatch *); /* Indique la localisation d'une correspondance établie. */ phys_t g_scan_bytes_match_get_location(const GScanBytesMatch *, phys_t *, phys_t *); +/* Mémorise l'origine d'une correspondance à partir d'un indice. */ +void g_scan_bytes_match_remember_modifier_path(GScanBytesMatch *, size_t); + +/* Retrouve l'origine d'une correspondance à partir d'un indice. */ +char *g_scan_bytes_match_get_modifier_path(const GScanBytesMatch *); + #endif /* _ANALYSIS_SCAN_MATCHES_BYTES_H */ diff --git a/src/analysis/scan/matches/pending.c b/src/analysis/scan/matches/pending.c index 9ed4de3..57c63d7 100644 --- a/src/analysis/scan/matches/pending.c +++ b/src/analysis/scan/matches/pending.c @@ -48,10 +48,6 @@ static int compare_match_area(const match_area_t *, const match_area_t *); - - - - /* ---------------------------------------------------------------------------------- */ /* MEMORISATION D'UNE ZONE BORNEE */ /* ---------------------------------------------------------------------------------- */ @@ -82,6 +78,12 @@ static int compare_match_area(const match_area_t *a, const match_area_t *b) if (result == 0) result = sort_unsigned_long_long(a->ttl, b->ttl); + if (result == 0) + result = sort_unsigned_long_long(a->has_mod_path, b->has_mod_path); + + if (result == 0) + result = sort_unsigned_long_long(a->mod_path_index, b->mod_path_index); + return result; } @@ -293,6 +295,51 @@ void add_pending_match(pending_matches_t *matches, phys_t start, phys_t length) area->ttl = 1; + area->has_mod_path = false; + +} + + +/****************************************************************************** +* * +* Paramètres : matches = suivi de correspondances à compléter. * +* start = point de départ d'une nouvelle correspondance. * +* length = taille de la zone couverte. * +* index = indice de construction pour le motif concerné. * +* * +* Description : Ajoute au suivi la définition d'une nouvelle correspondance. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void add_pending_match_with_path(pending_matches_t *matches, phys_t start, phys_t length, size_t index) +{ + match_area_t *area; /* Zone à initialiser */ + + if (matches->used == matches->allocated) + { + matches->allocated += PENDING_ALLOC_SIZE; + + matches->areas = realloc(matches->areas, matches->allocated * sizeof(match_area_t)); + + } + + area = &matches->areas[matches->used++]; + + area->start = start; + area->end = start + length; + + assert(matches->content_start <= area->start); + assert(area->end <= matches->content_end); + + area->ttl = 1; + + area->mod_path_index = index; + area->has_mod_path = true; + } diff --git a/src/analysis/scan/matches/pending.h b/src/analysis/scan/matches/pending.h index 6df01c9..f4ac7a2 100644 --- a/src/analysis/scan/matches/pending.h +++ b/src/analysis/scan/matches/pending.h @@ -41,6 +41,9 @@ typedef struct _match_area_t unsigned long ttl; /* Durée de vie pour analyse */ + size_t mod_path_index; /* Indice de construction */ + bool has_mod_path; /* Validité du champ précédent */ + } match_area_t; /* Suivi de correspondances */ @@ -86,6 +89,9 @@ match_area_t * const *get_all_pending_matches(const pending_matches_t *, size_t /* Ajoute au suivi la définition d'une nouvelle correspondance. */ void add_pending_match(pending_matches_t *, phys_t, phys_t); +/* Ajoute au suivi la définition d'une nouvelle correspondance. */ +void add_pending_match_with_path(pending_matches_t *, phys_t, phys_t, size_t); + /* Etend une zone couverte dans le suivi des correspondances. */ void extend_pending_match_beginning(pending_matches_t *, size_t, phys_t); |