diff options
-rw-r--r-- | src/analysis/scan/exprs/handler.c | 23 | ||||
-rw-r--r-- | src/analysis/scan/exprs/handler.h | 3 | ||||
-rw-r--r-- | src/analysis/scan/grammar.y | 9 | ||||
-rw-r--r-- | tests/analysis/scan/fuzzing.py | 20 |
4 files changed, 54 insertions, 1 deletions
diff --git a/src/analysis/scan/exprs/handler.c b/src/analysis/scan/exprs/handler.c index ea24443..ecc5a21 100644 --- a/src/analysis/scan/exprs/handler.c +++ b/src/analysis/scan/exprs/handler.c @@ -248,6 +248,29 @@ bool g_scan_pattern_handler_create(GScanPatternHandler *handler, GSearchPattern /****************************************************************************** * * * Paramètres : handler = instance à initialiser pleinement. * +* * +* Description : Indique le type de manipulation de correspondances spécifié. * +* * +* Retour : Type de manipulation de correspondances représentée. * +* * +* Remarques : - * +* * +******************************************************************************/ + +ScanHandlerType g_scan_pattern_handler_get_handler_type(const GScanPatternHandler *handler) +{ + ScanHandlerType result; /* Nature à retourner */ + + result = handler->type; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : handler = instance à initialiser pleinement. * * ctx = contexte de suivi de l'analyse courante. * * count = quantité de correspondances enregistrées. [OUT] * * * diff --git a/src/analysis/scan/exprs/handler.h b/src/analysis/scan/exprs/handler.h index 407ccdc..24c4e8f 100644 --- a/src/analysis/scan/exprs/handler.h +++ b/src/analysis/scan/exprs/handler.h @@ -62,6 +62,9 @@ GType g_scan_pattern_handler_get_type(void); /* Met en place une manipulation de correspondances établies. */ GScanExpression *g_scan_pattern_handler_new(GSearchPattern ** const, size_t, ScanHandlerType); +/* Indique le type de manipulation de correspondances spécifié. */ +ScanHandlerType g_scan_pattern_handler_get_handler_type(const GScanPatternHandler *); + /* Fournit la liste de toutes les correspondances représentées. */ GScanMatch **g_scan_pattern_handler_get_all_matches(const GScanPatternHandler *, GScanContext *, size_t *); diff --git a/src/analysis/scan/grammar.y b/src/analysis/scan/grammar.y index 801898f..8380a81 100644 --- a/src/analysis/scan/grammar.y +++ b/src/analysis/scan/grammar.y @@ -1541,11 +1541,18 @@ relational_expr : cexpression "<" cexpression { $$ = $1; } - | pattern_handler "[" cexpression "]" + | _pattern_handler "[" cexpression "]" { + if (g_scan_pattern_handler_get_handler_type(G_SCAN_PATTERN_HANDLER($1)) == SHT_COUNTER) + { + raise_error("Match counts can not get indexed"); + YYERROR; + } + $$ = g_scan_set_item_new($1, $3); g_object_unref(G_OBJECT($1)); g_object_unref(G_OBJECT($3)); + } ; diff --git a/tests/analysis/scan/fuzzing.py b/tests/analysis/scan/fuzzing.py index 1bebdd3..1b9b25b 100644 --- a/tests/analysis/scan/fuzzing.py +++ b/tests/analysis/scan/fuzzing.py @@ -267,3 +267,23 @@ rule test { ''' self.check_rule_failure(rule) + + + def testCountIndex(self): + """Ban pattern count indexes from the grammer.""" + + rule = ''' +rule test { + + bytes: + $a = "1" + + condition: + #*[0] + +} +''' + + with self.assertRaisesRegex(ValueError, 'Unable to create content scanner'): + + scanner = ContentScanner(rule) |