summaryrefslogtreecommitdiff
path: root/src/analysis/scan/core.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/analysis/scan/core.c')
-rw-r--r--src/analysis/scan/core.c102
1 files changed, 78 insertions, 24 deletions
diff --git a/src/analysis/scan/core.c b/src/analysis/scan/core.c
index da3cf00..2b4fd92 100644
--- a/src/analysis/scan/core.c
+++ b/src/analysis/scan/core.c
@@ -30,6 +30,8 @@
#include "items/count.h"
#include "items/datasize.h"
+#include "items/maxcommon.h"
+#include "items/modpath.h"
#include "items/uint.h"
#include "items/console/log.h"
#ifdef INCLUDE_MAGIC_SUPPORT
@@ -41,18 +43,23 @@
#include "items/string/lower.h"
#include "items/string/to_int.h"
#include "items/string/upper.h"
+#include "items/string/wide.h"
#include "items/time/make.h"
#include "items/time/now.h"
#include "patterns/modifiers/hex.h"
+#include "patterns/modifiers/lower.h"
#include "patterns/modifiers/plain.h"
#include "patterns/modifiers/rev.h"
+#include "patterns/modifiers/upper.h"
+#include "patterns/modifiers/wide.h"
+#include "patterns/modifiers/xor.h"
/* Liste des modificateurs disponibles */
typedef struct _available_modifier_t
{
- char *name; /* Désignation humaine */
+ sized_string_t name; /* Désignation humaine */
GScanTokenModifier *instance; /* Mécanisme correspondant */
} available_modifier_t;
@@ -76,18 +83,19 @@ static size_t __modifiers_count = 0;
bool register_scan_token_modifier(GScanTokenModifier *modifier)
{
bool result; /* Bilan à retourner */
- char *name; /* Nom donné au modificateur */
+ sized_string_t name; /* Nom donné au modificateur */
GScanTokenModifier *found; /* Alternative présente */
available_modifier_t *last; /* Emplacement disponible */
- name = g_scan_token_modifier_get_name(modifier);
+ name.data = g_scan_token_modifier_get_name(modifier);
+ name.len = strlen(name.data);
- found = find_scan_token_modifiers_for_name(name);
+ found = find_scan_token_modifiers_for_name(&name);
result = (found == NULL);
if (!result)
- free(name);
+ exit_szstr(&name);
else
{
@@ -126,17 +134,52 @@ bool load_all_known_scan_token_modifiers(void)
result = true;
-#define REGISTER_SCAN_MODIFIER(m) \
- ({ \
- bool __status; \
- __status = register_scan_token_modifier(m); \
- g_object_unref(G_OBJECT(m)); \
- __status; \
+#define REGISTER_SCAN_MODIFIER(m) \
+ ({ \
+ GScanTokenModifier *__mod; \
+ bool __status; \
+ __mod = m; \
+ __status = register_scan_token_modifier(__mod); \
+ g_object_unref(G_OBJECT(__mod)); \
+ __status; \
})
if (result) result = REGISTER_SCAN_MODIFIER(g_scan_hex_modifier_new());
+ if (result) result = REGISTER_SCAN_MODIFIER(g_scan_lower_modifier_new());
if (result) result = REGISTER_SCAN_MODIFIER(g_scan_plain_modifier_new());
if (result) result = REGISTER_SCAN_MODIFIER(g_scan_reverse_modifier_new());
+ if (result) result = REGISTER_SCAN_MODIFIER(g_scan_upper_modifier_new());
+ if (result) result = REGISTER_SCAN_MODIFIER(g_scan_wide_modifier_new());
+ if (result) result = REGISTER_SCAN_MODIFIER(g_scan_xor_modifier_new());
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : count = nombre de motificateurs exportés. [OUT] *
+* *
+* Description : Fournit la désignation de l'ensemble des modificateurs. *
+* *
+* Retour : Liste de modificateurs enregistrés. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+char **list_all_scan_token_modifiers(size_t *count)
+{
+ char **result; /* Liste à retourner */
+ size_t i; /* Boucle de parcours */
+
+ result = malloc(__modifiers_count * sizeof(char *));
+
+ *count = __modifiers_count;
+
+ for (i = 0; i < __modifiers_count; i++)
+ result[i] = strndup(__modifiers[i].name.data, __modifiers[i].name.len);
return result;
@@ -160,7 +203,10 @@ void unload_all_scan_token_modifiers(void)
size_t i; /* Boucle de parcours */
for (i = 0; i < __modifiers_count; i++)
+ {
+ exit_szstr(&__modifiers[i].name);
g_object_unref(G_OBJECT(__modifiers[i].instance));
+ }
if (__modifiers != NULL)
free(__modifiers);
@@ -180,7 +226,7 @@ void unload_all_scan_token_modifiers(void)
* *
******************************************************************************/
-GScanTokenModifier *find_scan_token_modifiers_for_name(const char *name)
+GScanTokenModifier *find_scan_token_modifiers_for_name(const sized_string_t *name)
{
GScanTokenModifier *result; /* Instance à renvoyer */
size_t i; /* Boucle de parcours */
@@ -192,7 +238,10 @@ GScanTokenModifier *find_scan_token_modifiers_for_name(const char *name)
{
registered = __modifiers + i;
- if (strcmp(registered->name, name) == 0)
+ if (registered->name.len != name->len)
+ continue;
+
+ if (strncmp(registered->name.data, name->data, name->len) == 0)
{
result = registered->instance;
g_object_ref(G_OBJECT(result));
@@ -225,16 +274,20 @@ bool populate_main_scan_namespace(GScanNamespace *space)
result = true;
-#define REGISTER_FUNC(s, f) \
- ({ \
- bool __result; \
- __result = g_scan_namespace_register_item(s, f); \
- g_object_unref(G_OBJECT(f)); \
- __result; \
+#define REGISTER_FUNC(s, f) \
+ ({ \
+ GScanRegisteredItem *__item; \
+ bool __result; \
+ __item = f; \
+ __result = g_scan_namespace_register_item(s, __item); \
+ g_object_unref(G_OBJECT(__item)); \
+ __result; \
})
if (result) result = REGISTER_FUNC(space, g_scan_count_function_new());
if (result) result = REGISTER_FUNC(space, g_scan_datasize_function_new());
+ if (result) result = REGISTER_FUNC(space, g_scan_maxcommon_function_new());
+ if (result) result = REGISTER_FUNC(space, g_scan_modpath_function_new());
if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_8_BITS_SIGNED, SRE_LITTLE));
if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_8_BITS_UNSIGNED, SRE_LITTLE));
@@ -259,7 +312,7 @@ bool populate_main_scan_namespace(GScanNamespace *space)
if (result)
{
ns = g_scan_namespace_new("console");
- result = g_scan_namespace_register_item(space, G_REGISTERED_ITEM(ns));
+ result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns));
if (result) result = REGISTER_FUNC(ns, g_scan_console_log_function_new());
@@ -273,7 +326,7 @@ bool populate_main_scan_namespace(GScanNamespace *space)
if (result)
{
ns = g_scan_namespace_new("magic");
- result = g_scan_namespace_register_item(space, G_REGISTERED_ITEM(ns));
+ result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns));
if (result) result = REGISTER_FUNC(ns, g_scan_magic_type_function_new());
if (result) result = REGISTER_FUNC(ns, g_scan_mime_encoding_function_new());
@@ -289,7 +342,7 @@ bool populate_main_scan_namespace(GScanNamespace *space)
if (result)
{
ns = g_scan_namespace_new("math");
- result = g_scan_namespace_register_item(space, G_REGISTERED_ITEM(ns));
+ result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns));
if (result) result = REGISTER_FUNC(ns, g_scan_math_to_string_function_new());
@@ -302,11 +355,12 @@ bool populate_main_scan_namespace(GScanNamespace *space)
if (result)
{
ns = g_scan_namespace_new("string");
- result = g_scan_namespace_register_item(space, G_REGISTERED_ITEM(ns));
+ result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns));
if (result) result = REGISTER_FUNC(ns, g_scan_string_lower_function_new());
if (result) result = REGISTER_FUNC(ns, g_scan_string_to_int_function_new());
if (result) result = REGISTER_FUNC(ns, g_scan_string_upper_function_new());
+ if (result) result = REGISTER_FUNC(ns, g_scan_string_wide_function_new());
g_object_unref(G_OBJECT(ns));
@@ -317,7 +371,7 @@ bool populate_main_scan_namespace(GScanNamespace *space)
if (result)
{
ns = g_scan_namespace_new("time");
- result = g_scan_namespace_register_item(space, G_REGISTERED_ITEM(ns));
+ result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns));
if (result) result = REGISTER_FUNC(ns, g_scan_time_make_function_new());
if (result) result = REGISTER_FUNC(ns, g_scan_time_now_function_new());
generated by cgit v0.11.2-87-g4458 at 2025-12-16 05:56:09 (GMT)