summaryrefslogtreecommitdiff
path: root/src/analysis/scan/items/string
diff options
context:
space:
mode:
Diffstat (limited to 'src/analysis/scan/items/string')
-rw-r--r--src/analysis/scan/items/string/Makefile.am3
-rw-r--r--src/analysis/scan/items/string/lower.c10
-rw-r--r--src/analysis/scan/items/string/lower.h6
-rw-r--r--src/analysis/scan/items/string/to_int.c10
-rw-r--r--src/analysis/scan/items/string/to_int.h6
-rw-r--r--src/analysis/scan/items/string/upper.c10
-rw-r--r--src/analysis/scan/items/string/upper.h6
-rw-r--r--src/analysis/scan/items/string/wide.c270
-rw-r--r--src/analysis/scan/items/string/wide.h58
9 files changed, 354 insertions, 25 deletions
diff --git a/src/analysis/scan/items/string/Makefile.am b/src/analysis/scan/items/string/Makefile.am
index c9ce6a3..6f8d6c5 100644
--- a/src/analysis/scan/items/string/Makefile.am
+++ b/src/analysis/scan/items/string/Makefile.am
@@ -5,7 +5,8 @@ noinst_LTLIBRARIES = libanalysisscanitemsstring.la
libanalysisscanitemsstring_la_SOURCES = \
lower.h lower.c \
to_int.h to_int.c \
- upper.h upper.c
+ upper.h upper.c \
+ wide.h wide.c
libanalysisscanitemsstring_la_CFLAGS = $(LIBGOBJ_CFLAGS)
diff --git a/src/analysis/scan/items/string/lower.c b/src/analysis/scan/items/string/lower.c
index be8b133..241d87a 100644
--- a/src/analysis/scan/items/string/lower.c
+++ b/src/analysis/scan/items/string/lower.c
@@ -66,7 +66,7 @@ static bool g_scan_string_lower_function_run_call(GScanStringLowerFunction *, GS
/* Indique le type défini pour une bascule de la casse d'une suite de caractères. */
-G_DEFINE_TYPE(GScanStringLowerFunction, g_scan_string_lower_function, G_TYPE_REGISTERED_ITEM);
+G_DEFINE_TYPE(GScanStringLowerFunction, g_scan_string_lower_function, G_TYPE_SCAN_REGISTERED_ITEM);
/******************************************************************************
@@ -84,14 +84,14 @@ G_DEFINE_TYPE(GScanStringLowerFunction, g_scan_string_lower_function, G_TYPE_REG
static void g_scan_string_lower_function_class_init(GScanStringLowerFunctionClass *klass)
{
GObjectClass *object; /* Autre version de la classe */
- GRegisteredItemClass *registered; /* Version de classe parente */
+ GScanRegisteredItemClass *registered; /* Version de classe parente */
object = G_OBJECT_CLASS(klass);
object->dispose = (GObjectFinalizeFunc/* ! */)g_scan_string_lower_function_dispose;
object->finalize = (GObjectFinalizeFunc)g_scan_string_lower_function_finalize;
- registered = G_REGISTERED_ITEM_CLASS(klass);
+ registered = G_SCAN_REGISTERED_ITEM_CLASS(klass);
registered->get_name = (get_registered_item_name_fc)g_scan_string_lower_function_get_name;
registered->run_call = (run_registered_item_call_fc)g_scan_string_lower_function_run_call;
@@ -167,9 +167,9 @@ static void g_scan_string_lower_function_finalize(GScanStringLowerFunction *func
* *
******************************************************************************/
-GRegisteredItem *g_scan_string_lower_function_new(void)
+GScanRegisteredItem *g_scan_string_lower_function_new(void)
{
- GRegisteredItem *result; /* Structure à retourner */
+ GScanRegisteredItem *result; /* Structure à retourner */
result = g_object_new(G_TYPE_SCAN_STRING_LOWER_FUNCTION, NULL);
diff --git a/src/analysis/scan/items/string/lower.h b/src/analysis/scan/items/string/lower.h
index f844a65..b9eb00a 100644
--- a/src/analysis/scan/items/string/lower.h
+++ b/src/analysis/scan/items/string/lower.h
@@ -41,17 +41,17 @@
/* Bascule d'une suite de caractères en minuscules (instance) */
-typedef GRegisteredItem GScanStringLowerFunction;
+typedef GScanRegisteredItem GScanStringLowerFunction;
/* Bascule d'une suite de caractères en minuscules (classe) */
-typedef GRegisteredItemClass GScanStringLowerFunctionClass;
+typedef GScanRegisteredItemClass GScanStringLowerFunctionClass;
/* Indique le type défini pour une bascule de la casse d'une suite de caractères. */
GType g_scan_string_lower_function_get_type(void);
/* Constitue une fonction de bascule de lettres en minuscules. */
-GRegisteredItem *g_scan_string_lower_function_new(void);
+GScanRegisteredItem *g_scan_string_lower_function_new(void);
diff --git a/src/analysis/scan/items/string/to_int.c b/src/analysis/scan/items/string/to_int.c
index 8031d4d..150fd06 100644
--- a/src/analysis/scan/items/string/to_int.c
+++ b/src/analysis/scan/items/string/to_int.c
@@ -66,7 +66,7 @@ static bool g_scan_string_to_int_function_run_call(GScanStringToIntFunction *, G
/* Indique le type défini pour une conversion de texte en entier. */
-G_DEFINE_TYPE(GScanStringToIntFunction, g_scan_string_to_int_function, G_TYPE_REGISTERED_ITEM);
+G_DEFINE_TYPE(GScanStringToIntFunction, g_scan_string_to_int_function, G_TYPE_SCAN_REGISTERED_ITEM);
/******************************************************************************
@@ -84,14 +84,14 @@ G_DEFINE_TYPE(GScanStringToIntFunction, g_scan_string_to_int_function, G_TYPE_RE
static void g_scan_string_to_int_function_class_init(GScanStringToIntFunctionClass *klass)
{
GObjectClass *object; /* Autre version de la classe */
- GRegisteredItemClass *registered; /* Version de classe parente */
+ GScanRegisteredItemClass *registered; /* Version de classe parente */
object = G_OBJECT_CLASS(klass);
object->dispose = (GObjectFinalizeFunc/* ! */)g_scan_string_to_int_function_dispose;
object->finalize = (GObjectFinalizeFunc)g_scan_string_to_int_function_finalize;
- registered = G_REGISTERED_ITEM_CLASS(klass);
+ registered = G_SCAN_REGISTERED_ITEM_CLASS(klass);
registered->get_name = (get_registered_item_name_fc)g_scan_string_to_int_function_get_name;
registered->run_call = (run_registered_item_call_fc)g_scan_string_to_int_function_run_call;
@@ -167,9 +167,9 @@ static void g_scan_string_to_int_function_finalize(GScanStringToIntFunction *fun
* *
******************************************************************************/
-GRegisteredItem *g_scan_string_to_int_function_new(void)
+GScanRegisteredItem *g_scan_string_to_int_function_new(void)
{
- GRegisteredItem *result; /* Structure à retourner */
+ GScanRegisteredItem *result; /* Structure à retourner */
result = g_object_new(G_TYPE_SCAN_STRING_TO_INT_FUNCTION, NULL);
diff --git a/src/analysis/scan/items/string/to_int.h b/src/analysis/scan/items/string/to_int.h
index 143da44..ffd971b 100644
--- a/src/analysis/scan/items/string/to_int.h
+++ b/src/analysis/scan/items/string/to_int.h
@@ -41,17 +41,17 @@
/* Conversion d'une valeur textuelle en valeur entière (instance) */
-typedef GRegisteredItem GScanStringToIntFunction;
+typedef GScanRegisteredItem GScanStringToIntFunction;
/* Conversion d'une valeur textuelle en valeur entière (classe) */
-typedef GRegisteredItemClass GScanStringToIntFunctionClass;
+typedef GScanRegisteredItemClass GScanStringToIntFunctionClass;
/* Indique le type défini pour une conversion de texte en entier. */
GType g_scan_string_to_int_function_get_type(void);
/* Crée une fonction de conversion de texte en valeur entière. */
-GRegisteredItem *g_scan_string_to_int_function_new(void);
+GScanRegisteredItem *g_scan_string_to_int_function_new(void);
diff --git a/src/analysis/scan/items/string/upper.c b/src/analysis/scan/items/string/upper.c
index 2ddd0dc..d09ae00 100644
--- a/src/analysis/scan/items/string/upper.c
+++ b/src/analysis/scan/items/string/upper.c
@@ -66,7 +66,7 @@ static bool g_scan_string_upper_function_run_call(GScanStringUpperFunction *, GS
/* Indique le type défini pour une bascule de la casse d'une suite de caractères. */
-G_DEFINE_TYPE(GScanStringUpperFunction, g_scan_string_upper_function, G_TYPE_REGISTERED_ITEM);
+G_DEFINE_TYPE(GScanStringUpperFunction, g_scan_string_upper_function, G_TYPE_SCAN_REGISTERED_ITEM);
/******************************************************************************
@@ -84,14 +84,14 @@ G_DEFINE_TYPE(GScanStringUpperFunction, g_scan_string_upper_function, G_TYPE_REG
static void g_scan_string_upper_function_class_init(GScanStringUpperFunctionClass *klass)
{
GObjectClass *object; /* Autre version de la classe */
- GRegisteredItemClass *registered; /* Version de classe parente */
+ GScanRegisteredItemClass *registered; /* Version de classe parente */
object = G_OBJECT_CLASS(klass);
object->dispose = (GObjectFinalizeFunc/* ! */)g_scan_string_upper_function_dispose;
object->finalize = (GObjectFinalizeFunc)g_scan_string_upper_function_finalize;
- registered = G_REGISTERED_ITEM_CLASS(klass);
+ registered = G_SCAN_REGISTERED_ITEM_CLASS(klass);
registered->get_name = (get_registered_item_name_fc)g_scan_string_upper_function_get_name;
registered->run_call = (run_registered_item_call_fc)g_scan_string_upper_function_run_call;
@@ -167,9 +167,9 @@ static void g_scan_string_upper_function_finalize(GScanStringUpperFunction *func
* *
******************************************************************************/
-GRegisteredItem *g_scan_string_upper_function_new(void)
+GScanRegisteredItem *g_scan_string_upper_function_new(void)
{
- GRegisteredItem *result; /* Structure à retourner */
+ GScanRegisteredItem *result; /* Structure à retourner */
result = g_object_new(G_TYPE_SCAN_STRING_UPPER_FUNCTION, NULL);
diff --git a/src/analysis/scan/items/string/upper.h b/src/analysis/scan/items/string/upper.h
index 4f6e4bc..4fdeb09 100644
--- a/src/analysis/scan/items/string/upper.h
+++ b/src/analysis/scan/items/string/upper.h
@@ -41,17 +41,17 @@
/* Bascule d'une suite de caractères en majuscules (instance) */
-typedef GRegisteredItem GScanStringUpperFunction;
+typedef GScanRegisteredItem GScanStringUpperFunction;
/* Bascule d'une suite de caractères en majuscules (classe) */
-typedef GRegisteredItemClass GScanStringUpperFunctionClass;
+typedef GScanRegisteredItemClass GScanStringUpperFunctionClass;
/* Indique le type défini pour une bascule de la casse d'une suite de caractères. */
GType g_scan_string_upper_function_get_type(void);
/* Constitue une fonction de bascule de lettres en majuscules. */
-GRegisteredItem *g_scan_string_upper_function_new(void);
+GScanRegisteredItem *g_scan_string_upper_function_new(void);
diff --git a/src/analysis/scan/items/string/wide.c b/src/analysis/scan/items/string/wide.c
new file mode 100644
index 0000000..378f21c
--- /dev/null
+++ b/src/analysis/scan/items/string/wide.c
@@ -0,0 +1,270 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * wide.c - bascule de texte ASCII en UTF-16
+ *
+ * Copyright (C) 2023 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "wide.h"
+
+
+#include <ctype.h>
+
+
+#include "../../item-int.h"
+#include "../../exprs/literal.h"
+
+
+
+/* ---------------------- INTRODUCTION D'UNE NOUVELLE FONCTION ---------------------- */
+
+
+/* Initialise la classe des bascules de texte ASCII en UTF-16. */
+static void g_scan_string_wide_function_class_init(GScanStringWideFunctionClass *);
+
+/* Initialise une instance de bascule de texte ASCII en UTF-16. */
+static void g_scan_string_wide_function_init(GScanStringWideFunction *);
+
+/* Supprime toutes les références externes. */
+static void g_scan_string_wide_function_dispose(GScanStringWideFunction *);
+
+/* Procède à la libération totale de la mémoire. */
+static void g_scan_string_wide_function_finalize(GScanStringWideFunction *);
+
+
+
+/* --------------------- IMPLEMENTATION DES FONCTIONS DE CLASSE --------------------- */
+
+
+/* Indique le nom associé à une expression d'évaluation. */
+static char *g_scan_string_wide_function_get_name(const GScanStringWideFunction *);
+
+/* Réduit une expression à une forme plus simple. */
+static bool g_scan_string_wide_function_run_call(GScanStringWideFunction *, GScanExpression **, size_t, GScanContext *, GScanScope *, GObject **);
+
+
+
+/* ---------------------------------------------------------------------------------- */
+/* INTRODUCTION D'UNE NOUVELLE FONCTION */
+/* ---------------------------------------------------------------------------------- */
+
+
+/* Indique le type défini pour une bascule de texte ASCII en UTF-16. */
+G_DEFINE_TYPE(GScanStringWideFunction, g_scan_string_wide_function, G_TYPE_SCAN_REGISTERED_ITEM);
+
+
+/******************************************************************************
+* *
+* Paramètres : klass = classe à initialiser. *
+* *
+* Description : Initialise la classe des bascules de texte ASCII en UTF-16. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_scan_string_wide_function_class_init(GScanStringWideFunctionClass *klass)
+{
+ GObjectClass *object; /* Autre version de la classe */
+ GScanRegisteredItemClass *registered; /* Version de classe parente */
+
+ object = G_OBJECT_CLASS(klass);
+
+ object->dispose = (GObjectFinalizeFunc/* ! */)g_scan_string_wide_function_dispose;
+ object->finalize = (GObjectFinalizeFunc)g_scan_string_wide_function_finalize;
+
+ registered = G_SCAN_REGISTERED_ITEM_CLASS(klass);
+
+ registered->get_name = (get_registered_item_name_fc)g_scan_string_wide_function_get_name;
+ registered->run_call = (run_registered_item_call_fc)g_scan_string_wide_function_run_call;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : func = instance à initialiser. *
+* *
+* Description : Initialise une instance de bascule de texte ASCII en UTF-16. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_scan_string_wide_function_init(GScanStringWideFunction *func)
+{
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : func = instance d'objet GLib à traiter. *
+* *
+* Description : Supprime toutes les références externes. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_scan_string_wide_function_dispose(GScanStringWideFunction *func)
+{
+ G_OBJECT_CLASS(g_scan_string_wide_function_parent_class)->dispose(G_OBJECT(func));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : func = instance d'objet GLib à traiter. *
+* *
+* Description : Procède à la libération totale de la mémoire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_scan_string_wide_function_finalize(GScanStringWideFunction *func)
+{
+ G_OBJECT_CLASS(g_scan_string_wide_function_parent_class)->finalize(G_OBJECT(func));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : Constitue une fonction de bascule de texte ASCII en UTF-16. *
+* *
+* Retour : Fonction mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GScanRegisteredItem *g_scan_string_wide_function_new(void)
+{
+ GScanRegisteredItem *result; /* Structure à retourner */
+
+ result = g_object_new(G_TYPE_SCAN_STRING_WIDE_FUNCTION, NULL);
+
+ return result;
+
+}
+
+
+
+/* ---------------------------------------------------------------------------------- */
+/* IMPLEMENTATION DES FONCTIONS DE CLASSE */
+/* ---------------------------------------------------------------------------------- */
+
+
+/******************************************************************************
+* *
+* Paramètres : item = élément d'appel à consulter. *
+* *
+* Description : Indique le nom associé à une expression d'évaluation. *
+* *
+* Retour : Désignation humaine de l'expression d'évaluation. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static char *g_scan_string_wide_function_get_name(const GScanStringWideFunction *item)
+{
+ char *result; /* Désignation à retourner */
+
+ result = strdup("wide");
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : item = élément d'appel à consulter. *
+* args = liste d'éventuels arguments fournis. *
+* count = taille de cette liste. *
+* ctx = contexte de suivi de l'analyse courante. *
+* scope = portée courante des variables locales. *
+* out = zone d'enregistrement de la résolution opérée. [OUT] *
+* *
+* Description : Réduit une expression à une forme plus simple. *
+* *
+* Retour : Réduction correspondante, expression déjà réduite, ou NULL. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool g_scan_string_wide_function_run_call(GScanStringWideFunction *item, GScanExpression **args, size_t count, GScanContext *ctx, GScanScope *scope, GObject **out)
+{
+ bool result; /* Bilan à retourner */
+ GScanLiteralExpression *literal; /* Version plus accessible */
+ LiteralValueType vtype; /* Type de valeur portée */
+ const sized_string_t *string; /* Description du chaîne */
+ sized_string_t new; /* Description transformée */
+ size_t i; /* Boucle de parcours */
+
+ /* Validation des arguments */
+
+ result = (count == 1);
+ if (!result) goto exit;
+
+ result = G_IS_SCAN_LITERAL_EXPRESSION(args[0]);
+ if (!result) goto exit;
+
+ literal = G_SCAN_LITERAL_EXPRESSION(args[0]);
+
+ vtype = g_scan_literal_expression_get_value_type(literal);
+
+ result = (vtype == LVT_STRING);
+ if (!result) goto exit;
+
+ result = g_scan_literal_expression_get_string_value(literal, &string);
+ if (!result) goto exit;
+
+ /* Réalisation de l'opération attendue */
+
+ new.len = string->len * 2;
+ new.data = calloc(new.len, sizeof(bin_t));
+
+ for (i = 0; i < string->len; i++)
+ new.data[i * 2] = string->data[i];
+
+ *out = G_OBJECT(g_scan_literal_expression_new(LVT_STRING, &new));
+
+ exit_szstr(&new);
+
+ exit:
+
+ return result;
+
+}
diff --git a/src/analysis/scan/items/string/wide.h b/src/analysis/scan/items/string/wide.h
new file mode 100644
index 0000000..65195bd
--- /dev/null
+++ b/src/analysis/scan/items/string/wide.h
@@ -0,0 +1,58 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * wide.h - prototypes pour la bascule de texte ASCII en UTF-16
+ *
+ * Copyright (C) 2023 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _ANALYSIS_SCAN_ITEMS_STRING_WIDE_H
+#define _ANALYSIS_SCAN_ITEMS_STRING_WIDE_H
+
+
+#include <glib-object.h>
+
+
+#include "../../item.h"
+
+
+
+#define G_TYPE_SCAN_STRING_WIDE_FUNCTION g_scan_string_wide_function_get_type()
+#define G_SCAN_STRING_WIDE_FUNCTION(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), G_TYPE_SCAN_STRING_WIDE_FUNCTION, GScanStringWideFunction))
+#define G_IS_SCAN_STRING_WIDE_FUNCTION(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), G_TYPE_SCAN_STRING_WIDE_FUNCTION))
+#define G_SCAN_STRING_WIDE_FUNCTION_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_SCAN_STRING_WIDE_FUNCTION, GScanStringWideFunctionClass))
+#define G_IS_SCAN_STRING_WIDE_FUNCTION_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_SCAN_STRING_WIDE_FUNCTION))
+#define G_SCAN_STRING_WIDE_FUNCTION_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_SCAN_STRING_WIDE_FUNCTION, GScanStringWideFunctionClass))
+
+
+/* Bascule d'une suite de texte ASCII en UTF-16 (instance) */
+typedef GScanRegisteredItem GScanStringWideFunction;
+
+/* Bascule d'une suite de texte ASCII en UTF-16 (classe) */
+typedef GScanRegisteredItemClass GScanStringWideFunctionClass;
+
+
+/* Indique le type défini pour une bascule de texte ASCII en UTF-16. */
+GType g_scan_string_wide_function_get_type(void);
+
+/* Constitue une fonction de bascule de texte ASCII en UTF-16. */
+GScanRegisteredItem *g_scan_string_wide_function_new(void);
+
+
+
+#endif /* _ANALYSIS_SCAN_ITEMS_STRING_WIDE_H */
generated by cgit v0.11.2-87-g4458 at 2025-12-16 13:39:04 (GMT)