summaryrefslogtreecommitdiff
path: root/src/rost.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/rost.c')
-rw-r--r--src/rost.c163
1 files changed, 130 insertions, 33 deletions
diff --git a/src/rost.c b/src/rost.c
index efe18e5..4a052c3 100644
--- a/src/rost.c
+++ b/src/rost.c
@@ -34,17 +34,19 @@
#include <i18n.h>
-
#include "gleak.h"
#include "analysis/contents/file.h"
+#include "analysis/scan/core.h"
#include "analysis/scan/options.h"
#include "analysis/scan/scanner.h"
-#include "analysis/scan/patterns/backends/bitap.h"
#include "analysis/scan/patterns/backends/acism.h"
+#include "analysis/scan/patterns/backends/bitap.h"
+#include "analysis/scan/patterns/backends/hyperscan.h"
#include "core/core.h"
#include "core/global.h"
#include "core/logs.h"
#include "core/paths.h"
+#include "plugins/pglist.h"
@@ -55,7 +57,7 @@ static void show_rost_help(const char *);
static void show_rost_version(void);
/* Récupère un contenu à traiter depuis l'entrée standard. */
-static void *get_input_data_from_stdin(void);
+static void *get_input_data_from_stdin(size_t *);
@@ -91,15 +93,22 @@ static void show_rost_help(const char *name)
printf("\n");
- printf("\t-A --algorithm=name\tSelect one of the available algorithms for data: bitmap, acism (default: acsim).\n");
+ printf("\t-A --algorithm=NAME\tSelect one of the available algorithms for data: acism, bitmap, hyperscan (default: acsim).\n");
printf("\t-C --check-only\t\tValidate the rule syntax without performing a scan (discard the file/dir argument).\n");
- printf("\t-j --print-json\t\tPrint matching strings in JSON format.\n");
- printf("\t-s --print-strings\tPrint matching strings.\n");
+ printf("\t-j --print-json\t\tPrint matching strings in JSON format instead of simple text.\n");
+ printf("\t-s --print-strings\tPrint matching strings (default text format only).\n");
printf("\t-S --print-stats\tPrint rules' statistics.\n");
+ printf("\t-g --print-tags\t\tPrint tags linked to rules on match (default text format only).\n");
+ printf("\t-t --tag=TAG\t\tPrint only matching rules tagged as TAG (default text format only).\n");
printf("\t-V --verbosity=level\tSet the log level (0 for all messages, %u for none).\n", LMT_COUNT);
printf("\n");
+ printf("\t--dump-modifiers\tList all registered modifiers for string patterns.\n");
+ printf("\t--dump-namespaces\tExplore the root namespace with all its functions and sub-namespaces.\n");
+
+ printf("\n");
+
free(tmp);
}
@@ -147,7 +156,7 @@ static void show_rost_version(void)
/******************************************************************************
* *
-* Paramètres : - *
+* Paramètres : length = taille de la définition lue. [OUT] *
* *
* Description : Récupère un contenu à traiter depuis l'entrée standard. *
* *
@@ -157,23 +166,22 @@ static void show_rost_version(void)
* *
******************************************************************************/
-static void *get_input_data_from_stdin(void)
+static void *get_input_data_from_stdin(size_t *length)
{
char *result; /* Espace mémoire à retourner */
- size_t length; /* Taille de ce contenu */
ssize_t got; /* Quantité d'octets lus */
result = NULL;
- length = 0;
+ *length = 0;
#define ALLOC_SIZE 2048
while (true)
{
- result = realloc(result, (length + ALLOC_SIZE) * sizeof(char));
+ result = realloc(result, (*length + ALLOC_SIZE) * sizeof(char));
- got = read(STDIN_FILENO, result + length, ALLOC_SIZE);
+ got = read(STDIN_FILENO, result + *length, ALLOC_SIZE);
if (got == -1)
{
@@ -181,7 +189,7 @@ static void *get_input_data_from_stdin(void)
goto exit_with_error;
}
- length += got;
+ *length += got;
if (got < ALLOC_SIZE)
break;
@@ -219,12 +227,21 @@ int main(int argc, char **argv)
bool show_version; /* Affichage de la version ? */
bool check_only; /* Validation uniquement */
LogMessageType verbosity; /* Niveau de filtre de message */
+ bool dump_modifiers; /* Affichage des modificateurs */
+ bool dump_namespaces; /* Affichage des fonctions */
GScanOptions *options; /* Options d'analyses */
int index; /* Indice d'argument */
int ret; /* Bilan d'un appel */
char *edir; /* Répertoire de base effectif */
+ size_t mod_count; /* Quantité de modificateurs */
+ char **modifiers; /* Liste de modificateurs */
+ size_t i; /* Boucle de parcours */
+ GScanNamespace *root_ns; /* Espace de noms ROST racine */
+ size_t items_count; /* Quantité de modificateurs */
+ char **items; /* Liste de modificateurs */
char *rules; /* Définition de règles */
char *target; /* Cible communiquée */
+ size_t rule_length; /* Taille d'un contenu */
void *rule_content; /* Contenu à traduire */
GContentScanner *scanner; /* Encadrement d'une recherche */
GBinContent *content; /* Contenu à analyser */
@@ -232,6 +249,8 @@ int main(int argc, char **argv)
sized_string_t padding; /* Bourrage pour le JSON */
bool full; /* Détailler l'affichage ? */
+#define LONG_ID(n) (0x40570000 | n)
+
static struct option long_options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, 'v' },
@@ -240,7 +259,11 @@ int main(int argc, char **argv)
{ "print-json", no_argument, NULL, 'j' },
{ "print-strings", no_argument, NULL, 's' },
{ "print-stats", no_argument, NULL, 'S' },
+ { "print-tags", no_argument, NULL, 'g' },
+ { "tag", required_argument, NULL, 't' },
{ "verbosity", required_argument, NULL, 'V' },
+ { "dump-modifiers", no_argument, NULL, LONG_ID(1) },
+ { "dump-namespaces",no_argument, NULL, LONG_ID(2) },
{ NULL, 0, NULL, 0 }
};
@@ -252,7 +275,9 @@ int main(int argc, char **argv)
show_version = false;
check_only = false;
- verbosity = LMT_INFO;
+ verbosity = LMT_COUNT;
+ dump_modifiers = false;
+ dump_namespaces = false;
options = g_scan_options_new();
@@ -260,7 +285,7 @@ int main(int argc, char **argv)
while (true)
{
- ret = getopt_long(argc, argv, "hvA:CjsSV:", long_options, &index);
+ ret = getopt_long(argc, argv, "hvA:CjsSgt:V:", long_options, &index);
if (ret == -1) break;
switch (ret)
@@ -274,10 +299,12 @@ int main(int argc, char **argv)
break;
case 'A':
- if (strcmp(optarg, "bitmap") == 0)
- g_scan_options_set_backend_for_data(options, G_TYPE_BITAP_BACKEND);
- else if (strcmp(optarg, "acism") == 0)
+ if (strcmp(optarg, "acism") == 0)
g_scan_options_set_backend_for_data(options, G_TYPE_ACISM_BACKEND);
+ else if (strcmp(optarg, "bitmap") == 0)
+ g_scan_options_set_backend_for_data(options, G_TYPE_BITAP_BACKEND);
+ else if (strcmp(optarg, "hyperscan") == 0)
+ g_scan_options_set_backend_for_data(options, G_TYPE_HYPERSCAN_BACKEND);
else
g_scan_options_set_backend_for_data(options, G_TYPE_INVALID);
break;
@@ -299,20 +326,28 @@ int main(int argc, char **argv)
g_scan_options_set_print_stats(options, true);
break;
+ case 'g':
+ g_scan_options_set_print_tags(options, true);
+ break;
+
+ case 't':
+ g_scan_options_select_tag(options, optarg);
+ break;
+
case 'V':
verbosity = strtoul(optarg, NULL, 10);
break;
- }
+ case LONG_ID(1):
+ dump_modifiers = true;
+ break;
- }
+ case LONG_ID(2):
+ dump_namespaces = true;
+ break;
+
+ }
- if ((check_only && (optind + 0) != argc && (optind + 1) != argc)
- || (!check_only && (optind + 1) != argc && (optind + 2) != argc))
- {
- printf("failed: check=%d optind=%d argc=%d\n", check_only, optind, argc);
- show_rost_help(argv[0]);
- goto done;
}
/* Actions de base */
@@ -355,8 +390,64 @@ int main(int argc, char **argv)
set_log_verbosity(verbosity);
- if (!load_all_core_components(true))
+#define CORE_COMPONENTS (ACC_SCAN_FEATURES)
+
+ if (!load_core_components(CORE_COMPONENTS))
+ goto done;
+
+ /*
+ init_all_plugins(true);
+ */
+
+ if (dump_modifiers)
+ {
+ modifiers = list_all_scan_token_modifiers(&mod_count);
+
+ for (i = 0; i < mod_count; i++)
+ {
+ printf("%s\n", modifiers[i]);
+ free(modifiers[i]);
+ }
+
+ if (modifiers != NULL)
+ free(modifiers);
+
+ result = EXIT_SUCCESS;
+
+ }
+
+ if (dump_namespaces)
+ {
+ root_ns = get_rost_root_namespace();
+
+ items = g_scan_namespace_explore(root_ns, &items_count);
+
+ for (i = 0; i < items_count; i++)
+ {
+ printf("%s\n", items[i]);
+ free(items[i]);
+ }
+
+ if (items != NULL)
+ free(items);
+
+ result = EXIT_SUCCESS;
+
+ g_object_unref(G_OBJECT(root_ns));
+
+ }
+
+ if ((check_only && (optind + 0) != argc && (optind + 1) != argc)
+ || (!check_only && (optind + 1) != argc && (optind + 2) != argc))
+ {
+ if (result == EXIT_FAILURE)
+ show_rost_help(argv[0]);
goto done;
+ }
+
+ /* Réinitialisation en cas de dump... */
+ else
+ result = EXIT_FAILURE;
/* Traitement des recherches */
@@ -393,11 +484,11 @@ int main(int argc, char **argv)
if (rules == NULL)
{
- rule_content = get_input_data_from_stdin();
+ rule_content = get_input_data_from_stdin(&rule_length);
if (rule_content != NULL)
{
- scanner = g_content_scanner_new_from_text(rule_content);
+ scanner = g_content_scanner_new_from_text(rule_content, rule_length);
free(rule_content);
}
else
@@ -416,6 +507,7 @@ int main(int argc, char **argv)
if (content == NULL) goto bad_file_content;
context = g_content_scanner_analyze(scanner, options, content);
+ if (context == NULL) goto bad_scan_context;
if (g_scan_options_get_print_json(options))
{
@@ -434,28 +526,33 @@ int main(int argc, char **argv)
}
g_object_unref(G_OBJECT(context));
+
+ bad_scan_context:
+
g_object_unref(G_OBJECT(content));
bad_file_content:
- g_object_unref(G_OBJECT(scanner));
-
}
+ g_clear_object(&scanner);
+
g_object_unref(G_OBJECT(options));
/* Sortie */
- unload_all_core_components(false);
-
#ifdef TRACK_GOBJECT_LEAKS
remember_gtypes_for_leaks();
#endif
+ unload_core_components(CORE_COMPONENTS);
+
#ifdef TRACK_GOBJECT_LEAKS
dump_remaining_gtypes();
#endif
+ //exit_all_plugins();
+
done:
return result;
generated by cgit v0.11.2-87-g4458 at 2025-12-16 05:56:08 (GMT)