From fef46dc1537e3302ac7bab653d24495c570e1d5c Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Tue, 12 Sep 2023 22:07:56 +0200 Subject: Introduce verbosity levels when displaying scan results as text. --- src/analysis/scan/options.c | 2 ++ src/analysis/scan/rule.c | 8 +++++--- src/analysis/scan/rule.h | 2 +- src/analysis/scan/scanner.c | 5 +++-- src/analysis/scan/scanner.h | 2 +- src/rost.c | 8 +++++++- 6 files changed, 19 insertions(+), 8 deletions(-) diff --git a/src/analysis/scan/options.c b/src/analysis/scan/options.c index cb56c2b..2147bb5 100644 --- a/src/analysis/scan/options.c +++ b/src/analysis/scan/options.c @@ -86,6 +86,8 @@ static void g_scan_options_init(GScanOptions *options) { options->data_backend = G_TYPE_INVALID; + options->print_json = false; + options->print_strings = false; options->print_stats = false; } diff --git a/src/analysis/scan/rule.c b/src/analysis/scan/rule.c index 7719e8a..4ef1e3c 100644 --- a/src/analysis/scan/rule.c +++ b/src/analysis/scan/rule.c @@ -525,6 +525,7 @@ void g_scan_rule_check(GScanRule *rule, GEngineBackend *backend, GScanContext *c * * * Paramètres : rule = règle de détection à considérer. * * context = contexte de l'analyse à mener. * +* full = force un affichage complet des résultats. * * fd = canal d'écriture. * * * * Description : Affiche une règle au format texte. * @@ -535,12 +536,13 @@ void g_scan_rule_check(GScanRule *rule, GEngineBackend *backend, GScanContext *c * * ******************************************************************************/ -void g_scan_rule_output_to_text(const GScanRule *rule, GScanContext *context, int fd) +void g_scan_rule_output_to_text(const GScanRule *rule, GScanContext *context, bool full, int fd) { size_t i; /* Boucle de parcours */ - for (i = 0; i < rule->bytes_used; i++) - g_search_pattern_output_to_text(rule->bytes_locals[i], context, fd); + if (full) + for (i = 0; i < rule->bytes_used; i++) + g_search_pattern_output_to_text(rule->bytes_locals[i], context, fd); if (g_scan_context_has_match_for_rule(context, rule->name)) { diff --git a/src/analysis/scan/rule.h b/src/analysis/scan/rule.h index 20a688c..7ade51b 100644 --- a/src/analysis/scan/rule.h +++ b/src/analysis/scan/rule.h @@ -81,7 +81,7 @@ bool g_scan_rule_setup_backend(GScanRule *, GEngineBackend *, GScanContext *); void g_scan_rule_check(GScanRule *, GEngineBackend *, GScanContext *); /* Affiche une règle au format texte. */ -void g_scan_rule_output_to_text(const GScanRule *, GScanContext *, int); +void g_scan_rule_output_to_text(const GScanRule *, GScanContext *, bool, int); /* Convertit une règle en texte. */ void g_scan_rule_convert_as_text(const GScanRule *, GScanContext *); diff --git a/src/analysis/scan/scanner.c b/src/analysis/scan/scanner.c index b550b1f..29f47eb 100644 --- a/src/analysis/scan/scanner.c +++ b/src/analysis/scan/scanner.c @@ -526,6 +526,7 @@ GScanContext *g_content_scanner_analyze(GContentScanner *scanner, GScanOptions * * * * Paramètres : scanner = gestionnaire de recherche à consulter. * * context = contexte de l'analyse à mener. * +* full = force un affichage complet des résultats. * * fd = canal d'écriture. * * * * Description : Affiche un gestionnaire de recherches au format texte. * @@ -536,14 +537,14 @@ GScanContext *g_content_scanner_analyze(GContentScanner *scanner, GScanOptions * * * ******************************************************************************/ -void g_content_scanner_output_to_text(const GContentScanner *scanner, GScanContext *context, int fd) +void g_content_scanner_output_to_text(const GContentScanner *scanner, GScanContext *context, bool full, int fd) { size_t i; /* Boucle de parcours */ /* Sous-traitance aux règles */ for (i = 0; i < scanner->rule_count; i++) - g_scan_rule_output_to_text(scanner->rules[i], context, fd); + g_scan_rule_output_to_text(scanner->rules[i], context, full, fd); } diff --git a/src/analysis/scan/scanner.h b/src/analysis/scan/scanner.h index 58dbe19..d2b5dc1 100644 --- a/src/analysis/scan/scanner.h +++ b/src/analysis/scan/scanner.h @@ -73,7 +73,7 @@ bool g_content_scanner_add_rule(GContentScanner *, GScanRule *); GScanContext *g_content_scanner_analyze(GContentScanner *, GScanOptions *, GBinContent *); /* Affiche un gestionnaire de recherches au format texte. */ -void g_content_scanner_output_to_text(const GContentScanner *, GScanContext *, int); +void g_content_scanner_output_to_text(const GContentScanner *, GScanContext *, bool, int); /* Convertit un gestionnaire de recherches en texte. */ void g_content_scanner_convert_as_text(const GContentScanner *, GScanContext *); diff --git a/src/rost.c b/src/rost.c index 5cc1cde..9428dff 100644 --- a/src/rost.c +++ b/src/rost.c @@ -167,6 +167,7 @@ int main(int argc, char **argv) GBinContent *content; /* Contenu à analyser */ GScanContext *context; /* Contexte des trouvailles */ sized_string_t padding; /* Bourrage pour le JSON */ + bool full; /* Détailler l'affichage ? */ static struct option long_options[] = { { "help", no_argument, NULL, 'h' }, @@ -309,7 +310,12 @@ int main(int argc, char **argv) } else - g_content_scanner_output_to_text(scanner, context, STDOUT_FILENO); + { + full = g_scan_options_get_print_strings(options); + + g_content_scanner_output_to_text(scanner, context, full, STDOUT_FILENO); + + } g_object_unref(G_OBJECT(context)); g_object_unref(G_OBJECT(content)); -- cgit v0.11.2-87-g4458