...
|
...
|
@@ -649,7 +649,8 @@ static int parseLSig(struct cli_bc *bc, char *buffer)
|
649
|
649
|
vnames = strchr(vend, '{');
|
650
|
650
|
} else {
|
651
|
651
|
/* Not a logical signature, but we still have a virusname */
|
652
|
|
- bc->lsig = NULL;
|
|
652
|
+ bc->hook_name = cli_strdup(buffer);
|
|
653
|
+ bc->lsig = NULL;
|
653
|
654
|
}
|
654
|
655
|
|
655
|
656
|
return CL_SUCCESS;
|
...
|
...
|
@@ -1477,6 +1478,7 @@ void cli_sigperf_print()
|
1477
|
1477
|
static void sigperf_events_init(struct cli_bc *bc)
|
1478
|
1478
|
{
|
1479
|
1479
|
int ret;
|
|
1480
|
+ char * bc_name;
|
1480
|
1481
|
|
1481
|
1482
|
if (!g_sigevents)
|
1482
|
1483
|
g_sigevents = cli_events_new(MAX_BC_SIGEVENT_ID);
|
...
|
...
|
@@ -1491,16 +1493,18 @@ static void sigperf_events_init(struct cli_bc *bc)
|
1491
|
1491
|
return;
|
1492
|
1492
|
}
|
1493
|
1493
|
|
1494
|
|
- cli_dbgmsg("sigperf_events_init(): adding sig ids starting %u for %s\n", g_sigid, bc->lsig);
|
1495
|
|
-
|
1496
|
|
- if (!bc->lsig) {
|
1497
|
|
- cli_dbgmsg("cli_event_define error for time event id %d\n", bc->sigtime_id);
|
1498
|
|
- return;
|
|
1494
|
+ if (!(bc_name = bc->lsig)) {
|
|
1495
|
+ if (!(bc_name = bc->hook_name)) {
|
|
1496
|
+ cli_dbgmsg("cli_event_define error for time event id %d\n", bc->sigtime_id);
|
|
1497
|
+ return;
|
|
1498
|
+ }
|
1499
|
1499
|
}
|
1500
|
1500
|
|
|
1501
|
+ cli_dbgmsg("sigperf_events_init(): adding sig ids starting %u for %s\n", g_sigid, bc_name);
|
|
1502
|
+
|
1501
|
1503
|
/* register time event */
|
1502
|
1504
|
bc->sigtime_id = g_sigid;
|
1503
|
|
- ret = cli_event_define(g_sigevents, g_sigid++, bc->lsig, ev_time, multiple_sum);
|
|
1505
|
+ ret = cli_event_define(g_sigevents, g_sigid++, bc_name, ev_time, multiple_sum);
|
1504
|
1506
|
if (ret) {
|
1505
|
1507
|
cli_errmsg("sigperf_events_init: cli_event_define() error for time event id %d\n", bc->sigtime_id);
|
1506
|
1508
|
bc->sigtime_id = MAX_BC_SIGEVENT_ID+1;
|
...
|
...
|
@@ -1509,7 +1513,7 @@ static void sigperf_events_init(struct cli_bc *bc)
|
1509
|
1509
|
|
1510
|
1510
|
/* register match count */
|
1511
|
1511
|
bc->sigmatch_id = g_sigid;
|
1512
|
|
- ret = cli_event_define(g_sigevents, g_sigid++, bc->lsig, ev_int, multiple_sum);
|
|
1512
|
+ ret = cli_event_define(g_sigevents, g_sigid++, bc_name, ev_int, multiple_sum);
|
1513
|
1513
|
if (ret) {
|
1514
|
1514
|
cli_errmsg("sigperf_events_init: cli_event_define() error for matches event id %d\n", bc->sigmatch_id);
|
1515
|
1515
|
bc->sigtime_id = MAX_BC_SIGEVENT_ID+1;
|
...
|
...
|
@@ -1572,16 +1576,19 @@ int cli_bytecode_load(struct cli_bc *bc, FILE *f, struct cli_dbio *dbio, int tru
|
1572
|
1572
|
switch (state) {
|
1573
|
1573
|
case PARSE_BC_LSIG:
|
1574
|
1574
|
rc = parseLSig(bc, buffer);
|
1575
|
|
- if (rc == CL_BREAK) /* skip */ {
|
|
1575
|
+#if 0
|
|
1576
|
+DEAD CODE
|
|
1577
|
+ if (rc == CL_BREAK) /* skip */ { //FIXME: parseLSig always returns CL_SUCCESS
|
1576
|
1578
|
bc->state = bc_skip;
|
1577
|
1579
|
state = PARSE_SKIP;
|
1578
|
1580
|
continue;
|
1579
|
1581
|
}
|
1580
|
|
- if (rc != CL_SUCCESS) {
|
|
1582
|
+ if (rc != CL_SUCCESS) { //FIXME: parseLSig always returns CL_SUCCESS
|
1581
|
1583
|
cli_errmsg("Error at bytecode line %u\n", row);
|
1582
|
1584
|
free(buffer);
|
1583
|
1585
|
return rc;
|
1584
|
1586
|
}
|
|
1587
|
+#endif
|
1585
|
1588
|
state = PARSE_BC_TYPES;
|
1586
|
1589
|
break;
|
1587
|
1590
|
case PARSE_BC_TYPES:
|
...
|
...
|
@@ -1935,6 +1942,7 @@ void cli_bytecode_destroy(struct cli_bc *bc)
|
1935
|
1935
|
if (bc->uses_apis)
|
1936
|
1936
|
cli_bitset_free(bc->uses_apis);
|
1937
|
1937
|
free(bc->lsig);
|
|
1938
|
+ free(bc->hook_name);
|
1938
|
1939
|
free(bc->globalBytes);
|
1939
|
1940
|
memset(bc, 0, sizeof(*bc));
|
1940
|
1941
|
}
|