@@ -447,6 +447,8 @@ libclamav_la_SOURCES = \

 	openioc.h \

 	yara_arena.c \

 	yara_arena.h \

+	yara_compiler.c \

+	yara_compiler.h \

 	yara_exec.c \

 	yara_exec.h \

 	yara_hash.c \

@@ -284,18 +284,19 @@ am_libclamav_la_OBJECTS = libclamav_la-matcher-ac.lo \

 	libclamav_la-asn1.lo libclamav_la-fpu.lo libclamav_la-stats.lo \

 	libclamav_la-www.lo libclamav_la-stats_json.lo \

 	libclamav_la-hostid.lo libclamav_la-openioc.lo \

-	libclamav_la-yara_arena.lo libclamav_la-yara_exec.lo \

-	libclamav_la-yara_hash.lo libclamav_la-yara_grammar.lo \

-	libclamav_la-yara_lexer.lo libclamav_la-yara_parser.lo \

-	libclamav_la-msdoc.lo libclamav_la-matcher-pcre.lo \

-	libclamav_la-regex_pcre.lo libclamav_la-msxml.lo \

-	libclamav_la-msxml_parser.lo libclamav_la-fp_add.lo \

-	libclamav_la-fp_add_d.lo libclamav_la-fp_addmod.lo \

-	libclamav_la-fp_cmp.lo libclamav_la-fp_cmp_d.lo \

-	libclamav_la-fp_cmp_mag.lo libclamav_la-fp_sub.lo \

-	libclamav_la-fp_sub_d.lo libclamav_la-fp_submod.lo \

-	libclamav_la-s_fp_add.lo libclamav_la-s_fp_sub.lo \

-	libclamav_la-fp_radix_size.lo libclamav_la-fp_read_radix.lo \

+	libclamav_la-yara_arena.lo libclamav_la-yara_compiler.lo \

+	libclamav_la-yara_exec.lo libclamav_la-yara_hash.lo \

+	libclamav_la-yara_grammar.lo libclamav_la-yara_lexer.lo \

+	libclamav_la-yara_parser.lo libclamav_la-msdoc.lo \

+	libclamav_la-matcher-pcre.lo libclamav_la-regex_pcre.lo \

+	libclamav_la-msxml.lo libclamav_la-msxml_parser.lo \

+	libclamav_la-fp_add.lo libclamav_la-fp_add_d.lo \

+	libclamav_la-fp_addmod.lo libclamav_la-fp_cmp.lo \

+	libclamav_la-fp_cmp_d.lo libclamav_la-fp_cmp_mag.lo \

+	libclamav_la-fp_sub.lo libclamav_la-fp_sub_d.lo \

+	libclamav_la-fp_submod.lo libclamav_la-s_fp_add.lo \

+	libclamav_la-s_fp_sub.lo libclamav_la-fp_radix_size.lo \

+	libclamav_la-fp_read_radix.lo \

 	libclamav_la-fp_read_signed_bin.lo \

 	libclamav_la-fp_read_unsigned_bin.lo \

 	libclamav_la-fp_reverse.lo libclamav_la-fp_s_rmap.lo \

@@ -920,12 +921,13 @@ libclamav_la_SOURCES = matcher-ac.c matcher-ac.h matcher-bm.c \

 	iso9660.h arc4.c arc4.h rijndael.c rijndael.h crtmgr.c \

 	crtmgr.h asn1.c asn1.h fpu.c fpu.h stats.c stats.h www.c www.h \

 	stats_json.c stats_json.h hostid.c hostid.h openioc.c \

-	openioc.h yara_arena.c yara_arena.h yara_exec.c yara_exec.h \

-	yara_hash.c yara_hash.h yara_grammar.y yara_lexer.l \

-	yara_lexer.h yara_parser.c yara_parser.h yara_clam.h msdoc.c \

-	msdoc.h matcher-pcre.c matcher-pcre.h regex_pcre.c \

-	regex_pcre.h msxml.c msxml.h msxml_parser.c msxml_parser.h \

-	bignum.h bignum_fast.h tomsfastmath/addsub/fp_add.c \

+	openioc.h yara_arena.c yara_arena.h yara_compiler.c \

+	yara_compiler.h yara_exec.c yara_exec.h yara_hash.c \

+	yara_hash.h yara_grammar.y yara_lexer.l yara_lexer.h \

+	yara_parser.c yara_parser.h yara_clam.h msdoc.c msdoc.h \

+	matcher-pcre.c matcher-pcre.h regex_pcre.c regex_pcre.h \

+	msxml.c msxml.h msxml_parser.c msxml_parser.h bignum.h \

+	bignum_fast.h tomsfastmath/addsub/fp_add.c \

 	tomsfastmath/addsub/fp_add_d.c tomsfastmath/addsub/fp_addmod.c \

 	tomsfastmath/addsub/fp_cmp.c tomsfastmath/addsub/fp_cmp_d.c \

 	tomsfastmath/addsub/fp_cmp_mag.c tomsfastmath/addsub/fp_sub.c \

@@ -1350,6 +1352,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-xdp.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-xz_iface.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-yara_arena.Plo@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-yara_compiler.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-yara_exec.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-yara_grammar.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-yara_hash.Plo@am__quote@

@@ -2354,6 +2357,13 @@ libclamav_la-yara_arena.lo: yara_arena.c

 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-yara_arena.lo `test -f 'yara_arena.c' || echo '$(srcdir)/'`yara_arena.c

+libclamav_la-yara_compiler.lo: yara_compiler.c

+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-yara_compiler.lo -MD -MP -MF $(DEPDIR)/libclamav_la-yara_compiler.Tpo -c -o libclamav_la-yara_compiler.lo `test -f 'yara_compiler.c' || echo '$(srcdir)/'`yara_compiler.c

+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-yara_compiler.Tpo $(DEPDIR)/libclamav_la-yara_compiler.Plo

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='yara_compiler.c' object='libclamav_la-yara_compiler.lo' libtool=yes @AMDEPBACKSLASH@

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-yara_compiler.lo `test -f 'yara_compiler.c' || echo '$(srcdir)/'`yara_compiler.c

+

 libclamav_la-yara_exec.lo: yara_exec.c

 @am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-yara_exec.lo -MD -MP -MF $(DEPDIR)/libclamav_la-yara_exec.Tpo -c -o libclamav_la-yara_exec.lo `test -f 'yara_exec.c' || echo '$(srcdir)/'`yara_exec.c

 @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-yara_exec.Tpo $(DEPDIR)/libclamav_la-yara_exec.Plo

@@ -436,34 +436,8 @@ struct cl_engine *cl_engine_new(void)

     new->pcre_recmatch_limit = CLI_DEFAULT_PCRE_RECMATCH_LIMIT;

     new->pcre_max_filesize = CLI_DEFAULT_PCRE_MAX_FILESIZE;

-    /* Initialize YARA */

-    if (ERROR_SUCCESS != yr_arena_create(1024, 0, &new->the_arena)) {

-        cli_errmsg("cli_engine_new: failed to create the YARA arena\n");

-        mpool_free(new->mempool, new->dconf);

-        mpool_free(new->mempool, new->root);

-#ifdef USE_MPOOL

-        mpool_destroy(new->mempool);

-#endif

-        free(new);

-        free(intel);

-        return NULL;

-    }    

-    if (ERROR_SUCCESS != yr_hash_table_create(10007, &new->rules_table)) {

-        cli_errmsg("cli_engine_new: failed to create the YARA rules table\n");

-        yr_arena_destroy(new->the_arena);

-        mpool_free(new->mempool, new->dconf);

-        mpool_free(new->mempool, new->root);

-#ifdef USE_MPOOL

-        mpool_destroy(new->mempool);

-#endif

-        free(new);

-        free(intel);

-        return NULL;

-    }

-    if (ERROR_SUCCESS != yr_hash_table_create(10007, &new->objects_table)) {

-        cli_errmsg("cli_engine_new: failed to create the YARA objects table\n");

-        yr_hash_table_destroy(new->rules_table, NULL);

-        yr_arena_destroy(new->the_arena);

+    if (cli_yara_init(new) != CL_SUCCESS) {

+        cli_errmsg("cli_engine_new: failed to initialize YARA\n");

         mpool_free(new->mempool, new->dconf);

         mpool_free(new->mempool, new->root);

 #ifdef USE_MPOOL

@@ -359,9 +359,7 @@ struct cl_engine {

     uint64_t pcre_max_filesize;

     /* YARA */

-    YR_ARENA      * the_arena;

-    YR_HASH_TABLE * rules_table;

-    YR_HASH_TABLE * objects_table;

+    struct _yara_global * yara_global;

 };

 struct cl_settings {

@@ -83,6 +83,7 @@ static pthread_mutex_t cli_ref_mutex = PTHREAD_MUTEX_INITIALIZER;

 #endif

 #ifndef _WIN32

 #include "yara_clam.h"

+#include "yara_compiler.h"

 #endif

 #define MAX_LDB_SUBSIGS 64

@@ -3782,6 +3783,101 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns

     return CL_SUCCESS;

 }

+struct _yara_global {

+    YR_ARENA      * the_arena;

+    YR_HASH_TABLE * rules_table;

+    YR_HASH_TABLE * objects_table;

+    YR_HASH_TABLE * db_table;

+};

+

+int cli_yara_init(struct cl_engine * engine)

+{

+    /* Initialize YARA */

+    engine->yara_global = cli_calloc(1, sizeof(struct _yara_global));

+    if (NULL == engine->yara_global) {

+        cli_errmsg("cli_yara_init: failed to create YARA global\n");

+        return CL_EMEM;

+    }

+    if (ERROR_SUCCESS != yr_arena_create(1024, 0, &engine->yara_global->the_arena)) {

+        cli_errmsg("cli_yara_init: failed to create the YARA arena\n");

+        free(engine->yara_global);

+        engine->yara_global = NULL;

+        return CL_EMEM;

+    }

+    if (ERROR_SUCCESS != yr_hash_table_create(10007, &engine->yara_global->rules_table)) {

+        cli_errmsg("cli_yara_init: failed to create the YARA rules table\n");

+        yr_arena_destroy(engine->yara_global->the_arena);

+        engine->yara_global->the_arena = NULL;

+        free(engine->yara_global);

+        engine->yara_global = NULL;

+        return CL_EMEM;

+    }

+    if (ERROR_SUCCESS != yr_hash_table_create(10007, &engine->yara_global->objects_table)) {

+        cli_errmsg("cli_yara_init: failed to create the YARA objects table\n");

+        yr_hash_table_destroy(engine->yara_global->rules_table, NULL);

+        yr_arena_destroy(engine->yara_global->the_arena);

+        engine->yara_global->rules_table = NULL;

+        engine->yara_global->the_arena = NULL; 

+        free(engine->yara_global);

+        engine->yara_global = NULL;

+        engine->yara_global = NULL;

+        return CL_EMEM;

+    }

+    if (ERROR_SUCCESS != yr_hash_table_create(10007, &engine->yara_global->db_table)) {

+        cli_errmsg("cli_yara_init: failed to create the YARA objects table\n");

+        yr_hash_table_destroy(engine->yara_global->objects_table, NULL);

+        yr_hash_table_destroy(engine->yara_global->rules_table, NULL);

+        yr_arena_destroy(engine->yara_global->the_arena);

+        engine->yara_global->objects_table = NULL;

+        engine->yara_global->rules_table = NULL;

+        engine->yara_global->the_arena = NULL; 

+        free(engine->yara_global);

+        engine->yara_global = NULL;

+        return CL_EMEM;

+    }

+    return CL_SUCCESS;

+}

+

+void cli_yara_free(struct cl_engine * engine)

+{

+    if (engine->yara_global != NULL) {

+        if (engine->yara_global->db_table != NULL) {

+            yr_hash_table_destroy(engine->yara_global->db_table, NULL);

+            engine->yara_global->db_table = NULL;

+        }

+        if (engine->yara_global->rules_table != NULL) {

+            yr_hash_table_destroy(engine->yara_global->rules_table, NULL);

+            engine->yara_global->rules_table = NULL;

+        }

+        if (engine->yara_global->objects_table != NULL) {

+            yr_hash_table_destroy(engine->yara_global->objects_table, NULL);

+            engine->yara_global->objects_table = NULL;

+        }    

+        if (engine->yara_global->the_arena != NULL) {

+            yr_arena_destroy(engine->yara_global->the_arena);

+            engine->yara_global->the_arena = NULL;

+        }

+        free(engine->yara_global);

+        engine->yara_global = NULL;

+    }        

+}

+

+#if 0

+int cli_yara_hash_db_file(char * fname)

+{

+    if (yr_hash_table_lookup(db_table, fname, NULL) == NULL) {

+        cli_errmsg("***** ADDING %s\n", fbname);

+        if ((rc = yr_hash_table_add(db_table, fname, NULL, (void*) 1)) != ERROR_SUCCESS) {

+            cli_errmsg("****** Could not add %s to db_table\n", dbname);

+        }

+    } else {

+        cli_warnmsg("cli_loadyara: db file %s already included\n", dbname);

+        return 1;

+    }

+    return 0;

+}

+#endif

+

 //TODO - pua? dbio?

 static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio, const char *dbname)

 {

@@ -3796,6 +3892,12 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo,

     if((rc = cli_initroots(engine, options)))

         return rc;

+#if 0

+    /* eliminate duplicate files */ 

+    if (cli_yara_hash_db_file(dbname))

+        return CL_SUCCESS;

+#endif

+

     compiler.last_result = ERROR_SUCCESS;

     STAILQ_INIT(&compiler.rule_q);

     STAILQ_INIT(&compiler.current_rule_string_q);

@@ -3814,9 +3916,11 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo,

     compiler.loop_for_of_mem_offset = -1;

     ns.name = "default";

     compiler.current_namespace = &ns;

-    compiler.the_arena = engine->the_arena;

-    compiler.rules_table = engine->rules_table;

-    compiler.objects_table = engine->objects_table;

+    compiler.the_arena = engine->yara_global->the_arena;

+    compiler.rules_table = engine->yara_global->rules_table;

+    compiler.objects_table = engine->yara_global->objects_table;

+    compiler.allow_includes = 1;

+    _yr_compiler_push_file_name(&compiler, dbname);

     rc = yr_lex_parse_rules_file(fs, &compiler);

     if (rc > 0) { /* rc = number of errors */

@@ -3827,6 +3931,7 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo,

         yr_arena_destroy(compiler.code_arena);

         yr_arena_destroy(compiler.strings_arena);

         yr_arena_destroy(compiler.metas_arena);

+        _yr_compiler_pop_file_name(&compiler);

 #ifdef YARA_FINISHED

         return CL_EMALFDB;

 #else

@@ -3850,11 +3955,12 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo,

         }

     }

-    yr_arena_append(engine->the_arena, compiler.sz_arena);

-    yr_arena_append(engine->the_arena, compiler.rules_arena);

-    yr_arena_append(engine->the_arena, compiler.strings_arena);

+    yr_arena_append(engine->yara_global->the_arena, compiler.sz_arena);

+    yr_arena_append(engine->yara_global->the_arena, compiler.rules_arena);

+    yr_arena_append(engine->yara_global->the_arena, compiler.strings_arena);

     yr_arena_destroy(compiler.code_arena);

     yr_arena_destroy(compiler.metas_arena);

+    _yr_compiler_pop_file_name(&compiler);

     if(rc)

         return rc;

@@ -4688,14 +4794,8 @@ int cl_engine_free(struct cl_engine *engine)

     if(engine->mempool) mpool_destroy(engine->mempool);

 #endif

-    if (engine->rules_table)

-        yr_hash_table_destroy(engine->rules_table, NULL);

-

-    if (engine->objects_table)

-        yr_hash_table_destroy(engine->objects_table, NULL);

-

-    if (engine->the_arena)

-        yr_arena_destroy(engine->the_arena);

+ 

+    cli_yara_free(engine);

     free(engine);

     return CL_SUCCESS;

@@ -4711,11 +4811,13 @@ int cl_engine_compile(struct cl_engine *engine)

 	return CL_ENULLARG;

     /* Free YARA hash tables - only needed for parse and load */

-    if (engine->rules_table)

-        yr_hash_table_destroy(engine->rules_table, NULL);

-    if (engine->objects_table)

-        yr_hash_table_destroy(engine->objects_table, NULL);

-    engine->rules_table = engine->objects_table = NULL;

+    if (engine->yara_global != NULL) {

+        if (engine->yara_global->rules_table)

+            yr_hash_table_destroy(engine->yara_global->rules_table, NULL);

+        if (engine->yara_global->objects_table)

+            yr_hash_table_destroy(engine->yara_global->objects_table, NULL);

+        engine->yara_global->rules_table = engine->yara_global->objects_table = NULL;

+    }

     if(!engine->ftypes)

 	if((ret = cli_loadftm(NULL, engine, 0, 1, NULL)))

@@ -77,4 +77,8 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio)

 int cli_initroots(struct cl_engine *engine, unsigned int options);

+int cli_yara_init(struct cl_engine *engine);

+

+void cli_yara_free(struct cl_engine *engine);

+

 #endif

@@ -41,7 +41,6 @@ limitations under the License.

 #define _YARA_CLAM_H_

 #include "shared/queue.h"

-#include "yara_arena.h"

 #include "yara_hash.h"

 #include "others.h"

@@ -413,7 +412,10 @@ struct RE {

 #define MAX_FUNCTION_ARGS               128

 #define LOOP_LOCAL_VARS                 4

 #define LEX_BUF_SIZE                    1024

-

+#define MAX_INCLUDE_DEPTH               16

+#ifndef MAX_PATH

+#define MAX_PATH 1024

+#endif

 /* From libyara/include/yara/object.h            */

 #define OBJECT_TYPE_INTEGER     1

@@ -468,44 +470,6 @@ typedef struct _yc_string {

     int32_t subsig_id;

 } yc_string;

-typedef struct _yc_compiler {

-    int                 errors;

-    int                 error_line;

-    int                 last_error;

-    int                 last_error_line;

-    int                 last_result;

-

-    YR_ARENA            *sz_arena;

-    YR_ARENA            *rules_arena;

-    YR_ARENA            *strings_arena;

-    YR_ARENA            *code_arena;

-    YR_ARENA            *metas_arena;

-    YR_ARENA            *the_arena;

-    YR_HASH_TABLE       *rules_table;

-    YR_HASH_TABLE       *objects_table;

-    YR_NAMESPACE        *current_namespace;

-    yc_string           *current_rule_strings;

-    uint32_t            current_rule_flags;

-    uint32_t            current_rule_clflags;

-

-    int8_t              *loop_address[MAX_LOOP_NESTING];

-    char                *loop_identifier[MAX_LOOP_NESTING];

-    int                 loop_depth;

-    int                 loop_for_of_mem_offset;

-

-    char                last_error_extra_info[MAX_COMPILER_ERROR_EXTRA_INFO];

-

-    char                lex_buf[LEX_BUF_SIZE];

-    char                *lex_buf_ptr;

-    unsigned short      lex_buf_len;

-

-    char                *error_msg;   

-

-    STAILQ_HEAD(rq, _yc_rule) rule_q;

-    STAILQ_HEAD(cs, _yc_string) current_rule_string_q;

-} yc_compiler;

-

-typedef yc_compiler YR_COMPILER;

 typedef yc_rule YR_RULE;

 typedef yc_string YR_STRING;

@@ -1301,7 +1301,6 @@ case 48:

 YY_RULE_SETUP

 #line 173 "yara_lexer.l"

 {

-#ifdef REAL_YARA

   char            buffer[1024];

   char            *current_file_name;

@@ -1399,10 +1398,6 @@ YY_RULE_SETUP

   }

   BEGIN(INITIAL);

-#else

-  yyerror(yyscanner, compiler, "includes are disabled");

-  yyterminate();

-#endif

 }

 	YY_BREAK

 case YY_STATE_EOF(INITIAL):

@@ -1410,9 +1405,8 @@ case YY_STATE_EOF(str):

 case YY_STATE_EOF(regexp):

 case YY_STATE_EOF(include):

 case YY_STATE_EOF(comment):

-#line 280 "yara_lexer.l"

+#line 275 "yara_lexer.l"

 {

-#ifdef REAL_YARA

   YR_COMPILER* compiler = yara_yyget_extra(yyscanner);

   FILE* file = _yr_compiler_pop_file(compiler);

@@ -1429,7 +1423,7 @@ case YY_STATE_EOF(comment):

   {

     yyterminate();

   }

-#endif

+

   yara_yypop_buffer_state(yyscanner);

   if (!YY_CURRENT_BUFFER)

@@ -1440,7 +1434,7 @@ case YY_STATE_EOF(comment):

 	YY_BREAK

 case 49:

 YY_RULE_SETUP

-#line 308 "yara_lexer.l"

+#line 302 "yara_lexer.l"

 {

   yylval->c_string = yr_strdup(yytext);

@@ -1456,7 +1450,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 50:

 YY_RULE_SETUP

-#line 322 "yara_lexer.l"

+#line 316 "yara_lexer.l"

 {

   yylval->c_string = yr_strdup(yytext);

@@ -1472,7 +1466,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 51:

 YY_RULE_SETUP

-#line 336 "yara_lexer.l"

+#line 330 "yara_lexer.l"

 {

   yylval->c_string = yr_strdup(yytext);

@@ -1489,7 +1483,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 52:

 YY_RULE_SETUP

-#line 351 "yara_lexer.l"

+#line 345 "yara_lexer.l"

 {

   yylval->c_string = yr_strdup(yytext);

@@ -1506,7 +1500,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 53:

 YY_RULE_SETUP

-#line 366 "yara_lexer.l"

+#line 360 "yara_lexer.l"

 {

   if (strlen(yytext) > 128)

@@ -1526,7 +1520,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 54:

 YY_RULE_SETUP

-#line 384 "yara_lexer.l"

+#line 378 "yara_lexer.l"

 {

   yylval->integer = (size_t) atol(yytext);

@@ -1544,7 +1538,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 55:

 YY_RULE_SETUP

-#line 400 "yara_lexer.l"

+#line 394 "yara_lexer.l"

 {

   yylval->integer = xtoi(yytext + 2);

@@ -1553,7 +1547,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 56:

 YY_RULE_SETUP

-#line 407 "yara_lexer.l"

+#line 401 "yara_lexer.l"

 {     /* saw closing quote - all done */

   SIZED_STRING* s;

@@ -1579,7 +1573,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 57:

 YY_RULE_SETUP

-#line 431 "yara_lexer.l"

+#line 425 "yara_lexer.l"

 {

   LEX_CHECK_SPACE_OK("\t", yyextra->lex_buf_len, LEX_BUF_SIZE);

@@ -1589,7 +1583,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 58:

 YY_RULE_SETUP

-#line 439 "yara_lexer.l"

+#line 433 "yara_lexer.l"

 {

   LEX_CHECK_SPACE_OK("\n", yyextra->lex_buf_len, LEX_BUF_SIZE);

@@ -1599,7 +1593,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 59:

 YY_RULE_SETUP

-#line 447 "yara_lexer.l"

+#line 441 "yara_lexer.l"

 {

   LEX_CHECK_SPACE_OK("\"", yyextra->lex_buf_len, LEX_BUF_SIZE);

@@ -1609,7 +1603,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 60:

 YY_RULE_SETUP

-#line 455 "yara_lexer.l"

+#line 449 "yara_lexer.l"

 {

   LEX_CHECK_SPACE_OK("\\", yyextra->lex_buf_len, LEX_BUF_SIZE);

@@ -1619,7 +1613,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 61:

 YY_RULE_SETUP

-#line 463 "yara_lexer.l"

+#line 457 "yara_lexer.l"

 {

    int result;

@@ -1632,13 +1626,13 @@ YY_RULE_SETUP

 	YY_BREAK

 case 62:

 YY_RULE_SETUP

-#line 474 "yara_lexer.l"

+#line 468 "yara_lexer.l"

 { YYTEXT_TO_BUFFER; }

 	YY_BREAK

 case 63:

 /* rule 63 can match eol */

 YY_RULE_SETUP

-#line 477 "yara_lexer.l"

+#line 471 "yara_lexer.l"

 {

   yyerror(yyscanner, compiler, "unterminated string");

@@ -1648,7 +1642,7 @@ YY_RULE_SETUP

 case 64:

 /* rule 64 can match eol */

 YY_RULE_SETUP

-#line 483 "yara_lexer.l"

+#line 477 "yara_lexer.l"

 {

   yyerror(yyscanner, compiler, "illegal escape sequence");

@@ -1656,7 +1650,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 65:

 YY_RULE_SETUP

-#line 489 "yara_lexer.l"

+#line 483 "yara_lexer.l"

 {

   SIZED_STRING* s;

@@ -1689,7 +1683,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 66:

 YY_RULE_SETUP

-#line 520 "yara_lexer.l"

+#line 514 "yara_lexer.l"

 {

   LEX_CHECK_SPACE_OK("/", yyextra->lex_buf_len, LEX_BUF_SIZE);

@@ -1699,7 +1693,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 67:

 YY_RULE_SETUP

-#line 528 "yara_lexer.l"

+#line 522 "yara_lexer.l"

 {

   LEX_CHECK_SPACE_OK("\\.", yyextra->lex_buf_len, LEX_BUF_SIZE);

@@ -1710,13 +1704,13 @@ YY_RULE_SETUP

 	YY_BREAK

 case 68:

 YY_RULE_SETUP

-#line 537 "yara_lexer.l"

+#line 531 "yara_lexer.l"

 { YYTEXT_TO_BUFFER; }

 	YY_BREAK

 case 69:

 /* rule 69 can match eol */

 YY_RULE_SETUP

-#line 540 "yara_lexer.l"

+#line 534 "yara_lexer.l"

 {

   yyerror(yyscanner, compiler, "unterminated regular expression");

@@ -1725,7 +1719,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 70:

 YY_RULE_SETUP

-#line 547 "yara_lexer.l"

+#line 541 "yara_lexer.l"

 {

   yyextra->lex_buf_ptr = yyextra->lex_buf;

@@ -1735,7 +1729,7 @@ YY_RULE_SETUP

 	YY_BREAK

 case 71:

 YY_RULE_SETUP

-#line 555 "yara_lexer.l"

+#line 549 "yara_lexer.l"

 {

   yyextra->lex_buf_ptr = yyextra->lex_buf;

@@ -1746,7 +1740,7 @@ YY_RULE_SETUP

 case 72:

 /* rule 72 can match eol */

 YY_RULE_SETUP

-#line 563 "yara_lexer.l"

+#line 557 "yara_lexer.l"

 {

   int len = strlen(yytext);

@@ -1764,12 +1758,12 @@ YY_RULE_SETUP

 case 73:

 /* rule 73 can match eol */

 YY_RULE_SETUP

-#line 578 "yara_lexer.l"

+#line 572 "yara_lexer.l"

 /* skip whitespace */

 	YY_BREAK

 case 74:

 YY_RULE_SETUP

-#line 580 "yara_lexer.l"

+#line 574 "yara_lexer.l"

 {

   if (yytext[0] >= 32 && yytext[0] < 127)

@@ -1785,10 +1779,10 @@ YY_RULE_SETUP

 	YY_BREAK

 case 75:

 YY_RULE_SETUP

-#line 593 "yara_lexer.l"

+#line 587 "yara_lexer.l"

 ECHO;

 	YY_BREAK

-#line 1792 "yara_lexer.c"

+#line 1786 "yara_lexer.c"

 	case YY_END_OF_BUFFER:

 		{

@@ -2922,7 +2916,7 @@ void yara_yyfree (void * ptr , yyscan_t yyscanner)

 #define YYTABLES_NAME "yytables"

-#line 593 "yara_lexer.l"

+#line 587 "yara_lexer.l"

@@ -2931,7 +2925,6 @@ void yywarning(

     yyscan_t yyscanner,

     const char *warning_message)

 {

-#ifdef REAL_YARA

   YR_COMPILER* compiler = yara_yyget_extra(yyscanner);

   char* file_name;

@@ -2940,16 +2933,14 @@ void yywarning(

   else

     file_name = NULL;

+#ifdef REAL_YARA

   compiler->callback(

       YARA_ERROR_LEVEL_WARNING,

       file_name,

       yara_yyget_lineno(yyscanner),

       warning_message);

 #else

-  if (warning_message != NULL)

-    cli_errmsg("yara_lexer:yywarning() %s\n", warning_message);

-  else

-    cli_errmsg("yara_lexer:yywarning() unknown warning\n");

+    cli_warnmsg("yywarning(): %s line %d %s\n", file_name?file_name:"(file name missing)", compiler->last_error_line, warning_message);

 #endif

 }

@@ -2958,17 +2949,10 @@ void yyfatal(

     yyscan_t yyscanner,

     const char *error_message)

 {

-#ifdef REAL_YARA

   YR_COMPILER* compiler = yara_yyget_extra(yyscanner);

   yyerror(yyscanner, compiler, error_message);

   longjmp(compiler->error_recovery, 1);

-#else

-  if (error_message != NULL)

-    cli_errmsg("yara_lexer:yyfatal() %s\n", error_message);

-  else

-    cli_errmsg("yara_lexer:yyfatal() unknown error\n");

-#endif

 }

@@ -2977,7 +2961,6 @@ void yyerror(

     YR_COMPILER* compiler,

     const char *error_message)

 {

-#ifdef REAL_YARA

   char message[512] = {'\0'};

   char* file_name = NULL;

@@ -3010,6 +2993,7 @@ void yyerror(

     yr_compiler_set_error_extra_info(compiler, error_message);

     compiler->last_error = ERROR_SYNTAX_ERROR;

+#ifdef REAL_YARA

     if (compiler->callback != NULL)

     {

       compiler->callback(

@@ -3018,11 +3002,15 @@ void yyerror(

           compiler->last_error_line,

           error_message);

     }

+#else

+    cli_errmsg("yyerror(): %s line %d %s\n", file_name?file_name:"(file name missing)", compiler->last_error_line, error_message);

+#endif

   }

   else

   {

     compiler->last_error = compiler->last_result;

+#ifdef REAL_YARA

     if (compiler->callback != NULL)

     {

       yr_compiler_get_error_message(compiler, message, sizeof(message));

@@ -3033,27 +3021,13 @@ void yyerror(

         compiler->last_error_line,

         message);

     }

-  }

-

-  compiler->last_result = ERROR_SUCCESS;

 #else

-  compiler->errors++;

-  if (error_message != NULL)

-    cli_errmsg("yara_lexer:yyerror() error message: %s\n", error_message);

-  if (compiler->error_msg != NULL)

-    cli_errmsg("yara_lexer:yyerror() compiler error message: %s\n", compiler->error_msg);

-  if (compiler->last_error_extra_info[0] != (char) 0)

-    cli_errmsg("yara_lexer:yyerror() error extra info: %s\n", compiler->last_error_extra_info);

-  if (compiler->last_result != ERROR_SUCCESS)

-    cli_errmsg("yara_lexer:yyerror() last result is %i\n", compiler->last_result);

-  if (compiler->error_line != 0)

-    cli_errmsg("yara_lexer:yyerror() error line %i\n", compiler->error_line);

+    yr_compiler_get_error_message(compiler, message, sizeof(message));

+    cli_errmsg("yyerror(): %s line %d %s\n", file_name?file_name:"NULL filename", compiler->last_error_line, message);

+#endif

+  }

-  compiler->last_error_extra_info[0] = (char) 0;

-  compiler->error_msg = NULL;

   compiler->last_result = ERROR_SUCCESS;

-  compiler->error_line = 0;

-#endif

 }

@@ -3095,12 +3069,10 @@ int yr_lex_parse_rules_file(

 {

   yyscan_t yyscanner;

-#ifdef REAL_YARA

   compiler->errors = 0;

   if (setjmp(compiler->error_recovery) != 0)

     return compiler->errors;

-#endif

   yara_yylex_init(&yyscanner);

@@ -18,7 +18,8 @@ limitations under the License.

 #include <yara/compiler.h>

 #include <grammar.h>

 #else

-#include "libclamav/yara_clam.h"

+#include "yara_compiler.h"

+#include "yara_clam.h"

 #endif

 #undef yyparse

@@ -171,7 +171,6 @@ include[ \t]+\"         {

 <include>\"             {

-#ifdef REAL_YARA

   char            buffer[1024];

   char            *current_file_name;

@@ -270,15 +269,10 @@ include[ \t]+\"         {

   }

   BEGIN(INITIAL);

-#else

-  yyerror(yyscanner, compiler, "includes are disabled");

-  yyterminate();

-#endif

 }

 <<EOF>> {

-#ifdef REAL_YARA

   YR_COMPILER* compiler = yyget_extra(yyscanner);

   FILE* file = _yr_compiler_pop_file(compiler);

@@ -295,7 +289,7 @@ include[ \t]+\"         {

   {

     yyterminate();

   }

-#endif

+

   yypop_buffer_state(yyscanner);

   if (!YY_CURRENT_BUFFER)

@@ -597,7 +591,6 @@ void yywarning(

     yyscan_t yyscanner,

     const char *warning_message)

 {

-#ifdef REAL_YARA

   YR_COMPILER* compiler = yyget_extra(yyscanner);

   char* file_name;

@@ -606,16 +599,14 @@ void yywarning(

   else

     file_name = NULL;

+#ifdef REAL_YARA

   compiler->callback(

       YARA_ERROR_LEVEL_WARNING,

       file_name,

       yyget_lineno(yyscanner),

       warning_message);

 #else

-  if (warning_message != NULL)

-    cli_errmsg("yara_lexer:yywarning() %s\n", warning_message);

-  else

-    cli_errmsg("yara_lexer:yywarning() unknown warning\n");

+    cli_warnmsg("yywarning(): %s line %d %s\n", file_name?file_name:"(file name missing)", compiler->last_error_line, warning_message);

 #endif

 }

@@ -624,17 +615,10 @@ void yyfatal(

     yyscan_t yyscanner,

     const char *error_message)

 {

-#ifdef REAL_YARA

   YR_COMPILER* compiler = yyget_extra(yyscanner);

   yyerror(yyscanner, compiler, error_message);

   longjmp(compiler->error_recovery, 1);

-#else