Browse code
Fix for unit test failure.
Steven Morgan authored on 2015/05/29 02:36:09Showing 4 changed files
| ... | ... |
@@ -436,7 +436,7 @@ struct cl_engine *cl_engine_new(void) |
| 436 | 436 |
new->pcre_recmatch_limit = CLI_DEFAULT_PCRE_RECMATCH_LIMIT; |
| 437 | 437 |
new->pcre_max_filesize = CLI_DEFAULT_PCRE_MAX_FILESIZE; |
| 438 | 438 |
|
| 439 |
- if (cli_yara_init() != CL_SUCCESS) {
|
|
| 439 |
+ if (cli_yara_init(new) != CL_SUCCESS) {
|
|
| 440 | 440 |
cli_errmsg("cli_engine_new: failed to initialize YARA\n");
|
| 441 | 441 |
mpool_free(new->mempool, new->dconf); |
| 442 | 442 |
mpool_free(new->mempool, new->root); |
| ... | ... |
@@ -3783,57 +3783,83 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns |
| 3783 | 3783 |
return CL_SUCCESS; |
| 3784 | 3784 |
} |
| 3785 | 3785 |
|
| 3786 |
-static YR_ARENA * the_arena; |
|
| 3787 |
-static YR_HASH_TABLE * rules_table; |
|
| 3788 |
-static YR_HASH_TABLE * objects_table; |
|
| 3789 |
-static YR_HASH_TABLE * db_table; |
|
| 3786 |
+struct _yara_global {
|
|
| 3787 |
+ YR_ARENA * the_arena; |
|
| 3788 |
+ YR_HASH_TABLE * rules_table; |
|
| 3789 |
+ YR_HASH_TABLE * objects_table; |
|
| 3790 |
+ YR_HASH_TABLE * db_table; |
|
| 3791 |
+}; |
|
| 3790 | 3792 |
|
| 3791 |
-int cli_yara_init() |
|
| 3793 |
+int cli_yara_init(struct cl_engine * engine) |
|
| 3792 | 3794 |
{
|
| 3793 | 3795 |
/* Initialize YARA */ |
| 3794 |
- if (ERROR_SUCCESS != yr_arena_create(1024, 0, &the_arena)) {
|
|
| 3795 |
- cli_errmsg("cli_loadyara: failed to create the YARA arena\n");
|
|
| 3796 |
+ engine->yara_global = cli_calloc(1, sizeof(struct _yara_global)); |
|
| 3797 |
+ if (NULL == engine->yara_global) {
|
|
| 3798 |
+ cli_errmsg("cli_yara_init: failed to create YARA global\n");
|
|
| 3796 | 3799 |
return CL_EMEM; |
| 3797 |
- } |
|
| 3798 |
- if (ERROR_SUCCESS != yr_hash_table_create(10007, &rules_table)) {
|
|
| 3799 |
- cli_errmsg("cli_loadyara: failed to create the YARA rules table\n");
|
|
| 3800 |
- yr_arena_destroy(the_arena); |
|
| 3800 |
+ } |
|
| 3801 |
+ if (ERROR_SUCCESS != yr_arena_create(1024, 0, &engine->yara_global->the_arena)) {
|
|
| 3802 |
+ cli_errmsg("cli_yara_init: failed to create the YARA arena\n");
|
|
| 3803 |
+ free(engine->yara_global); |
|
| 3804 |
+ engine->yara_global = NULL; |
|
| 3801 | 3805 |
return CL_EMEM; |
| 3802 | 3806 |
} |
| 3803 |
- if (ERROR_SUCCESS != yr_hash_table_create(10007, &objects_table)) {
|
|
| 3804 |
- cli_errmsg("cli_loadyara: failed to create the YARA objects table\n");
|
|
| 3805 |
- yr_hash_table_destroy(rules_table, NULL); |
|
| 3806 |
- yr_arena_destroy(the_arena); |
|
| 3807 |
+ if (ERROR_SUCCESS != yr_hash_table_create(10007, &engine->yara_global->rules_table)) {
|
|
| 3808 |
+ cli_errmsg("cli_yara_init: failed to create the YARA rules table\n");
|
|
| 3809 |
+ yr_arena_destroy(engine->yara_global->the_arena); |
|
| 3810 |
+ engine->yara_global->the_arena = NULL; |
|
| 3811 |
+ free(engine->yara_global); |
|
| 3812 |
+ engine->yara_global = NULL; |
|
| 3807 | 3813 |
return CL_EMEM; |
| 3808 | 3814 |
} |
| 3809 |
- if (ERROR_SUCCESS != yr_hash_table_create(10007, &db_table)) {
|
|
| 3810 |
- cli_errmsg("cli_loadyara: failed to create the YARA objects table\n");
|
|
| 3811 |
- yr_hash_table_destroy(objects_table, NULL); |
|
| 3812 |
- yr_hash_table_destroy(rules_table, NULL); |
|
| 3813 |
- yr_arena_destroy(the_arena); |
|
| 3815 |
+ if (ERROR_SUCCESS != yr_hash_table_create(10007, &engine->yara_global->objects_table)) {
|
|
| 3816 |
+ cli_errmsg("cli_yara_init: failed to create the YARA objects table\n");
|
|
| 3817 |
+ yr_hash_table_destroy(engine->yara_global->rules_table, NULL); |
|
| 3818 |
+ yr_arena_destroy(engine->yara_global->the_arena); |
|
| 3819 |
+ engine->yara_global->rules_table = NULL; |
|
| 3820 |
+ engine->yara_global->the_arena = NULL; |
|
| 3821 |
+ free(engine->yara_global); |
|
| 3822 |
+ engine->yara_global = NULL; |
|
| 3823 |
+ engine->yara_global = NULL; |
|
| 3824 |
+ return CL_EMEM; |
|
| 3825 |
+ } |
|
| 3826 |
+ if (ERROR_SUCCESS != yr_hash_table_create(10007, &engine->yara_global->db_table)) {
|
|
| 3827 |
+ cli_errmsg("cli_yara_init: failed to create the YARA objects table\n");
|
|
| 3828 |
+ yr_hash_table_destroy(engine->yara_global->objects_table, NULL); |
|
| 3829 |
+ yr_hash_table_destroy(engine->yara_global->rules_table, NULL); |
|
| 3830 |
+ yr_arena_destroy(engine->yara_global->the_arena); |
|
| 3831 |
+ engine->yara_global->objects_table = NULL; |
|
| 3832 |
+ engine->yara_global->rules_table = NULL; |
|
| 3833 |
+ engine->yara_global->the_arena = NULL; |
|
| 3834 |
+ free(engine->yara_global); |
|
| 3835 |
+ engine->yara_global = NULL; |
|
| 3814 | 3836 |
return CL_EMEM; |
| 3815 | 3837 |
} |
| 3816 | 3838 |
return CL_SUCCESS; |
| 3817 | 3839 |
} |
| 3818 | 3840 |
|
| 3819 |
-void cli_yara_free() |
|
| 3841 |
+void cli_yara_free(struct cl_engine * engine) |
|
| 3820 | 3842 |
{
|
| 3821 |
- if (db_table != NULL) {
|
|
| 3822 |
- yr_hash_table_destroy(db_table, NULL); |
|
| 3823 |
- db_table = NULL; |
|
| 3824 |
- } |
|
| 3825 |
- if (rules_table != NULL) {
|
|
| 3826 |
- yr_hash_table_destroy(rules_table, NULL); |
|
| 3827 |
- rules_table = NULL; |
|
| 3828 |
- } |
|
| 3829 |
- if (objects_table != NULL) {
|
|
| 3830 |
- yr_hash_table_destroy(objects_table, NULL); |
|
| 3831 |
- objects_table = NULL; |
|
| 3832 |
- } |
|
| 3833 |
- if (the_arena != NULL) {
|
|
| 3834 |
- yr_arena_destroy(the_arena); |
|
| 3835 |
- the_arena = NULL; |
|
| 3836 |
- } |
|
| 3843 |
+ if (engine->yara_global != NULL) {
|
|
| 3844 |
+ if (engine->yara_global->db_table != NULL) {
|
|
| 3845 |
+ yr_hash_table_destroy(engine->yara_global->db_table, NULL); |
|
| 3846 |
+ engine->yara_global->db_table = NULL; |
|
| 3847 |
+ } |
|
| 3848 |
+ if (engine->yara_global->rules_table != NULL) {
|
|
| 3849 |
+ yr_hash_table_destroy(engine->yara_global->rules_table, NULL); |
|
| 3850 |
+ engine->yara_global->rules_table = NULL; |
|
| 3851 |
+ } |
|
| 3852 |
+ if (engine->yara_global->objects_table != NULL) {
|
|
| 3853 |
+ yr_hash_table_destroy(engine->yara_global->objects_table, NULL); |
|
| 3854 |
+ engine->yara_global->objects_table = NULL; |
|
| 3855 |
+ } |
|
| 3856 |
+ if (engine->yara_global->the_arena != NULL) {
|
|
| 3857 |
+ yr_arena_destroy(engine->yara_global->the_arena); |
|
| 3858 |
+ engine->yara_global->the_arena = NULL; |
|
| 3859 |
+ } |
|
| 3860 |
+ free(engine->yara_global); |
|
| 3861 |
+ engine->yara_global = NULL; |
|
| 3862 |
+ } |
|
| 3837 | 3863 |
} |
| 3838 | 3864 |
|
| 3839 | 3865 |
#if 0 |
| ... | ... |
@@ -3890,9 +3916,9 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, |
| 3890 | 3890 |
compiler.loop_for_of_mem_offset = -1; |
| 3891 | 3891 |
ns.name = "default"; |
| 3892 | 3892 |
compiler.current_namespace = &ns; |
| 3893 |
- compiler.the_arena = the_arena; |
|
| 3894 |
- compiler.rules_table = rules_table; |
|
| 3895 |
- compiler.objects_table = objects_table; |
|
| 3893 |
+ compiler.the_arena = engine->yara_global->the_arena; |
|
| 3894 |
+ compiler.rules_table = engine->yara_global->rules_table; |
|
| 3895 |
+ compiler.objects_table = engine->yara_global->objects_table; |
|
| 3896 | 3896 |
compiler.allow_includes = 1; |
| 3897 | 3897 |
_yr_compiler_push_file_name(&compiler, dbname); |
| 3898 | 3898 |
|
| ... | ... |
@@ -3929,9 +3955,9 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, |
| 3929 | 3929 |
} |
| 3930 | 3930 |
} |
| 3931 | 3931 |
|
| 3932 |
- yr_arena_append(the_arena, compiler.sz_arena); |
|
| 3933 |
- yr_arena_append(the_arena, compiler.rules_arena); |
|
| 3934 |
- yr_arena_append(the_arena, compiler.strings_arena); |
|
| 3932 |
+ yr_arena_append(engine->yara_global->the_arena, compiler.sz_arena); |
|
| 3933 |
+ yr_arena_append(engine->yara_global->the_arena, compiler.rules_arena); |
|
| 3934 |
+ yr_arena_append(engine->yara_global->the_arena, compiler.strings_arena); |
|
| 3935 | 3935 |
yr_arena_destroy(compiler.code_arena); |
| 3936 | 3936 |
yr_arena_destroy(compiler.metas_arena); |
| 3937 | 3937 |
_yr_compiler_pop_file_name(&compiler); |
| ... | ... |
@@ -4769,7 +4795,7 @@ int cl_engine_free(struct cl_engine *engine) |
| 4769 | 4769 |
#endif |
| 4770 | 4770 |
|
| 4771 | 4771 |
|
| 4772 |
- cli_yara_free(); |
|
| 4772 |
+ cli_yara_free(engine); |
|
| 4773 | 4773 |
|
| 4774 | 4774 |
free(engine); |
| 4775 | 4775 |
return CL_SUCCESS; |
| ... | ... |
@@ -4785,11 +4811,13 @@ int cl_engine_compile(struct cl_engine *engine) |
| 4785 | 4785 |
return CL_ENULLARG; |
| 4786 | 4786 |
|
| 4787 | 4787 |
/* Free YARA hash tables - only needed for parse and load */ |
| 4788 |
- if (rules_table) |
|
| 4789 |
- yr_hash_table_destroy(rules_table, NULL); |
|
| 4790 |
- if (objects_table) |
|
| 4791 |
- yr_hash_table_destroy(objects_table, NULL); |
|
| 4792 |
- rules_table = objects_table = NULL; |
|
| 4788 |
+ if (engine->yara_global != NULL) {
|
|
| 4789 |
+ if (engine->yara_global->rules_table) |
|
| 4790 |
+ yr_hash_table_destroy(engine->yara_global->rules_table, NULL); |
|
| 4791 |
+ if (engine->yara_global->objects_table) |
|
| 4792 |
+ yr_hash_table_destroy(engine->yara_global->objects_table, NULL); |
|
| 4793 |
+ engine->yara_global->rules_table = engine->yara_global->objects_table = NULL; |
|
| 4794 |
+ } |
|
| 4793 | 4795 |
|
| 4794 | 4796 |
if(!engine->ftypes) |
| 4795 | 4797 |
if((ret = cli_loadftm(NULL, engine, 0, 1, NULL))) |
| ... | ... |
@@ -77,8 +77,8 @@ char *cli_dbgets(char *buff, unsigned int size, FILE *fs, struct cli_dbio *dbio) |
| 77 | 77 |
|
| 78 | 78 |
int cli_initroots(struct cl_engine *engine, unsigned int options); |
| 79 | 79 |
|
| 80 |
-int cli_yara_init(); |
|
| 80 |
+int cli_yara_init(struct cl_engine *engine); |
|
| 81 | 81 |
|
| 82 |
-void cli_yara_free(); |
|
| 82 |
+void cli_yara_free(struct cl_engine *engine); |
|
| 83 | 83 |
|
| 84 | 84 |
#endif |