search for: upload_rules_fil

Displaying 9 results from an estimated 9 matches for "upload_rules_fil".

Did you mean: upload_rules_file
2016 Nov 21
2
Re: [PATCH v2 2/6] New API: yara_load
...y_yara_compiler (void *ptr) > +{ > + YR_COMPILER *compiler = * (YR_COMPILER **) ptr; > + > + if (compiler != NULL) > + yr_compiler_destroy (compiler); > +} > + This should rather be directly in daemon/yara.c, since libyara would be used there only. > +static int > +upload_rules_file (char *rules_path) > +{ > + int ret = 0; > + CLEANUP_CLOSE int fd = 0; > + struct write_callback_data data = { .written = 0 }; > + > + data.fd = mkstemp (rules_path); > + if (data.fd == -1) { > + reply_with_perror ("mkstemp"); > + return -1; > +...
2016 Nov 02
0
[PATCH 2/6] New API: yara_load
...#include "actions.h" +#include "optgroups.h" +#include "guestfs_protocol.h" + +#ifdef HAVE_LIBYARA + +#include <yara.h> + +struct write_callback_data { + int fd; + uint64_t written; +}; + +/* Yara compiled rules. */ +static YR_RULES *rules = NULL; + +static int upload_rules_file (char *); +static int compile_rules_file (const char *); +static int write_callback (void *, const void *, size_t); + +/* Has one FileIn parameter. */ +int +do_yara_load (void) +{ + int ret = 0; + char tmpfile[] = "/tmp/yaraXXXXXX"; + + ret = upload_rules_file (tmpfile); + if (ret &l...
2016 Nov 09
0
[PATCH v2 2/6] New API: yara_load
...+#include "optgroups.h" +#include "guestfs_protocol.h" + +#ifdef HAVE_YARA + +#include <yara.h> + +struct write_callback_data { + int fd; + uint64_t written; +}; + +/* Yara compiled rules. */ +static YR_RULES *rules = NULL; +static bool initialized = false; + +static int upload_rules_file (char *); +static int compile_rules_file (const char *); +static int write_callback (void *, const void *, size_t); +static void compile_error_callback (int, const char *, int, const char *, void *); + +/* Has one FileIn parameter. */ +int +do_yara_load (void) +{ + int ret = 0; + char tmpfile[]...
2016 Nov 22
0
Re: [PATCH v2 2/6] New API: yara_load
...+ YR_COMPILER *compiler = * (YR_COMPILER **) ptr; >> + >> + if (compiler != NULL) >> + yr_compiler_destroy (compiler); >> +} >> + > This should rather be directly in daemon/yara.c, since libyara would be > used there only. > >> +static int >> +upload_rules_file (char *rules_path) >> +{ >> + int ret = 0; >> + CLEANUP_CLOSE int fd = 0; >> + struct write_callback_data data = { .written = 0 }; >> + >> + data.fd = mkstemp (rules_path); >> + if (data.fd == -1) { >> + reply_with_perror ("mkstemp"...
2016 Nov 02
8
[PATCH 0/6] Feature: Yara file scanning
Yara is a rule based scanning engine aimed to help malware analysts in finding and classifying interesting samples. https://github.com/VirusTotal/yara This series adds Yara support to Libguestfs allowing to upload sets of rules and scanning files against them. Currently provided APIs: - yara_load: loads a set of rules - yara_destroy: free resources allocated by loaded rules - yara_scan:
2016 Nov 09
9
[PATCH v2 0/6] Feature: Yara file scanning
v2: - Fix yara dependency in packagelist - Use pkg-config where available - Improve longdesc of yara_load API - Fix libyara initialization and finalization - Import CLEANUP_FCLOSE - Add custom CLEANUP_DESTROY_YARA_COMPILER - Add rules compilation error callback - Other small fixes according to comments Matteo Cafasso (6): appliance: add yara dependency New API: yara_load New API:
2016 Nov 22
2
Re: [PATCH v2 4/6] New API: internal_yara_scan
...itignore | 1 + > src/MAX_PROC_NR | 2 +- > 7 files changed, 111 insertions(+), 1 deletion(-) > > diff --git a/daemon/yara.c b/daemon/yara.c > index fe1f69a..8e7d328 100644 > --- a/daemon/yara.c > +++ b/daemon/yara.c > @@ -52,6 +52,8 @@ static int upload_rules_file (char *); > static int compile_rules_file (const char *); > static int write_callback (void *, const void *, size_t); > static void compile_error_callback (int, const char *, int, const char *, void *); > +static int yara_rules_callback (int , void *, void *); > +static int send_...
2016 Nov 22
0
Re: [PATCH v2 4/6] New API: internal_yara_scan
...X_PROC_NR | 2 +- >> 7 files changed, 111 insertions(+), 1 deletion(-) >> >> diff --git a/daemon/yara.c b/daemon/yara.c >> index fe1f69a..8e7d328 100644 >> --- a/daemon/yara.c >> +++ b/daemon/yara.c >> @@ -52,6 +52,8 @@ static int upload_rules_file (char *); >> static int compile_rules_file (const char *); >> static int write_callback (void *, const void *, size_t); >> static void compile_error_callback (int, const char *, int, const char *, void *); >> +static int yara_rules_callback (int , void *, void *); &gt...
2016 Nov 09
0
[PATCH v2 4/6] New API: internal_yara_scan
...| 1 + java/com/redhat/et/libguestfs/.gitignore | 1 + src/MAX_PROC_NR | 2 +- 7 files changed, 111 insertions(+), 1 deletion(-) diff --git a/daemon/yara.c b/daemon/yara.c index fe1f69a..8e7d328 100644 --- a/daemon/yara.c +++ b/daemon/yara.c @@ -52,6 +52,8 @@ static int upload_rules_file (char *); static int compile_rules_file (const char *); static int write_callback (void *, const void *, size_t); static void compile_error_callback (int, const char *, int, const char *, void *); +static int yara_rules_callback (int , void *, void *); +static int send_detection_info (const cha...