Displaying 9 results from an estimated 9 matches for "upload_rules_fil".
Did you mean:
upload_rules_file
2016 Nov 21
2
Re: [PATCH v2 2/6] New API: yara_load
...y_yara_compiler (void *ptr)
> +{
> + YR_COMPILER *compiler = * (YR_COMPILER **) ptr;
> +
> + if (compiler != NULL)
> + yr_compiler_destroy (compiler);
> +}
> +
This should rather be directly in daemon/yara.c, since libyara would be
used there only.
> +static int
> +upload_rules_file (char *rules_path)
> +{
> + int ret = 0;
> + CLEANUP_CLOSE int fd = 0;
> + struct write_callback_data data = { .written = 0 };
> +
> + data.fd = mkstemp (rules_path);
> + if (data.fd == -1) {
> + reply_with_perror ("mkstemp");
> + return -1;
> +...
2016 Nov 02
0
[PATCH 2/6] New API: yara_load
...#include "actions.h"
+#include "optgroups.h"
+#include "guestfs_protocol.h"
+
+#ifdef HAVE_LIBYARA
+
+#include <yara.h>
+
+struct write_callback_data {
+ int fd;
+ uint64_t written;
+};
+
+/* Yara compiled rules. */
+static YR_RULES *rules = NULL;
+
+static int upload_rules_file (char *);
+static int compile_rules_file (const char *);
+static int write_callback (void *, const void *, size_t);
+
+/* Has one FileIn parameter. */
+int
+do_yara_load (void)
+{
+ int ret = 0;
+ char tmpfile[] = "/tmp/yaraXXXXXX";
+
+ ret = upload_rules_file (tmpfile);
+ if (ret &l...
2016 Nov 09
0
[PATCH v2 2/6] New API: yara_load
...+#include "optgroups.h"
+#include "guestfs_protocol.h"
+
+#ifdef HAVE_YARA
+
+#include <yara.h>
+
+struct write_callback_data {
+ int fd;
+ uint64_t written;
+};
+
+/* Yara compiled rules. */
+static YR_RULES *rules = NULL;
+static bool initialized = false;
+
+static int upload_rules_file (char *);
+static int compile_rules_file (const char *);
+static int write_callback (void *, const void *, size_t);
+static void compile_error_callback (int, const char *, int, const char *, void *);
+
+/* Has one FileIn parameter. */
+int
+do_yara_load (void)
+{
+ int ret = 0;
+ char tmpfile[]...
2016 Nov 22
0
Re: [PATCH v2 2/6] New API: yara_load
...+ YR_COMPILER *compiler = * (YR_COMPILER **) ptr;
>> +
>> + if (compiler != NULL)
>> + yr_compiler_destroy (compiler);
>> +}
>> +
> This should rather be directly in daemon/yara.c, since libyara would be
> used there only.
>
>> +static int
>> +upload_rules_file (char *rules_path)
>> +{
>> + int ret = 0;
>> + CLEANUP_CLOSE int fd = 0;
>> + struct write_callback_data data = { .written = 0 };
>> +
>> + data.fd = mkstemp (rules_path);
>> + if (data.fd == -1) {
>> + reply_with_perror ("mkstemp"...
2016 Nov 02
8
[PATCH 0/6] Feature: Yara file scanning
Yara is a rule based scanning engine aimed to help malware analysts in finding and classifying interesting samples.
https://github.com/VirusTotal/yara
This series adds Yara support to Libguestfs allowing to upload sets of rules and scanning files against them.
Currently provided APIs:
- yara_load: loads a set of rules
- yara_destroy: free resources allocated by loaded rules
- yara_scan:
2016 Nov 09
9
[PATCH v2 0/6] Feature: Yara file scanning
v2:
- Fix yara dependency in packagelist
- Use pkg-config where available
- Improve longdesc of yara_load API
- Fix libyara initialization and finalization
- Import CLEANUP_FCLOSE
- Add custom CLEANUP_DESTROY_YARA_COMPILER
- Add rules compilation error callback
- Other small fixes according to comments
Matteo Cafasso (6):
appliance: add yara dependency
New API: yara_load
New API:
2016 Nov 22
2
Re: [PATCH v2 4/6] New API: internal_yara_scan
...itignore | 1 +
> src/MAX_PROC_NR | 2 +-
> 7 files changed, 111 insertions(+), 1 deletion(-)
>
> diff --git a/daemon/yara.c b/daemon/yara.c
> index fe1f69a..8e7d328 100644
> --- a/daemon/yara.c
> +++ b/daemon/yara.c
> @@ -52,6 +52,8 @@ static int upload_rules_file (char *);
> static int compile_rules_file (const char *);
> static int write_callback (void *, const void *, size_t);
> static void compile_error_callback (int, const char *, int, const char *, void *);
> +static int yara_rules_callback (int , void *, void *);
> +static int send_...
2016 Nov 22
0
Re: [PATCH v2 4/6] New API: internal_yara_scan
...X_PROC_NR | 2 +-
>> 7 files changed, 111 insertions(+), 1 deletion(-)
>>
>> diff --git a/daemon/yara.c b/daemon/yara.c
>> index fe1f69a..8e7d328 100644
>> --- a/daemon/yara.c
>> +++ b/daemon/yara.c
>> @@ -52,6 +52,8 @@ static int upload_rules_file (char *);
>> static int compile_rules_file (const char *);
>> static int write_callback (void *, const void *, size_t);
>> static void compile_error_callback (int, const char *, int, const char *, void *);
>> +static int yara_rules_callback (int , void *, void *);
>...
2016 Nov 09
0
[PATCH v2 4/6] New API: internal_yara_scan
...| 1 +
java/com/redhat/et/libguestfs/.gitignore | 1 +
src/MAX_PROC_NR | 2 +-
7 files changed, 111 insertions(+), 1 deletion(-)
diff --git a/daemon/yara.c b/daemon/yara.c
index fe1f69a..8e7d328 100644
--- a/daemon/yara.c
+++ b/daemon/yara.c
@@ -52,6 +52,8 @@ static int upload_rules_file (char *);
static int compile_rules_file (const char *);
static int write_callback (void *, const void *, size_t);
static void compile_error_callback (int, const char *, int, const char *, void *);
+static int yara_rules_callback (int , void *, void *);
+static int send_detection_info (const cha...