clamav

Commit Graph

Author	SHA1	Message	Date
Kevin Lin	a576a0368b	retcodes added to parse_yara_hex_string()	10 years ago
Kevin Lin	39e05dbdf3	reorganization and 'static' modifiers	10 years ago
Kevin Lin	72747e08dd	implemented yara sigopts (only nocase operational)	10 years ago
Kevin Lin	f597585be0	fixed cleanup and error reporting in cli_loadyara()	10 years ago
Kevin Lin	b673191549	re-added support for 'generic' strings	10 years ago
Kevin Lin	ea6e8cc91f	added additional malformed yara string detection	10 years ago
Kevin Lin	ddc4030fba	different initialization for ytable	10 years ago
Kevin Lin	a0ab171d55	print yara loading summary only is yara rules are detected	10 years ago
Kevin Lin	9caff17ad3	logical signatures loading now uses init_tdb()	10 years ago
Kevin Lin	3dafe2971e	fixed yara compiler memory leaks (valgrind)	10 years ago
Kevin Lin	bb2ebd6740	fixed tdb uninitialized conditional jumps (valgrind)	10 years ago
Kevin Lin	814931b906	reconnected older yara loading stats tracking	10 years ago
Kevin Lin	a684f7d8bd	created init_tdb() shared between ldb and yara completed parsing hex strings for yara	10 years ago
Kevin Lin	c58e2fdbe8	quick implementation of ystring table	10 years ago
Kevin Lin	5765c290b4	added structures for yara string table	10 years ago
Kevin Lin	f4265e07eb	[WIP] more robust yara string loading	10 years ago
Kevin Lin	b5b3fecd6c	unioned lsig logic and future yara conditional	10 years ago
Kevin Lin	af1edc184d	additional fixes to nocase yara integration	10 years ago
Kevin Lin	31ab943ac1	fix to yara integration with nocase patterns	10 years ago
Kevin Lin	925931bcbb	yara plugin for nocase strings	10 years ago
Kevin Lin	23d7c6e6f4	removed nocase changes to ac tree operation	10 years ago
Kevin Lin	7fc5eab81a	finished support for AC trie nocase variant added check to prevent adding nocase signatures to case-sensitive AC tries	10 years ago
Kevin Lin	a02acd50b6	[WIP] added nocase support to clamav ac algorithm	10 years ago
Shawn Webb	1f271616be	Switch the engine to using cli_strlcat instead of strcat	11 years ago
Steven Morgan	b3a7a511aa	Handle yara entrypoint keyword in prototype.	11 years ago
Steven Morgan	e9b611f8ec	Fix bug in ldb length calculation for yara hex strings, refine 'all/any of them' condition handling, handle EMALFDB errors from yara strings, add some metrics.	11 years ago
Steven Morgan	b9af0434e5	Support yara 'all of them/any of them' conditions, enforce maximum subsig constraint, and fix signature length calculation error.	11 years ago
Steven Morgan	fdd7f80194	exclude yara rules containing strings subject to ClamAV minimum length constraints.	11 years ago
Kevin Lin	6f594861a5	added limited regex support to yara signatures TODO: generate trigger lsigs	11 years ago
Steven Morgan	88c4a39fe2	work in progress: support more yara parser functionality.	11 years ago
Shawn Webb	448a6672e3	More whitespace changes	11 years ago
Shawn Webb	2b543108ae	Retab cli_parse_add()	11 years ago
Shawn Webb	f2da4b5bb5	Dramatically reduce complexity of parsing Yara hex signatures.	11 years ago
Shawn Webb	5e8993e95b	Yara hex string parsing, phase 2: Stuff the strings.	11 years ago
Shawn Webb	8faddbe6b1	Phase 1 of yara hex string parsing: gather number of substrings and lengths of those substrings	11 years ago
Shawn Webb	f901b0ad82	Support hex strings	11 years ago
Shawn Webb	3cdfd031e0	Initialize nstrings	11 years ago
Shawn Webb	a2bfd1a0ee	More whitespace cleanup	11 years ago
Shawn Webb	32957e2f4f	Whitespace cleanup	11 years ago
Shawn Webb	f89185f4be	Initialize the roots before trying to load the generated ldb sig	11 years ago
Shawn Webb	ade8279c88	Generate a very basic LDB entry from the strings loaded from a yara rule	11 years ago
Steven Morgan	a3c5f974ca	pull ascii, nocase, and wide keywords from YARA rule strings.	11 years ago
Steven Morgan	6e767879e0	YARA work in progress: add parser skeleton, add string and rule queuing.	11 years ago
Kevin Lin	86eddf118f	set cli_virname argument to use const qualifier pcre: added field to track virname virname is tracked when a lsig is a single bypass pcre subsig	11 years ago
Steven Morgan	9bc534ca4e	Fix build on windows (yara currently excluded).	11 years ago
Steven Morgan	186d22d187	include calling YARA rule parser during ClamAV database load.	11 years ago
Kevin Lin	15464f6c16	pcre: rewrote subsig parsing to handle '/' within expression pcre: fixed invalid read issues	11 years ago
Kevin Lin	5843ac793e	pcre: simplfied pcre subsig parsing using cli_strtokenize pcre: added check to prevent empty triggers and patterns	11 years ago
Kevin Lin	7250b47e75	pcre: cleaned up comments, old code, and debug messages pcre: disable (?UTF*) control option	11 years ago
Kevin Lin	5c2c723361	added pcre execution time and match performance tracking fixed an issue with statistics reporting with no signatures loaded	11 years ago

1 2 3 4 5 ...

453 Commits (8efbf4a0cb9be3d954a8d2b29cf729f128558d2e)