clamav

Commit Graph

Author	SHA1	Message	Date
Steven Morgan	d25549807f	Add YARA condition evaluation function. Add support for YARA 'of' clauses.	10 years ago
Kevin Lin	14878cb1e2	changed pcre PCRE_UNGREEDY from 'G' to 'U' reason: pcre uses 'U', 'G' is an artifact from old dev	10 years ago
Kevin Lin	16ec6d8dc1	fullword modifier on regex changed to be closer to yara	10 years ago
Kevin Lin	6dea5b0410	integrated sigopts (modifiers) into pcre subsigs using '+' re-factored sigopts_handler() code TODO: wide support for regex strings	10 years ago
Steven Morgan	22b54fdbf6	Revert "Add back a few #ifdef's to prevent unsupported YARA features from terminating with malformed database." - to be handled by pre-filtering the YARA rules. This reverts commit `70b9c0f306`.	10 years ago
Steven Morgan	70b9c0f306	Add back a few #ifdef's to prevent unsupported YARA features from terminating with malformed database.	10 years ago
Steven Morgan	f51f42e95c	Capture YARA compiled condition string and anchor in struct cli_ac_lsig.	10 years ago
Kevin Lin	311a0b106d	updated PCRE subsig check on no PCRE support for ldb and yara fixed an issue where partial yara rules could be loaded reason: segfaults are bad	10 years ago
Kevin Lin	06bd11e1af	fixed wildcard issues in yara->clamav conversion	10 years ago
Steven Morgan	9de400559d	refactor and simplify cli_lsig_eval, add new function cli_exp_eval to loop thru the lsig table and call either lsig_eval or yara_eval.	10 years ago
Steven Morgan	ebf3953f75	add YARA condition processor (preliminary/work in progress)	10 years ago
Kevin Lin	f22d89ee6b	added wide support for word marker char class reason: differs from what is expected in yara TODO: handle this case for all character classes/cases	10 years ago
Kevin Lin	f3db2bbdc7	patterns w/o boundaries != patterns w/ boundaries reason: fp/fn for patterns that differed in boundaries	10 years ago
Steven Morgan	39d0a152a3	Use YARA arena for rule memory.	10 years ago
Steven Morgan	7f7491099e	parser and memory management improvements.	10 years ago
Kevin Lin	48bf9ea190	fixed yara hex string parsing, reslen incorrectly calculated reason: caused invalid reads in yara hex string AC insertion TODO: correct yara hex string conversion to clamav hexstrs	10 years ago
Kevin Lin	13a232b533	fixed memory issues in sigopts handler	10 years ago
Steven Morgan	cc1c1c7d18	Fix memory leaks.	10 years ago
Steven Morgan	a5e750ae58	Comment out yr_object_lookup_field() call.	10 years ago
Steven Morgan	324fabbb38	Fix some ClamAV with YARA issues and turn on some more YARA parser features.	10 years ago
Kevin Lin	a1482b984e	prevent cyclic loops in sigopts_handler preventing memory leaks in yara sigs	10 years ago
Kevin Lin	8ea346810c	moved sigopts handler to separate function reason: sigopts weren't handled for yara sigs	10 years ago
Steven Morgan	bf80cd4eea	fix copy/paste	10 years ago
Steven Morgan	ede803c82b	Define strlcat to cli_strlcat.	10 years ago
Steven Morgan	a5bde84c28	Fix for errors on YARA rules when hex constants have odd lengths.	10 years ago
Steven Morgan	90941cad26	Improve YARA error messages. Enable parser yr_parser_check_types() function.	10 years ago
Kevin Lin	abec1002b1	string composition now derived from string->length	10 years ago
Kevin Lin	e072bb69c7	basis for wide sigopt support	10 years ago
Steven Morgan	12cb2f3d17	Enable additional YARA parser function.	10 years ago
Kevin Lin	348dc986a7	fullword modifier support for anchored signatures	10 years ago
Steven Morgan	4d1a9fa5df	Fix source of YARA string length.	10 years ago
Steven Morgan	e53a356b2d	Fix typo.	10 years ago
Kevin Lin	73b1cbae79	fullword 'f' sigopt handling for ldb and yara	10 years ago
Kevin Lin	dc70379a09	converted sigopts from char string to uint8_t	10 years ago
Steven Morgan	3ca6d4c020	YARA work in progress: enable parser functions, add YARA arenas and hash tables.	10 years ago
Kevin Lin	a98b86c3a7	simplified a string duplication	10 years ago
Kevin Lin	6b725bb7c3	added '(W)' special character to match fullword (non-alnum)	10 years ago
Kevin Lin	22bcb9b287	bb#11212 - alternate fix in MEW unpacker	10 years ago
Kevin Lin	87c9b7429f	Revert "bb#11212 - fixed section boundary mismatch in MEW unpacker" This reverts commit `9a0eed3ae3`.	10 years ago
Kevin Lin	f1dd20b607	force signatures with sigopts to the AC tree over BM	10 years ago
Steven Morgan	0cc83247bc	bb11264 - patch for 'possible' heap overflow submitted by the Debian team.	10 years ago
Kevin Lin	d10c234b43	changed disabled pcre support debug message to warning	10 years ago
Steven Morgan	016b79e682	minor change of yara parse code II.	10 years ago
Steven Morgan	46dc3c4a53	minor change of yara parse code.	10 years ago
Kevin Lin	4ff617c31b	capped the number of yara strings to MAX_LDB_SUBSIGS	10 years ago
Kevin Lin	94ac324efc	skips over malformed rules instead of error	10 years ago
Kevin Lin	f88cffca17	cleaned out excess yara messages	10 years ago
Kevin Lin	bec92cfc2e	removed strict yara property interpretation moved yara literal string parsing up in priority	10 years ago
Kevin Lin	1215ac0fe4	set cli_yaramsg() to debugging mode	10 years ago
Kevin Lin	b62dd1dd74	re-added basic yara pcre support	10 years ago

1 2 3 4 5 ...

3460 Commits (d25549807f9bac668de84634fcb8d15f1caa9140)