Beispiel #1
0
/**********************************************************************
 *
 *	fast_dgrep
 *
 * Searches pattern from the whole buffer, and when a match is found, 
 * makes a line from the match position.
 */
static int fast_dgrep(char* buf, REG3 char* bufend, int bufsize)
{
	REG1 char*	matchptr = buf;
	REG2 char*	linebeg;	/* beginning of current line */

	for (;;) {
		if (regmust)
			matchptr = boyer_moore(matchptr,bufend,regmust,regmustlen);
		else
			matchptr = reg_exec(matchptr, bufend, linecount_ptr);
		if (matchptr == NULL)
			break;
		linebeg = get_linebeg(matchptr, buf);
		/* below matchptr points end of line */
		matchptr = memchr(matchptr, EOL2, bufend-matchptr);
		if (matchptr == NULL)
			matchptr = bufend;
		if (regmust_only || !regmust		/* match found or ...*/
		   || reg_exec(linebeg,matchptr,NULL) != NULL)	/* verify ok */
			if (check_flags(linebeg, matchptr, bufend) == STOP)
				return -1;
		matchptr++;
		if (matchptr > bufend)
			break;
	}
	return (buf+bufsize)-(bufend+NEOL(bufend));
}
Beispiel #2
0
/**********************************************************************
 *
 *	normal_dgrep
 *
 * When use_normal is TRUE, use this. This version separates
 * lines from buffer and then searches pattern from that line.
 */
static int normal_dgrep(char* buf, char* bufend, REG4 int bufsize)
{
	REG3 char*	line = buf;	/* current line */
	REG2 char*	le;		/* line end */
	REG1 char*	match;

	while ((le = memchr(line, EOL2, bufsize)) != NULL) {
		if (regmust) {
			match = boyer_moore(line,le,regmust,regmustlen);
			if (match != NULL && !regmust_only)
				match = reg_exec(line, le, NULL);
		} else
			match = reg_exec(line, le, NULL);
		if ((match && !nonmatch) || (!match && nonmatch)) {
			if (check_flags(line, le, bufend) == STOP)
				return -1;
		} else
			linecount++;
		le++;
		if ((bufsize -= (le-line)) <= 0)
			return 0;
		line = le;
	}
	return bufsize;
}
Beispiel #3
0
int main()
{

	
	char text[MAX_LENGTH], str[MAX_LENGTH];
	int indexesFromRight[CHAR_SIZE];
	int adr;		
	int index;

	printf("Please enter text: \n");
	fgets(text, MAX_LENGTH - 1, stdin);


	printf("Please enter string: \n");
	fgets(str, MAX_LENGTH - 1, stdin);




	// Öncelikle harflerin kelime içerisinde kaçıncı indiste bulunduklarını saklamalıyız.
	// Böylece harflerin durumuna göre öteleme işlemlerini gerçekleştirebiliriz.

	for(register int i=0; i < CHAR_SIZE; i++)
		indexesFromRight[i] = -1;


	// Eğer bir harf birden fazla sayıda bulunuyorsa en sağdaki indis tutulur.
	for(register int i=0; i < strlen(str); i++){
		adr = str[i] - '\0';
		indexesFromRight[adr] = i;
	}	

	for(register int i =0; i < strlen(str) - 1; i++)
	{
		adr = str[i] - '\0';
	}



	index = boyer_moore(text, str, indexesFromRight);

	if(index != -1)
	{
		printf("Aradığınız kelimenin başlangıç noktası : %d\n", index);
	} else
	{
		printf("Aradığınız kelime bulunamadı!\n");
	}

	return EXIT_SUCCESS;
}
Beispiel #4
0
void *get_match_positions(char *string, int stringlen, struct pattern *pattern)
{
  
  if (!pattern->matches)
    {
      pattern->match_size = 10;
      pattern->match_count = 0;
      pattern->matches = malloc(sizeof(struct match) * pattern->match_size);
      if (!pattern->matches)
	{
	  fprintf(stderr, "failed to alloc pattern->matches\n");
	  return NULL;
	}	
    }
    
  int pos = -1;
  int start = 0;
  while (1)    
    {
      pattern->matches[pattern->match_count].string = NULL;
      pattern->matches[pattern->match_count].depth = 0;
      
      pos = boyer_moore(string, start, stringlen, pattern->string, strlen(pattern->string));

      if (pos == -1)
	break;
      
      start = pos + strlen(pattern->string);
      
      pattern->matches[pattern->match_count].pos = pos;
      pattern->match_count += 1;
      pattern->total_match_count += 1;

      if (pattern->match_count == pattern->match_size) 
	{
	  pattern->matches = realloc(pattern->matches, 
				     sizeof(struct match) * pattern->match_size << 1);
	  if (!pattern->matches)
	    {
	      fprintf(stderr, "failed to realloc pattern matches\n");
	      return NULL;
	    }
	  pattern->match_size <<= 1;
	}
    }
  
  return (int *) 1;
}
Beispiel #5
0
int main()
{

uint8_t pat[]="abracadabra";

uint8_t txt[]="abracadabtabradabracadabcadaxbrabbracadabraxxxxxxabracadabracadabra";

patlen = sizeof(pat)/sizeof(pat[0]) - 1;

uint32_t n = sizeof(txt)/sizeof(txt[0]) - 1;
 

uint8_t ans=boyer_moore(txt, n, pat, patlen);

printf("\n匹配位置:%d\n", ans);
return 0;
}
Beispiel #6
0
int main(int argc, char **argv)
{
    char cmd[1000];
    FILE * fp;
    FILE * sigDb;
    char * fileName = NULL;
    char * sigPattern = NULL;
    size_t len = 0;
    size_t sigLen = 0;
    ssize_t readFile;
    ssize_t readSig;   
    uint8_t *fileBuf;
    uint8_t *sigBuf;
    size_t sizeFb;
    uint8_t *found;
    int count=0;
    strcpy(cmd, "find ");
    strcat(cmd, MOUNT); 
    strcat(cmd, " -type f > filesToScan.txt");

    system(cmd);

    fp = fopen("filesToScan.txt", "r");
    if (fp == NULL)
        exit(EXIT_FAILURE);
    
    //sigDb = fopen("mainCPUsig.ndb","r");
    timestamp_type time1, time2;
    get_timestamp(&time1);

    while ((readFile = getline(&fileName, &len, fp)) != -1) {
        printf("scaning: %s", fileName);

        remove_char_from_string('\n',fileName);
        loadFile(fileName, &fileBuf, &sizeFb);
        
        sigDb = fopen("mainCPUsig5k.ndb","r");
        while ((readSig = getline(&sigPattern, &sigLen, sigDb)) != -1){
            remove_char_from_string('\n',sigPattern);
            sigLen = strlen(sigPattern)/2;

            hex2data(&sigBuf, sigPattern);

            found = boyer_moore(fileBuf,sizeFb, sigBuf, sigLen);
            if(found != NULL){
                printf("    found virus in %s\n", fileName);
                count++;
            }
            free(sigBuf);

        }

        fclose(sigDb);
        printf("\n");
        free(fileBuf);
    }

    fclose(fp);
    get_timestamp(&time2);
    double elapsed = timestamp_diff_in_seconds(time1,time2);
    printf("%f s\n", elapsed);
    printf("virus count: %d\n", count);
    //loadFile(argv[1], &fileBuf, &sizeFb);
}
Beispiel #7
0
uint8_t *xs_find(xstring *x, xstring *pat)
{
    return boyer_moore(x->data, x->size,pat->data, pat->size);
}