int yr_parser_reduce_string_identifier(
yyscan_t yyscanner,
const char* identifier,
uint8_t instruction,
uint64_t at_offset)
{
YR_STRING* string;
YR_COMPILER* compiler = yyget_extra(yyscanner);
if (strcmp(identifier, "$") == 0) // is an anonymous string ?
{
if (compiler->loop_for_of_mem_offset >= 0) // inside a loop ?
{
yr_parser_emit_with_arg(
yyscanner,
OP_PUSH_M,
compiler->loop_for_of_mem_offset,
NULL,
NULL);
yr_parser_emit(yyscanner, instruction, NULL);
string = compiler->current_rule->strings;
while(!STRING_IS_NULL(string))
{
if (instruction != OP_FOUND)
string->g_flags &= ~STRING_GFLAGS_SINGLE_MATCH;
if (instruction == OP_FOUND_AT)
{
// Avoid overwriting any previous fixed offset
if (string->fixed_offset == UNDEFINED)
string->fixed_offset = at_offset;
// If a previous fixed offset was different, disable
// the STRING_GFLAGS_FIXED_OFFSET flag because we only
// have room to store a single fixed offset value
if (string->fixed_offset != at_offset)
string->g_flags &= ~STRING_GFLAGS_FIXED_OFFSET;
}
else
{
string->g_flags &= ~STRING_GFLAGS_FIXED_OFFSET;
}
string = (YR_STRING*) yr_arena_next_address(
compiler->strings_arena,
string,
sizeof(YR_STRING));
}
}
else
{
// Anonymous strings not allowed outside of a loop
compiler->last_result = ERROR_MISPLACED_ANONYMOUS_STRING;
}
}
else
{
string = yr_parser_lookup_string(yyscanner, identifier);
if (string != NULL)
{
yr_parser_emit_with_arg_reloc(
yyscanner,
OP_PUSH,
PTR_TO_INT64(string),
NULL,
NULL);
if (instruction != OP_FOUND)
string->g_flags &= ~STRING_GFLAGS_SINGLE_MATCH;
if (instruction == OP_FOUND_AT)
{
// Avoid overwriting any previous fixed offset
if (string->fixed_offset == UNDEFINED)
string->fixed_offset = at_offset;
// If a previous fixed offset was different, disable
// the STRING_GFLAGS_FIXED_OFFSET flag because we only
// have room to store a single fixed offset value
if (string->fixed_offset == UNDEFINED ||
string->fixed_offset != at_offset)
{
string->g_flags &= ~STRING_GFLAGS_FIXED_OFFSET;
}
}
else
{
string->g_flags &= ~STRING_GFLAGS_FIXED_OFFSET;
}
yr_parser_emit(yyscanner, instruction, NULL);
string->g_flags |= STRING_GFLAGS_REFERENCED;
}
}
return compiler->last_result;
}
int yr_parser_reduce_string_identifier(
yyscan_t yyscanner,
const char* identifier,
int8_t instruction)
{
YR_STRING* string;
YR_COMPILER* compiler = yyget_extra(yyscanner);
if (strcmp(identifier, "$") == 0)
{
if (compiler->loop_depth > 0)
{
yr_parser_emit_with_arg(
yyscanner,
PUSH_M,
LOOP_LOCAL_VARS * (compiler->loop_depth - 1),
NULL);
yr_parser_emit(yyscanner, instruction, NULL);
if (instruction != SFOUND)
{
string = compiler->current_rule_strings;
while(!STRING_IS_NULL(string))
{
string->g_flags &= ~STRING_GFLAGS_SINGLE_MATCH;
string = yr_arena_next_address(
compiler->strings_arena,
string,
sizeof(YR_STRING));
}
}
}
else
{
compiler->last_result = ERROR_MISPLACED_ANONYMOUS_STRING;
}
}
else
{
string = yr_parser_lookup_string(yyscanner, identifier);
if (string != NULL)
{
yr_parser_emit_with_arg_reloc(
yyscanner,
PUSH,
PTR_TO_UINT64(string),
NULL);
if (instruction != SFOUND)
string->g_flags &= ~STRING_GFLAGS_SINGLE_MATCH;
yr_parser_emit(yyscanner, instruction, NULL);
string->g_flags |= STRING_GFLAGS_REFERENCED;
}
}
return compiler->last_result;
}
int yr_parser_reduce_operation(
yyscan_t yyscanner,
const char* op,
EXPRESSION left_operand,
EXPRESSION right_operand)
{
YR_COMPILER* compiler = yyget_extra(yyscanner);
if ((left_operand.type == EXPRESSION_TYPE_INTEGER ||
left_operand.type == EXPRESSION_TYPE_FLOAT) &&
(right_operand.type == EXPRESSION_TYPE_INTEGER ||
right_operand.type == EXPRESSION_TYPE_FLOAT))
{
if (left_operand.type != right_operand.type)
{
// One operand is double and the other is integer,
// cast the integer to double
compiler->last_result = yr_parser_emit_with_arg(
yyscanner,
OP_INT_TO_DBL,
(left_operand.type == EXPRESSION_TYPE_INTEGER) ? 2 : 1,
NULL,
NULL);
}
if (compiler->last_result == ERROR_SUCCESS)
{
int expression_type = EXPRESSION_TYPE_FLOAT;
if (left_operand.type == EXPRESSION_TYPE_INTEGER &&
right_operand.type == EXPRESSION_TYPE_INTEGER)
{
expression_type = EXPRESSION_TYPE_INTEGER;
}
compiler->last_result = yr_parser_emit(
yyscanner,
_yr_parser_operator_to_opcode(op, expression_type),
NULL);
}
}
else if (left_operand.type == EXPRESSION_TYPE_STRING &&
right_operand.type == EXPRESSION_TYPE_STRING)
{
int opcode = _yr_parser_operator_to_opcode(op, EXPRESSION_TYPE_STRING);
if (opcode != OP_ERROR)
{
compiler->last_result = yr_parser_emit(
yyscanner,
opcode,
NULL);
}
else
{
yr_compiler_set_error_extra_info_fmt(
compiler, "strings don't support \"%s\" operation", op);
compiler->last_result = ERROR_WRONG_TYPE;
}
}
else
{
yr_compiler_set_error_extra_info(compiler, "type mismatch");
compiler->last_result = ERROR_WRONG_TYPE;
}
return compiler->last_result;
}
