R_API int r_regex_match (const char *pattern, const char *flags, const char *text) { int ret; RRegex rx; int re_flags = r_regex_flags (flags); if (r_regex_comp (&rx, pattern, re_flags)) { eprintf ("FAIL TO COMPILE %s\n", pattern); return 0; } ret = r_regex_exec (&rx, text, 0, 0, re_flags); if (!ret) { eprintf ("OK! (%s)\n", text); if (!strstr (text, "raxq")) { eprintf ("FALSE POSITIVE with (%s)\n", pattern); } } r_regex_fini (&rx); return ret? 0: 1; #if 0 regex_t preg; regmatch_t pmatch[NUM_MATCHES]; if (regcomp(&preg, reg, REG_EXTENDED)) return -1; return (regexec (&preg, str, NUM_MATCHES, pmatch, 0))?1:0; #endif }
R_API RRegex *r_regex_new (const char *pattern, const char *flags) { RRegex rx, *r; if (r_regex_comp (&rx, pattern, r_regex_flags (flags))) return NULL; r = malloc (sizeof (RRegex)); memcpy (r, &rx, sizeof (RRegex)); return r; }
int matchs(const char *string, char *pattern) { int status = 0; RRegex *re = r_regex_new (pattern, ""); if (!re) return status; if (r_regex_comp (re, pattern, R_REGEX_EXTENDED|R_REGEX_NOSUB) == 0) { status = r_regex_exec (re, string, (size_t) 0, NULL, 0)? 1: 0; } r_regex_free (re); return status; }
R_API int r_regex_match (const char *pattern, const char *flags, const char *text) { int ret; RRegex rx; if (r_regex_comp (&rx, pattern, r_regex_flags (flags))) return -1; ret = r_regex_exec (&rx, text, 0, 0, 0); r_regex_fini (&rx); return ret? 0: 1; #if 0 regex_t preg; regmatch_t pmatch[NUM_MATCHES]; if (regcomp(&preg, reg, REG_EXTENDED)) return -1; return (regexec (&preg, str, NUM_MATCHES, pmatch, 0))?1:0; #endif }
int _main() { RRegex rx; int rc = r_regex_comp (&rx, "^hi", R_REGEX_NOSUB); if (rc) { printf ("error\n"); } else { rc = r_regex_exec (&rx, "patata", 0, 0, 0); printf ("out = %d\n", rc); rc = r_regex_exec (&rx, "hillow", 0, 0, 0); printf ("out = %d\n", rc); } r_regex_free (&rx); return 0; }
static int check_fmt(RMagic *ms, struct r_magic *m) { RRegex rx; int rc; if (strchr (R_MAGIC_DESC, '%') == NULL) return 0; rc = r_regex_comp (&rx, "%[-0-9\\.]*s", R_REGEX_EXTENDED|R_REGEX_NOSUB); if (rc) { char errmsg[512]; r_regex_error (rc, &rx, errmsg, sizeof (errmsg)); file_magerror (ms, "regex error %d, (%s)", rc, errmsg); return -1; } else { rc = r_regex_exec (&rx, R_MAGIC_DESC, 0, 0, 0); r_regex_fini (&rx); return !rc; } }
// TODO: add support for byte-per-byte opcode search R_API RList *r_core_asm_strsearch(RCore *core, const char *input, ut64 from, ut64 to, int maxhits, int regexp, int everyByte, int mode) { RCoreAsmHit *hit; RAsmOp op; RList *hits; ut64 at, toff = core->offset; ut8 *buf; int align = core->search->align; RRegex* rx = NULL; char *tok, *tokens[1024], *code = NULL, *ptr; int idx, tidx = 0, len = 0; int tokcount, matchcount, count = 0; int matches = 0; const int addrbytes = core->io->addrbytes; if (!input || !*input) { return NULL; } ut64 usrimm = r_num_math (core->num, input + 1); if (core->blocksize < 8) { eprintf ("error: block size too small\n"); return NULL; } if (!(buf = (ut8 *)calloc (core->blocksize, 1))) { return NULL; } if (!(ptr = strdup (input))) { free (buf); return NULL; } if (!(hits = r_core_asm_hit_list_new ())) { free (buf); free (ptr); return NULL; } tokens[0] = NULL; for (tokcount = 0; tokcount < R_ARRAY_SIZE (tokens) - 1; tokcount++) { tok = strtok (tokcount? NULL: ptr, ";"); if (!tok) { break; } tokens[tokcount] = r_str_trim_head_tail (tok); } tokens[tokcount] = NULL; r_cons_break_push (NULL, NULL); char *opst = NULL; for (at = from, matchcount = 0; at < to; at += core->blocksize) { if (r_cons_is_breaked ()) { break; } if (!r_io_is_valid_offset (core->io, at, 0)) { break; } (void)r_io_read_at (core->io, at, buf, core->blocksize); idx = 0, matchcount = 0; while (addrbytes * (idx + 1) <= core->blocksize) { ut64 addr = at + idx; if (addr >= to) { break; } r_asm_set_pc (core->assembler, addr); if (mode == 'i') { RAnalOp analop = {0}; if (r_anal_op (core->anal, &analop, addr, buf + idx, 15, 0) < 1) { idx ++; // TODO: honor mininstrsz continue; } if (analop.val == usrimm) { if (!(hit = r_core_asm_hit_new ())) { r_list_purge (hits); R_FREE (hits); goto beach; } hit->addr = addr; hit->len = analop.size; // idx + len - tidx; if (hit->len == -1) { r_core_asm_hit_free (hit); goto beach; } r_asm_disassemble (core->assembler, &op, buf + addrbytes * idx, core->blocksize - addrbytes * idx); hit->code = r_str_newf (r_strbuf_get (&op.buf_asm)); idx = (matchcount)? tidx + 1: idx + 1; matchcount = 0; r_list_append (hits, hit); continue; } r_anal_op_fini (&analop); idx ++; // TODO: honor mininstrsz continue; } else if (mode == 'e') { RAnalOp analop = {0}; if (r_anal_op (core->anal, &analop, addr, buf + idx, 15, R_ANAL_OP_MASK_ESIL) < 1) { idx ++; // TODO: honor mininstrsz continue; } //opsz = analop.size; opst = strdup (r_strbuf_get (&analop.esil)); r_anal_op_fini (&analop); } else { if (!(len = r_asm_disassemble ( core->assembler, &op, buf + addrbytes * idx, core->blocksize - addrbytes * idx))) { idx = (matchcount)? tidx + 1: idx + 1; matchcount = 0; continue; } //opsz = op.size; opst = strdup (r_strbuf_get (&op.buf_asm)); } if (opst) { matches = strcmp (opst, "invalid") && strcmp (opst, "unaligned"); } if (matches && tokens[matchcount]) { if (!regexp) { matches = strstr (opst, tokens[matchcount]) != NULL; } else { rx = r_regex_new (tokens[matchcount], ""); if (r_regex_comp (rx, tokens[matchcount], R_REGEX_EXTENDED|R_REGEX_NOSUB) == 0) { matches = r_regex_exec (rx, opst, 0, 0, 0) == 0; } r_regex_free (rx); } } if (align && align > 1) { if (addr % align) { matches = false; } } if (matches) { code = r_str_appendf (code, "%s; ", opst); if (matchcount == tokcount - 1) { if (tokcount == 1) { tidx = idx; } if (!(hit = r_core_asm_hit_new ())) { r_list_purge (hits); R_FREE (hits); goto beach; } hit->addr = addr; hit->len = idx + len - tidx; if (hit->len == -1) { r_core_asm_hit_free (hit); goto beach; } code[strlen (code) - 2] = 0; hit->code = strdup (code); r_list_append (hits, hit); R_FREE (code); matchcount = 0; idx = tidx + 1; if (maxhits) { count++; if (count >= maxhits) { //eprintf ("Error: search.maxhits reached\n"); goto beach; } } } else if (!matchcount) { tidx = idx; matchcount++; idx += len; } else { matchcount++; idx += len; } } else { if (everyByte) { idx = matchcount? tidx + 1: idx + 1; } else { idx += R_MAX (1, len); } R_FREE (code); matchcount = 0; } R_FREE (opst); } } r_cons_break_pop (); r_asm_set_pc (core->assembler, toff); beach: free (buf); free (ptr); free (code); R_FREE (opst); r_cons_break_pop (); return hits; }
char *mreplace(char *string, char *se,char *rep) { #ifdef _MSC_VER #define nmatch 16 #else const size_t nmatch = 16; #endif memChunk *search,*temp,*found,*ffound; unsigned long offset = 0; RRegexMatch pm[nmatch]; char *res, field[16]; char noMatch = 0; int status, i; RRegex *re; if (!string) return ""; if (!strlen (se)) return string; if (!strcmp (se,rep)) return string; temp = memStringReserve (string,INPUTLINE_BUFFER_REPLACE_SIZE); search = memStringReserve (se,INPUTLINE_BUFFER_REPLACE_SIZE); sreplace (search->address, "\\d", "[0-9]", 1, INPUTLINE_BUFFER_REPLACE_SIZE); #if MDEBUG2 sData=strdup(string); DBG("mreplace(string,se,re)","string : %s",sData); DBG("mreplace(string,se,re)","search : %s",search->address); DBG("mreplace(string,se,re)","replace : %s",rep); #endif re = r_regex_new ("", 0); if (r_regex_comp (re, search->address, R_REGEX_EXTENDED) != 0) if(r_regex_comp (re, search->address, R_REGEX_EXTENDED<<1)) noMatch = 1; if ((status = r_regex_exec (re, string, nmatch, pm, 0))) noMatch = 1; if (noMatch) { memFree (temp); memFree (search); r_regex_free (re); return (char*)string; } found = memReserve (INPUTLINE_BUFFER_REPLACE_SIZE); ffound = memReserve (INPUTLINE_BUFFER_REPLACE_SIZE); while (!status) { offset = strlen (temp->address) - strlen (string); snprintf (found->address, INPUTLINE_BUFFER_REPLACE_SIZE, "%.*s", (int)(size_t)(pm[0].rm_eo - pm[0].rm_so), &string[pm[0].rm_so]);//,&string[pm[0].rm_so]); #if MDEBUG3 printf("------->> found \"%s\" length => %d offset[%d]\n", found->address, strlen(temp->address), offset); #endif sreplace (temp->address + offset,found->address, rep, 0, INPUTLINE_BUFFER_REPLACE_SIZE - offset); for(i = 1; i < nmatch; i++){ snprintf (ffound->address,INPUTLINE_BUFFER_REPLACE_SIZE, "%.*s", (int)(size_t)(pm[i].rm_eo - pm[i].rm_so), &string[pm[i].rm_so]);//,&string[pm[i].rm_so]); snprintf (field, sizeof(field), "\\%d", i); if(strlen (ffound->address)) { sreplace (temp->address, field, ffound->address, 1, INPUTLINE_BUFFER_REPLACE_SIZE); }else{ sreplace (temp->address, field, "", 1, INPUTLINE_BUFFER_REPLACE_SIZE); continue; } #if MDEBUG3 printf (">> subfound %2d '%s' => '%s' length %d\n", i, ffound->address, temp->address,offset); #endif } // it is unsigned! if(offset<0) offset=-offset; if (*string && strlen (string + pm[0].rm_eo)) { string += pm[0].rm_eo; status = r_regex_exec (re, string, nmatch, pm, 0); }else{ status=-1; } } #if MDEBUG2 DBG ("mreplace(string,se,re)", "result : %s",t emp->address); #endif res=strdup (temp->address); memFree (temp); memFree (search); memFree (found); memFree (ffound); r_regex_free (re); return res; #ifdef _MSC_VER #undef nmatch #endif }