static uint8_t* _yr_atoms_case_combinations(
uint8_t* atom,
int atom_length,
int atom_offset,
uint8_t* output_buffer)
{
uint8_t c;
uint8_t* new_atom;
if (atom_offset + 1 < atom_length)
output_buffer = _yr_atoms_case_combinations(
atom,
atom_length,
atom_offset + 1,
output_buffer);
c = atom[atom_offset];
if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'))
{
// Write atom length.
*((int*) output_buffer) = atom_length;
output_buffer += sizeof(int);
memcpy(output_buffer, atom, atom_length);
new_atom = output_buffer;
output_buffer += atom_length;
// Swap character case.
if (c >= 'a' && c <= 'z')
new_atom[atom_offset] -= 32;
else
new_atom[atom_offset] += 32;
if (atom_offset + 1 < atom_length)
output_buffer = _yr_atoms_case_combinations(
new_atom,
atom_length,
atom_offset + 1,
output_buffer);
}
if (atom_offset == 0)
*((int*) output_buffer) = 0;
return output_buffer;
}
static int _yr_atoms_case_insensitive(
YR_ATOM_LIST_ITEM* atoms,
YR_ATOM_LIST_ITEM** case_insensitive_atoms)
{
YR_ATOM_LIST_ITEM* atom;
YR_ATOM_LIST_ITEM* new_atom;
uint8_t buffer[CASE_COMBINATIONS_BUFFER_SIZE];
uint8_t atom_length;
uint8_t* atoms_cursor;
int i;
*case_insensitive_atoms = NULL;
atom = atoms;
while (atom != NULL)
{
_yr_atoms_case_combinations(
atom->atom.bytes,
atom->atom.length,
0,
buffer);
atoms_cursor = buffer;
atom_length = *atoms_cursor;
atoms_cursor++;
while (atom_length != 0)
{
new_atom = (YR_ATOM_LIST_ITEM*) yr_malloc(sizeof(YR_ATOM_LIST_ITEM));
if (new_atom == NULL)
return ERROR_INSUFFICIENT_MEMORY;
for (i = 0; i < atom_length; i++)
{
new_atom->atom.bytes[i] = atoms_cursor[i];
new_atom->atom.mask[i] = 0xFF;
}
new_atom->atom.length = atom_length;
new_atom->forward_code = atom->forward_code;
new_atom->backward_code = atom->backward_code;
new_atom->backtrack = atom->backtrack;
new_atom->next = *case_insensitive_atoms;
*case_insensitive_atoms = new_atom;
atoms_cursor += atom_length;
atom_length = *atoms_cursor;
atoms_cursor++;
}
atom = atom->next;
}
return ERROR_SUCCESS;
}