radare2/libr/search/regexp.c

/* radare - LGPL - Copyright 2008-2020 - pancake, TheLemonMan */

#include "r_search.h"
#include "search.h"
#include <r_regex.h>

R_IPI int search_regex_read(RSearch *s, ut64 from, ut64 to) {
	RSearchKeyword *kw;
	RListIter *iter;
	RRegexMatch match;
	RRegex rx = {0};
	const int old_nhits = s->nhits;
	int ret = 0;

	ut64 buflen = 0x1000;
	ut8 *buf = malloc (buflen);
	if (!buf) {
		return -1;
	}

	r_list_foreach (s->kws, iter, kw) {
		ut64 addr = from;
		int reflags = R_REGEX_EXTENDED;

		if (kw->icase) {
			reflags |= R_REGEX_ICASE;
		}

		if (r_regex_init (&rx, (char *)kw->bin_keyword, reflags)) {
			R_LOG_ERROR ("Cannot compile '%s' regexp", kw->bin_keyword);
			ret = -1;
			goto beach;
		}

		// TODO: allow user to configure according to the maximum expected
		// match length to prevent FN on matches that span boundaries.
		while (addr < to) { // get buffer
			if (s->consb.is_breaked ()) {
				goto beach;
			}

			int len = R_MIN (to - addr, buflen);
			if (!s->iob.read_at (s->iob.io, addr, buf, len)) {
				ret = -1; // failed to read
				goto beach;
			}

			match.rm_so = 0;
			match.rm_eo = len;
			int m = r_regex_exec (&rx, (char *)buf, 1, &match, R_REGEX_STARTEND);
			if (!m) { // match
				ut32 mtch_len = match.rm_eo - match.rm_so;
				if (match.rm_eo < match.rm_so || !mtch_len) {
					// <= zero length match (ie /a*/ matches everything)
					ret = -1;
					goto beach;
				}

				// match extends to end of this buffer, but maybe even further?, so try again at match start
				if (match.rm_eo == len && !match.rm_so && mtch_len < len) {
					addr += match.rm_so;
					continue;
				}
				int t = r_search_hit_sz (s, kw, addr + match.rm_so, mtch_len);
				if (!t) {
					ret = -1;
					goto beach;
				}
				if (t > 1) { // max matches reached
					goto beach;
				}
				// adjust where buffer starts next loop
				if (s->overlap) {
					addr += match.rm_so + 1;
				} else {
					addr += match.rm_eo;
				}
			} else if (m == R_REGEX_NOMATCH) {
				// if a match exists accross buffer boundary, this will still
				// find it, unless start of match is withen first 7/8th of buffer
				addr += buflen - (buflen / 8);
			} else { // regex error
				ret = -1;
				goto beach;
			}
		}
	}

beach:
	r_regex_fini (&rx);
	free (buf);
	if (!ret) {
		ret = s->nhits - old_nhits;
	}
	return ret;
}

R_IPI int search_regexp_update(RSearch *s, ut64 from, const ut8 *buf, int len) {
	RSearchKeyword *kw;
	RListIter *iter;
	RRegexMatch match;
	RRegex rx = {0};
	const int old_nhits = s->nhits;
	int ret = 0;

	r_list_foreach (s->kws, iter, kw) {
		int reflags = R_REGEX_EXTENDED;

		if (kw->icase) {
			reflags |= R_REGEX_ICASE;
		}

		if (r_regex_init (&rx, (char *)kw->bin_keyword, reflags)) {
			R_LOG_ERROR ("Cannot compile '%s' regexp", kw->bin_keyword);
			return -1;
		}

		match.rm_so = 0;
		match.rm_eo = len;

		while (!r_regex_exec (&rx, (char *)buf, 1, &match, R_REGEX_STARTEND)) {
			if (match.rm_eo <= match.rm_so) {
				// empty match
				match.rm_so++;
				match.rm_eo = len;
				continue;
			}
			int t = r_search_hit_new (s, kw, from + match.rm_so);
			if (!t) {
				ret = -1;
				goto beach;
			}
			if (t > 1) {
				goto beach;
			}
			/* Setup the boundaries for R_REGEX_STARTEND */
			match.rm_so = match.rm_eo;
			match.rm_eo = len;
		}
	}

beach:
	r_regex_fini (&rx);
	if (!ret) {
		ret = s->nhits - old_nhits;
	}
	return ret;
}
Massage RRegex to fix codingstyle and a null deref. ##regexp 2021-01-08 02:36:48 +00:00			`/* radare - LGPL - Copyright 2008-2020 - pancake, TheLemonMan */`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00
			`#include "r_search.h"`
Move /e to new search API ##search * Move global var to struct * Add r_cons_is_breaked * Use RConsBind 2021-12-22 23:36:51 +00:00			`#include "search.h"`
* Import the r_regex api in libr/util/regex from OpenBSD source - Added a r2-like API on top of it - Make RSearch and RMagic use this new api, so * Only load default magicpath files when no file is passed to RMagic * Initial work on r_listrange optimization in RAnal - #define USE_NEW_FCN_STORE - Still work-in-progress * Implemented a RPoolFactory singleton api to accelerate allocations of little objects in the future * Fix sys/mingw32.sh for osx * Added sys/maemo.sh 2011-09-14 00:07:06 +00:00			`#include <r_regex.h>`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00
Move /e to new search API ##search * Move global var to struct * Add r_cons_is_breaked * Use RConsBind 2021-12-22 23:36:51 +00:00			`R_IPI int search_regex_read(RSearch *s, ut64 from, ut64 to) {`
			`RSearchKeyword *kw;`
			`RListIter *iter;`
			`RRegexMatch match;`
			`RRegex rx = {0};`
			`const int old_nhits = s->nhits;`
			`int ret = 0;`

			`ut64 buflen = 0x1000;`
			`ut8 *buf = malloc (buflen);`
			`if (!buf) {`
			`return -1;`
			`}`

			`r_list_foreach (s->kws, iter, kw) {`
			`ut64 addr = from;`
			`int reflags = R_REGEX_EXTENDED;`

			`if (kw->icase) {`
			`reflags \|= R_REGEX_ICASE;`
			`}`

			`if (r_regex_init (&rx, (char *)kw->bin_keyword, reflags)) {`
Refactor a few eprintf 'Cannot …' to R_LOG_ERROR 2022-08-01 07:56:51 +00:00			`R_LOG_ERROR ("Cannot compile '%s' regexp", kw->bin_keyword);`
Move /e to new search API ##search * Move global var to struct * Add r_cons_is_breaked * Use RConsBind 2021-12-22 23:36:51 +00:00			`ret = -1;`
			`goto beach;`
			`}`

			`// TODO: allow user to configure according to the maximum expected`
			`// match length to prevent FN on matches that span boundaries.`
			`while (addr < to) { // get buffer`
			`if (s->consb.is_breaked ()) {`
			`goto beach;`
			`}`

			`int len = R_MIN (to - addr, buflen);`
			`if (!s->iob.read_at (s->iob.io, addr, buf, len)) {`
			`ret = -1; // failed to read`
			`goto beach;`
			`}`

			`match.rm_so = 0;`
			`match.rm_eo = len;`
			`int m = r_regex_exec (&rx, (char *)buf, 1, &match, R_REGEX_STARTEND);`
			`if (!m) { // match`
			`ut32 mtch_len = match.rm_eo - match.rm_so;`
			`if (match.rm_eo < match.rm_so \|\| !mtch_len) {`
			`// <= zero length match (ie /a*/ matches everything)`
			`ret = -1;`
			`goto beach;`
			`}`

			`// match extends to end of this buffer, but maybe even further?, so try again at match start`
			`if (match.rm_eo == len && !match.rm_so && mtch_len < len) {`
			`addr += match.rm_so;`
			`continue;`
			`}`
			`int t = r_search_hit_sz (s, kw, addr + match.rm_so, mtch_len);`
			`if (!t) {`
			`ret = -1;`
			`goto beach;`
			`}`
			`if (t > 1) { // max matches reached`
			`goto beach;`
			`}`
			`// adjust where buffer starts next loop`
			`if (s->overlap) {`
			`addr += match.rm_so + 1;`
			`} else {`
			`addr += match.rm_eo;`
			`}`
			`} else if (m == R_REGEX_NOMATCH) {`
			`// if a match exists accross buffer boundary, this will still`
			`// find it, unless start of match is withen first 7/8th of buffer`
			`addr += buflen - (buflen / 8);`
			`} else { // regex error`
			`ret = -1;`
			`goto beach;`
			`}`
			`}`
			`}`

			`beach:`
			`r_regex_fini (&rx);`
			`free (buf);`
			`if (!ret) {`
			`ret = s->nhits - old_nhits;`
			`}`
			`return ret;`
			`}`

Cleanup public API for ##search (#19477) * Remove unsed API * Remove r_search_update_i * Implementation of r_search_update_i was just returning r_search_update. * Remove unused r_search_xrefs_update * Remove r_search_magic_update from public API * Move update functions out of public API * Remove unused r_search_bmh API * Rename search update functions * Add R_IPI to internal functions 2021-12-12 10:46:46 +00:00			`R_IPI int search_regexp_update(RSearch s, ut64 from, const ut8 buf, int len) {`
fix the regexp engine 2014-06-04 21:35:53 +00:00			`RSearchKeyword *kw;`
* Merge old w32 build fix * Add 'c' in '?' help message * Import edu's RList-ification of RSearch patch * Deprecate r_search_kw_list() method * Fix build of r_socket_to_string() method on w32 2010-08-08 17:03:51 +00:00			`RListIter *iter;`
fix the regexp engine 2014-06-04 21:35:53 +00:00			`RRegexMatch match;`
Massage RRegex to fix codingstyle and a null deref. ##regexp 2021-01-08 02:36:48 +00:00			`RRegex rx = {0};`
Refactor search (#8566) * fix out-of-bounds read in r_search_strings_update * Remove static variables searchhits maplist maxhits first_hit in cmd_search.c * Change semantics of r_search_hit_new (update kw->count s->nhits in it), return 2 if search.maxhits is reached and stop searching immediately * honor search.maxhits in r_search_regexp_update * Refactor _cb_hit, remove bckwrds/do_bckwrd_srch and static cmdhit * Fix mem leak in regexp.c * Add support for /d (delta) /bd (backward + delta) when crossing blocksize boundaries 2017-09-20 15:00:18 +00:00			`const int old_nhits = s->nhits;`
			`int ret = 0;`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00
* Merge old w32 build fix * Add 'c' in '?' help message * Import edu's RList-ification of RSearch patch * Deprecate r_search_kw_list() method * Fix build of r_socket_to_string() method on w32 2010-08-08 17:03:51 +00:00			`r_list_foreach (s->kws, iter, kw) {`
* Import the r_regex api in libr/util/regex from OpenBSD source - Added a r2-like API on top of it - Make RSearch and RMagic use this new api, so * Only load default magicpath files when no file is passed to RMagic * Initial work on r_listrange optimization in RAnal - #define USE_NEW_FCN_STORE - Still work-in-progress * Implemented a RPoolFactory singleton api to accelerate allocations of little objects in the future * Fix sys/mingw32.sh for osx * Added sys/maemo.sh 2011-09-14 00:07:06 +00:00			`int reflags = R_REGEX_EXTENDED;`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00
Add braces to if, else, for, while ... (#11504) 2018-09-13 08:17:26 +00:00			`if (kw->icase) {`
* Import the r_regex api in libr/util/regex from OpenBSD source - Added a r2-like API on top of it - Make RSearch and RMagic use this new api, so * Only load default magicpath files when no file is passed to RMagic * Initial work on r_listrange optimization in RAnal - #define USE_NEW_FCN_STORE - Still work-in-progress * Implemented a RPoolFactory singleton api to accelerate allocations of little objects in the future * Fix sys/mingw32.sh for osx * Added sys/maemo.sh 2011-09-14 00:07:06 +00:00			`reflags \|= R_REGEX_ICASE;`
Add braces to if, else, for, while ... (#11504) 2018-09-13 08:17:26 +00:00			`}`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00
Massage RRegex to fix codingstyle and a null deref. ##regexp 2021-01-08 02:36:48 +00:00			`if (r_regex_init (&rx, (char *)kw->bin_keyword, reflags)) {`
Refactor a few eprintf 'Cannot …' to R_LOG_ERROR 2022-08-01 07:56:51 +00:00			`R_LOG_ERROR ("Cannot compile '%s' regexp", kw->bin_keyword);`
* Lot of random work on multiple fronts * Add 'var' in build liblist and 'vapi/t' for make clean * Add ^C handler for r_cons. support for callbacks * Add support for ./m ELF for example to interpret the output of commands * Fix a bug in the regexp algorithm that can get into infinite loop * Binmask can now contain non hexpair values * Add '/m' search regexp matches using the new R_SEARCH_REGEXP algorithm - Handle ^C in search loop..needs to use callback method * Properly cleanup the flag names * Added asm.bits and asm.os eval vars * Added some random tips for debug in README - Stupid snippets for import/export data between modules - Register support requires a rethink * Initial work on the integration of r_io_undo() api 2009-02-16 23:09:40 +00:00			`return -1;`
			`}`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00
fix the regexp engine 2014-06-04 21:35:53 +00:00			`match.rm_so = 0;`
			`match.rm_eo = len;`

Massage RRegex to fix codingstyle and a null deref. ##regexp 2021-01-08 02:36:48 +00:00			`while (!r_regex_exec (&rx, (char *)buf, 1, &match, R_REGEX_STARTEND)) {`
Fix bug in regex searching ##search 2021-12-19 15:56:09 +00:00			`if (match.rm_eo <= match.rm_so) {`
			`// empty match`
			`match.rm_so++;`
			`match.rm_eo = len;`
			`continue;`
			`}`
Refactor search (#8566) * fix out-of-bounds read in r_search_strings_update * Remove static variables searchhits maplist maxhits first_hit in cmd_search.c * Change semantics of r_search_hit_new (update kw->count s->nhits in it), return 2 if search.maxhits is reached and stop searching immediately * honor search.maxhits in r_search_regexp_update * Refactor _cb_hit, remove bckwrds/do_bckwrd_srch and static cmdhit * Fix mem leak in regexp.c * Add support for /d (delta) /bd (backward + delta) when crossing blocksize boundaries 2017-09-20 15:00:18 +00:00			`int t = r_search_hit_new (s, kw, from + match.rm_so);`
			`if (!t) {`
			`ret = -1;`
			`goto beach;`
			`}`
			`if (t > 1) {`
			`goto beach;`
			`}`
simple regexp loop 2014-06-04 22:32:01 +00:00			`/* Setup the boundaries for R_REGEX_STARTEND */`
			`match.rm_so = match.rm_eo;`
			`match.rm_eo = len;`
Refactor search (#8566) * fix out-of-bounds read in r_search_strings_update * Remove static variables searchhits maplist maxhits first_hit in cmd_search.c * Change semantics of r_search_hit_new (update kw->count s->nhits in it), return 2 if search.maxhits is reached and stop searching immediately * honor search.maxhits in r_search_regexp_update * Refactor _cb_hit, remove bckwrds/do_bckwrd_srch and static cmdhit * Fix mem leak in regexp.c * Add support for /d (delta) /bd (backward + delta) when crossing blocksize boundaries 2017-09-20 15:00:18 +00:00			`}`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00			`}`
fix the regexp engine 2014-06-04 21:35:53 +00:00
Refactor search (#8566) * fix out-of-bounds read in r_search_strings_update * Remove static variables searchhits maplist maxhits first_hit in cmd_search.c * Change semantics of r_search_hit_new (update kw->count s->nhits in it), return 2 if search.maxhits is reached and stop searching immediately * honor search.maxhits in r_search_regexp_update * Refactor _cb_hit, remove bckwrds/do_bckwrd_srch and static cmdhit * Fix mem leak in regexp.c * Add support for /d (delta) /bd (backward + delta) when crossing blocksize boundaries 2017-09-20 15:00:18 +00:00			`beach:`
Massage RRegex to fix codingstyle and a null deref. ##regexp 2021-01-08 02:36:48 +00:00			`r_regex_fini (&rx);`
Refactor search (#8566) * fix out-of-bounds read in r_search_strings_update * Remove static variables searchhits maplist maxhits first_hit in cmd_search.c * Change semantics of r_search_hit_new (update kw->count s->nhits in it), return 2 if search.maxhits is reached and stop searching immediately * honor search.maxhits in r_search_regexp_update * Refactor _cb_hit, remove bckwrds/do_bckwrd_srch and static cmdhit * Fix mem leak in regexp.c * Add support for /d (delta) /bd (backward + delta) when crossing blocksize boundaries 2017-09-20 15:00:18 +00:00			`if (!ret) {`
			`ret = s->nhits - old_nhits;`
			`}`
			`return ret;`
* Fix vapi/t build * Add regexp search method in r_search - Uses libc regcomp+regexec - Added regexp test example * Added libr.pc for pkg-config 2009-02-15 22:32:17 +00:00			`}`