feat: Allow multiple yara rules to be applied after each otherr
This commit is contained in:
WerWolv
parent
5cf6baca88
commit
db3072630a
@ -59,7 +59,13 @@ namespace hex::plugin::builtin {
|
||||
}
|
||||
ImGui::SameLine();
|
||||
if (ImGui::Button("hex.builtin.view.yara.reload"_lang)) this->reloadRules();
|
||||
|
||||
ImGui::NewLine();
|
||||
if (ImGui::Button("hex.builtin.view.yara.match"_lang)) this->applyRules();
|
||||
ImGui::SameLine();
|
||||
ImGui::BeginDisabled(this->m_matches.empty());
|
||||
if (ImGui::Button("hex.builtin.view.yara.reset"_lang)) this->clearResult();
|
||||
ImGui::EndDisabled();
|
||||
}
|
||||
ImGui::EndDisabled();
|
||||
|
||||
@ -171,8 +177,6 @@ namespace hex::plugin::builtin {
|
||||
}
|
||||
|
||||
void ViewYara::applyRules() {
|
||||
this->clearResult();
|
||||
|
||||
this->m_matcherTask = TaskManager::createTask("hex.builtin.view.yara.matching", 0, [this](auto &task) {
|
||||
if (!ImHexApi::Provider::isValid()) return;
|
||||
|
||||
@ -334,9 +338,25 @@ namespace hex::plugin::builtin {
|
||||
|
||||
|
||||
TaskManager::doLater([this, resultContext] {
|
||||
this->m_matches = resultContext.newMatches;
|
||||
for (const auto &match : this->m_matches) {
|
||||
ImHexApi::HexEditor::removeBackgroundHighlight(match.highlightId);
|
||||
ImHexApi::HexEditor::removeTooltip(match.tooltipId);
|
||||
}
|
||||
|
||||
this->m_consoleMessages = resultContext.consoleMessages;
|
||||
|
||||
std::move(resultContext.newMatches.begin(), resultContext.newMatches.end(), std::back_inserter(this->m_matches));
|
||||
|
||||
auto uniques = std::set(this->m_matches.begin(), this->m_matches.end(), [](const auto &l, const auto &r) {
|
||||
return l.address < r.address &&
|
||||
l.size < r.size &&
|
||||
l.wholeDataMatch < r.wholeDataMatch &&
|
||||
l.identifier < r.identifier &&
|
||||
l.variable < r.variable;
|
||||
});
|
||||
this->m_matches.clear();
|
||||
std::move(uniques.begin(), uniques.end(), std::back_inserter(this->m_matches));
|
||||
|
||||
constexpr static color_t YaraColor = 0x70B4771F;
|
||||
for (auto &match : this->m_matches) {
|
||||
match.highlightId = ImHexApi::HexEditor::addBackgroundHighlight({ match.address, match.size }, YaraColor);
|
||||
|
||||
@ -407,6 +407,7 @@ namespace hex::plugin::builtin {
|
||||
{ "hex.builtin.view.yara.header.rules", "Regeln" },
|
||||
{ "hex.builtin.view.yara.reload", "Neu laden" },
|
||||
{ "hex.builtin.view.yara.match", "Regeln anwenden" },
|
||||
{ "hex.builtin.view.yara.reset", "Zurücksetzen" },
|
||||
{ "hex.builtin.view.yara.matching", "Anwenden..." },
|
||||
{ "hex.builtin.view.yara.error", "Yara Kompilerfehler: " },
|
||||
{ "hex.builtin.view.yara.header.matches", "Funde" },
|
||||
|
||||
@ -410,6 +410,7 @@ namespace hex::plugin::builtin {
|
||||
{ "hex.builtin.view.yara.header.rules", "Rules" },
|
||||
{ "hex.builtin.view.yara.reload", "Reload" },
|
||||
{ "hex.builtin.view.yara.match", "Match Rules" },
|
||||
{ "hex.builtin.view.yara.reset", "Reset" },
|
||||
{ "hex.builtin.view.yara.matching", "Matching..." },
|
||||
{ "hex.builtin.view.yara.error", "Yara Compiler error: " },
|
||||
{ "hex.builtin.view.yara.header.matches", "Matches" },
|
||||
|
||||
@ -413,6 +413,7 @@ namespace hex::plugin::builtin {
|
||||
{ "hex.builtin.view.yara.header.rules", "Regola" },
|
||||
{ "hex.builtin.view.yara.reload", "Ricarica" },
|
||||
{ "hex.builtin.view.yara.match", "Abbina Regole" },
|
||||
//{ "hex.builtin.view.yara.reset", "Reset" },
|
||||
{ "hex.builtin.view.yara.matching", "Abbinamento..." },
|
||||
{ "hex.builtin.view.yara.error", "Errore compilazione Yara: " },
|
||||
{ "hex.builtin.view.yara.header.matches", "Abbinamenti" },
|
||||
|
||||
@ -412,6 +412,7 @@ namespace hex::plugin::builtin {
|
||||
{ "hex.builtin.view.yara.header.rules", "ルール" },
|
||||
{ "hex.builtin.view.yara.reload", "リロード" },
|
||||
{ "hex.builtin.view.yara.match", "検出" },
|
||||
//{ "hex.builtin.view.yara.reset", "Reset" },
|
||||
{ "hex.builtin.view.yara.matching", "マッチ中…" },
|
||||
{ "hex.builtin.view.yara.error", "Yaraコンパイルエラー: " },
|
||||
{ "hex.builtin.view.yara.header.matches", "マッチ結果" },
|
||||
|
||||
@ -409,6 +409,7 @@ namespace hex::plugin::builtin {
|
||||
{ "hex.builtin.view.yara.header.rules", "규칙" },
|
||||
{ "hex.builtin.view.yara.reload", "재검사" },
|
||||
{ "hex.builtin.view.yara.match", "일치하는 규칙" },
|
||||
//{ "hex.builtin.view.yara.reset", "Reset" },
|
||||
{ "hex.builtin.view.yara.matching", "검색 중..." },
|
||||
{ "hex.builtin.view.yara.error", "Yara 컴파일러 에러: " },
|
||||
{ "hex.builtin.view.yara.header.matches", "규칙" },
|
||||
|
||||
@ -409,6 +409,7 @@ namespace hex::plugin::builtin {
|
||||
{ "hex.builtin.view.yara.header.rules", "Regras" },
|
||||
{ "hex.builtin.view.yara.reload", "Recarregar" },
|
||||
{ "hex.builtin.view.yara.match", "Combinar Regras" },
|
||||
//{ "hex.builtin.view.yara.reset", "Reset" },
|
||||
{ "hex.builtin.view.yara.matching", "Combinando..." },
|
||||
{ "hex.builtin.view.yara.error", "Erro do compilador Yara: " },
|
||||
{ "hex.builtin.view.yara.header.matches", "Combinações" },
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user