31e5ec7bc3
* build: Added YARA as submodule * ui: Added basic yara rules matching interface * build: Make libyara link libpthread on Unix * ui: Add jump-to feature to yara matches list * yara: Add more modules and patch yara to support mbedtls crypto * yara: Started to fix scanning of bigger data * yara: Fixed implementation * ui: Improved yara matcher interface and added localization * build: Ignore changed files in yara submodule * yara: Fixed rules matching agianst entire file * yara: Properly handle compiler errors
36 lines
695 B
C++
36 lines
695 B
C++
#pragma once
|
|
|
|
#include <hex.hpp>
|
|
|
|
#include <imgui.h>
|
|
#include <hex/views/view.hpp>
|
|
|
|
namespace hex {
|
|
|
|
class ViewYara : public View {
|
|
public:
|
|
ViewYara();
|
|
~ViewYara() override;
|
|
|
|
void drawContent() override;
|
|
void drawMenu() override;
|
|
|
|
private:
|
|
struct YaraMatch {
|
|
std::string identifier;
|
|
s64 address;
|
|
s32 size;
|
|
bool wholeDataMatch;
|
|
};
|
|
|
|
std::vector<std::string> m_rules;
|
|
std::vector<YaraMatch> m_matches;
|
|
u32 m_selectedRule = 0;
|
|
bool m_matching = false;
|
|
std::vector<char> m_errorMessage;
|
|
|
|
void reloadRules();
|
|
void applyRules();
|
|
};
|
|
|
|
} |