📄 amap-lib.c
字号:
// AMAP_MEMDUP //char *amap_memdup(unsigned char *string, int len) { char *ptr; if (string == NULL) return NULL; if ((ptr = malloc(len)) == NULL) amap_error("malloc failed"); memcpy(ptr, string, len); return ptr;}// AMAP_INDEX //char *amap_index(char *string, char c) { if (string == NULL) return NULL; return(index(string + 1, c));}// AMAP_DELETE_WHITESPACE //void amap_delete_whitespace(char *target) { register int l = 0; register int k = 0; if (target == NULL) return; while ((target[l] != '\0')) { if ((target[l] == ' ') || (target[l] == '\t')) { k = l--; while (target[k++] != '\0') target[k - 1] = target[k]; } l++; }}// AMAP_MAKE_LOWERCASE //void amap_make_lowercase(char *target, int len) { register int l = 0; for (l = 0; l < len; l++) if (target[l] != 0) target[l] = (char) tolower(target[l]);}// READ_FILE_TRIGGERS //amap_struct_triggers *read_file_triggers(char *extension, char *filename, amap_struct_options *opt) { amap_struct_triggers *triggers; amap_struct_triggers *trigger; FILE *f; char line[AMAP_BUFSIZE]; char orig_line[AMAP_BUFSIZE]; char *t_uid; char *ports; char *proto; char *harmful; char *string; char *ptr; char *only_trigger = NULL; int i; int a; int b; int count; int count_triggers = 0; f = amap_open_file(filename, "trigger", extension, opt->verbose); if (opt->verbose > 1) printf("\n"); if ((triggers = trigger = (amap_struct_triggers*) malloc(sizeof(amap_struct_triggers))) == NULL) amap_error("malloc failed"); memset(trigger, 0, sizeof(amap_struct_triggers)); if (strcmp(extension, AMAP_FILETYPE_TRIGGERS) == 0 && opt->only_send_trigger != NULL) { if ((only_trigger = malloc(strlen(opt->only_send_trigger) + 2)) == NULL) amap_error("malloc failed"); strcpy(only_trigger, opt->only_send_trigger); strcat(only_trigger, ":"); } while (fgets(line, AMAP_BUFSIZE, f) != NULL) { if (line[strlen(line) - 1] != '\n') amap_error("line in trigger file is too long or not terminating with \\n: %s", line); if ((line[0] != '#') && (index(line, ':') != NULL) && (only_trigger == NULL || strncmp(only_trigger, line, strlen(only_trigger)) == 0)) { // weed out comment lines count_triggers++; if (count_triggers > 1) { if ((/*(amap_struct_triggers*)*/ trigger->next = /*(amap_struct_triggers*)*/ malloc(sizeof(amap_struct_triggers))) == NULL) amap_error("malloc failed"); trigger = (amap_struct_triggers*) trigger->next; memset(trigger, 0, sizeof(amap_struct_triggers)); } line[strlen(line) - 1] = 0; if (line[strlen(line) - 1] == '\r') line[strlen(line) - 1] = 0; strcpy(orig_line, line); t_uid = line; ports = amap_index(t_uid, ':'); proto = amap_index(ports, ':'); harmful = amap_index(proto, ':'); string = amap_index(harmful, ':'); if (string == NULL) amap_error("too few fields in the following line of the trigger file: %s", orig_line); *string++ = 0; // we cut before the trigger string first amap_make_lowercase(line, strlen(line)); // then make everything before the string lowercase amap_delete_whitespace(line); // and remove whitespace ports = amap_index(t_uid, ':'); proto = amap_index(ports, ':'); harmful = amap_index(proto, ':'); *ports++ = 0; // and now cut the fields *proto++ = 0; *harmful++ = 0; trigger->id = amap_strdup(t_uid); if (strlen(t_uid) > AMAP_MAX_ID_LENGTH) amap_error("id of trigger is too long: %s", orig_line); if (strlen(t_uid) == 0) amap_error("id of trigger is not set: %s", orig_line); if (opt->one_is_enough && strlen(ports) > 0) { // without one_is_enough activated, this is senseless count = 0; for (i = 0; i < strlen(ports); i++) if (ports[i] == ',') count++;#ifdef AMAP_DEBUG#warning "implement common port usage"#endif for (i = 0; i < count; i++) {/* It is unsure yet what to do here ... lets think about it carefully. present is: amap_struct_portlist *ports; which is defined as: unsigned short int port; struct amap_struct_portlist *next;*/ } if (opt->verbose > 1) amap_warn("common ports definition in trigger file are currently ignored"); } switch (*proto) { case 0: case 'b': trigger->ip_prot = AMAP_PROTO_BOTH; break; case 't': trigger->ip_prot = AMAP_PROTO_TCP; break; case 'u': trigger->ip_prot = AMAP_PROTO_UDP; break; default: amap_error("protocol field in trigger file must be tcp, udp or empty: %s", orig_line); } if ((*harmful != '1' && *harmful != '0') || strlen(harmful) != 1) amap_error("harmful field in trigger file must be 0 or 1: %s", orig_line); trigger->harmful = atoi(harmful); if (strcmp(extension, AMAP_FILETYPE_RPC) == 0) { trigger->trigger = amap_strdup(string); trigger->trigger_length = 0; } else { while (*string != '"' && *string != 0 && *string != '0') string++; if (*string == 0 || strlen(string) < 3) amap_error("invalid trigger data in trigger file: %s", orig_line); if (*string == '"') { string++; if ((ptr = rindex(string, '"')) == NULL) amap_error("missing \" in trigger data: %s", orig_line); *ptr = 0; if ((ptr = malloc(strlen(string))) == NULL) amap_error("malloc failed"); a = 0; b = 0; for (a = 0; a < strlen(string); a++) { if (string[a] != '\\') ptr[b] = string[a]; else { a++; switch(string[a]) { case '\\': ptr[b] = '\\'; break; case 'n': ptr[b] = '\n'; break; case 'r': ptr[b] = '\r'; break; case 't': ptr[b] = '\t'; break; default: amap_error("wrong escape in trigger data : \"\\%c\" : %s", string[a], orig_line); } } b++; } ptr[b] = 0; trigger->trigger = amap_strdup(ptr); trigger->trigger_length = strlen(trigger->trigger); free(ptr); } else { if (strncmp(string, "0x", 2) != 0) amap_error("invalid trigger data in trigger file: %s", orig_line); string = string + 2; amap_delete_whitespace(string); if (strlen(string) < 2 || strlen(string) % 2 > 0) amap_error("invalid trigger data in trigger file, incomplete pair: %s", orig_line); amap_make_lowercase(string, strlen(string)); trigger->trigger_length = strlen(string) / 2; if ((trigger->trigger = malloc(trigger->trigger_length)) == NULL) amap_error("malloc failed"); for (i = 0; i < strlen(string) / 2; i++) { if (isxdigit(string[i*2])) a = string[i*2]; else amap_error("non-hex digit in hex-type trigger data: %c : %s", string[i*2], orig_line); if (isxdigit(string[(i*2) + 1])) b = string[(i*2) + 1]; else amap_error("non-hex digit in hex-type trigger data: %c : %s", string[(i*2) + 1], orig_line); isalpha(a) ? (a -= 87) : (a -= 48); isalpha(b) ? (b -= 87) : (b -= 48); trigger->trigger[i] = (a * 16) + b; } } } if (opt->verbose > 1) printf("DEBUG: Loaded trigger %s ...\n", trigger->id); } } if (count_triggers == 0) amap_error("no triggers loaded - either trigger file is empty, or -p proto nonexisting"); if (opt->verbose) printf("loaded %d triggers\n", count_triggers); if (only_trigger != NULL) free(only_trigger); return triggers;}// READ_FILE_RESPONSES //amap_struct_responses *read_file_responses(char *extension, char *filename, amap_struct_options *opt) { amap_struct_responses *responses; amap_struct_responses *response; amap_struct_triggerptr *triggerptr_tmp; FILE *f; char line[AMAP_BUFSIZE]; char orig_line[AMAP_BUFSIZE]; char *t_uid; char *triggerptr; char *proto; char *length; char *string; char *ptr; int errptr; int i; int count; const char *error; int count_responses = 0; f = amap_open_file(filename, "response", extension, opt->verbose); if (opt->verbose > 1) printf("\n"); if ((responses = response = (amap_struct_responses*) malloc(sizeof(amap_struct_responses))) == NULL) amap_error("malloc failed"); memset(response, 0, sizeof(amap_struct_responses)); while (fgets(line, AMAP_BUFSIZE, f) != NULL) { if (line[strlen(line) - 1] != '\n') amap_error("line in response file is too long or not terminating with \\n: %s", line); if ((line[0] != '#') && (index(line, ':') != NULL)) { // weed out comment lines count_responses++; if (count_responses > 1) { if ((/*(amap_struct_responses*)*/ response->next = /*(amap_struct_responses*)*/ malloc(sizeof(amap_struct_responses))) == NULL) amap_error("malloc failed"); response = (amap_struct_responses*) response->next; memset(response, 0, sizeof(amap_struct_responses)); } line[strlen(line) - 1] = 0; if (line[strlen(line) - 1] == '\r') line[strlen(line) - 1] = 0; strcpy(orig_line, line); t_uid = line; triggerptr = amap_index(t_uid, ':'); proto = amap_index(triggerptr, ':'); length = amap_index(proto, ':'); string = amap_index(length, ':'); if (string == NULL) amap_error("too few fields in the following line of the response file: %s", orig_line); *string++ = 0; // first cut the string at the regex string, then make everything before lowercase amap_make_lowercase(line, strlen(line)); amap_delete_whitespace(line); // and remove whitespace triggerptr = amap_index(t_uid, ':'); proto = amap_index(triggerptr, ':'); length = amap_index(proto, ':'); *triggerptr++ = 0; // and now cut the fields *proto++ = 0; *length++ = 0; response->id = amap_strdup(t_uid); if (strlen(response->id) > AMAP_MAX_ID_LENGTH) amap_error("id of response is too long: %s", orig_line); if (strlen(response->id) == 0) amap_error("id of response is not set: %s", orig_line); if (*triggerptr != 0) { count = 1; for (i = 0; i < strlen(triggerptr); i++) if (triggerptr[i] == ',') count++; if ((triggerptr_tmp = response->triggerptr = malloc(sizeof(amap_struct_triggerptr))) == NULL) amap_error("malloc failed"); triggerptr_tmp->next = NULL; for (i = 0; i < count; i++) { if (i + 1 < count) { ptr = index(triggerptr, ','); *ptr++ = 0; } triggerptr_tmp->trigger = strdup(triggerptr); if (i + 1 < count) { triggerptr = ptr; if ((/*(amap_struct_triggerptr*)*/ triggerptr_tmp->next = malloc(sizeof(amap_struct_triggerptr))) == NULL) amap_error("malloc failed"); triggerptr_tmp = (amap_struct_triggerptr*) triggerptr_tmp->next; triggerptr_tmp->next = NULL; } } } switch (*proto) { case 0: case 'b': response->ip_prot = AMAP_PROTO_BOTH; break; case 't': response->ip_prot = AMAP_PROTO_TCP; break; case 'u': response->ip_prot = AMAP_PROTO_UDP; break; default: amap_error("protocol field in response file must be tcp, udp or empty: %s", orig_line); } amap_delete_whitespace(length); if (*length == 0) { response->min_length = 0; response->max_length = AMAP_BUFSIZE + 1; } else { if ((ptr = index(length, ',')) == NULL) { response->min_length = atoi(length); response->max_length = response->min_length; } else { *ptr++ = 0; response->min_length = atoi(length); response->max_length = atoi(ptr); } if (response->min_length > response->max_length) amap_error("minimum length is greater than maximum length of response: %s", orig_line); } response->pattern = pcre_compile(string, AMAP_REGEX_OPTIONS, &error, &errptr, NULL); if (! response->pattern) amap_error("response regex string compilation failed with the error: %s -> %s", error, orig_line); response->hints = pcre_study(response->pattern, 0, &error); if (error != NULL) amap_error("response regex string compilation failed with the error: %s -> %s", error, orig_line);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -