1 #ifndef R2_SEARCH_H 2 #define R2_SEARCH_H 3 4 #include <r_types.h> 5 #include <r_util.h> 6 #include <r_list.h> 7 #include <r_io.h> 8 9 #ifdef __cplusplus 10 extern "C" { 11 #endif 12 13 R_LIB_VERSION_HEADER(r_search); 14 15 enum { 16 R_SEARCH_ESIL, 17 R_SEARCH_KEYWORD, 18 R_SEARCH_REGEXP, 19 R_SEARCH_PATTERN, 20 R_SEARCH_STRING, 21 R_SEARCH_XREFS, 22 R_SEARCH_AES, 23 R_SEARCH_PRIV_KEY, 24 R_SEARCH_DELTAKEY, 25 R_SEARCH_MAGIC, 26 R_SEARCH_LAST 27 }; 28 29 #define R_SEARCH_DISTANCE_MAX 10 30 31 #define R_SEARCH_KEYWORD_TYPE_BINARY 'i' 32 #define R_SEARCH_KEYWORD_TYPE_STRING 's' 33 34 typedef struct r_search_keyword_t { 35 ut8 *bin_keyword; 36 ut8 *bin_binmask; 37 ut32 keyword_length; 38 ut32 binmask_length; 39 void *data; 40 int count; 41 int kwidx; 42 int icase; // ignore case 43 int type; 44 ut64 last; // last hit hint 45 } RSearchKeyword; 46 47 typedef struct r_search_uds_t { 48 ut64 addr; 49 int stride; 50 int score; 51 } RSearchUds; 52 53 typedef struct r_search_hit_t { 54 RSearchKeyword *kw; 55 ut64 addr; 56 } RSearchHit; 57 58 typedef int (*RSearchCallback)(RSearchKeyword *kw, void *user, ut64 where); 59 60 typedef struct r_search_t { 61 int n_kws; // hit${n_kws}_${count} 62 int mode; 63 ut32 pattern_size; 64 ut32 string_min; // max length of strings for R_SEARCH_STRING 65 ut32 string_max; // min length of strings for R_SEARCH_STRING 66 void *data; // data used by search algorithm 67 void *user; // user data passed to callback 68 RSearchCallback callback; 69 ut64 nhits; 70 ut64 maxhits; // search.maxhits 71 RList *hits; 72 int distance; 73 int inverse; 74 bool overlap; // whether two matches can overlap 75 int contiguous; 76 int align; 77 int (*update)(struct r_search_t *s, ut64 from, const ut8 *buf, int len); 78 RList *kws; // TODO: Use r_search_kw_new () 79 RIOBind iob; 80 char bckwrds; 81 } RSearch; 82 83 #ifdef R_API 84 85 #define R_SEARCH_AES_BOX_SIZE 31 86 87 R_API RSearch *r_search_new(int mode); 88 R_API int r_search_set_mode(RSearch *s, int mode); 89 R_API RSearch *r_search_free(RSearch *s); 90 91 /* keyword management */ 92 R_API RList *r_search_find(RSearch *s, ut64 addr, const ut8 *buf, int len); 93 R_API RList *r_search_find_uds(RSearch *search, ut64 addr, const ut8 *data, size_t size, bool verbose); 94 R_API int r_search_update(RSearch *s, ut64 from, const ut8 *buf, long len); 95 R_API int r_search_update_i(RSearch *s, ut64 from, const ut8 *buf, long len); 96 97 R_API void r_search_keyword_free (RSearchKeyword *kw); 98 R_API RSearchKeyword* r_search_keyword_new(const ut8 *kw, int kwlen, const ut8 *bm, int bmlen, const char *data); 99 R_API RSearchKeyword* r_search_keyword_new_str(const char *kw, const char *bm, const char *data, int icase); 100 R_API RSearchKeyword* r_search_keyword_new_wide(const char *kw, const char *bm, const char *data, int icase); 101 R_API RSearchKeyword* r_search_keyword_new_hex(const char *kwstr, const char *bmstr, const char *data); 102 R_API RSearchKeyword* r_search_keyword_new_hexmask(const char *kwstr, const char *data); 103 R_API RSearchKeyword *r_search_keyword_new_regexp (const char *str, const char *data); 104 105 R_API int r_search_kw_add(RSearch *s, RSearchKeyword *kw); 106 R_API void r_search_reset(RSearch *s, int mode); 107 R_API void r_search_kw_reset(RSearch *s); 108 R_API void r_search_string_prepare_backward(RSearch *s); 109 R_API void r_search_kw_reset(RSearch *s); 110 111 R_API int r_search_range_add(RSearch *s, ut64 from, ut64 to); 112 R_API int r_search_range_set(RSearch *s, ut64 from, ut64 to); 113 R_API int r_search_range_reset(RSearch *s); 114 R_API int r_search_set_blocksize(RSearch *s, ut32 bsize); 115 116 R_API int r_search_bmh(const RSearchKeyword *kw, const ut64 from, const ut8 *buf, const int len, ut64 *out); 117 118 // TODO: is this an internal API? 119 R_API int r_search_mybinparse_update(RSearch *s, ut64 from, const ut8 *buf, int len); 120 R_API int r_search_aes_update(RSearch *s, ut64 from, const ut8 *buf, int len); 121 R_API int r_search_privkey_update(RSearch *s, ut64 from, const ut8 *buf, int len); 122 R_API int r_search_magic_update(RSearch *_s, ut64 from, const ut8 *buf, int len); 123 R_API int r_search_deltakey_update(RSearch *s, ut64 from, const ut8 *buf, int len); 124 R_API int r_search_strings_update(RSearch *s, ut64 from, const ut8 *buf, int len); 125 R_API int r_search_regexp_update(RSearch *s, ut64 from, const ut8 *buf, int len); 126 R_API int r_search_xrefs_update(RSearch *s, ut64 from, const ut8 *buf, int len); 127 // Returns 2 if search.maxhits is reached, 0 on error, otherwise 1 128 R_API int r_search_hit_new(RSearch *s, RSearchKeyword *kw, ut64 addr); 129 R_API void r_search_set_distance(RSearch *s, int dist); 130 R_API int r_search_strings(RSearch *s, ut32 min, ut32 max); 131 R_API int r_search_set_string_limits(RSearch *s, ut32 min, ut32 max); // WTF dupped? 132 //R_API int r_search_set_callback(RSearch *s, int (*callback)(struct r_search_kw_t *, void *, ut64), void *user); 133 R_API void r_search_set_callback(RSearch *s, RSearchCallback(callback), void *user); 134 R_API int r_search_begin(RSearch *s); 135 136 /* pattern search */ 137 R_API void r_search_pattern_size(RSearch *s, int size); 138 R_API int r_search_pattern(RSearch *s, ut64 from, ut64 to); 139 140 #ifdef __cplusplus 141 } 142 #endif 143 144 #endif 145 #endif 146