madscientist
/
SNFMulti
Seguir 1
Destacar 0
Fork 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Actividad
Explorar el Código

Fixed bug in FilterChainBase64 where an extra character would be returned if the module ran out of data in SCANNING mode. Now if this occurs a flag is set and "No More Data" is thrown instead of returning the extra byte. 

Adjusted DEFUNKER preamble in code to indicate spaces in front and back since newlines would be converted to spaces by the outer shell of FilterChainDefunker.

Adjusted engine update number to .15 - now at Version 3.0.15


git-svn-id: https://svn.microneil.com/svn/SNFMulti/trunk@33 dc71a809-1921-45c4-985c-09c81d0142d9
wx
madscientist hace 14 años
padre
f3a6bb0900
commit
49cdc8380a
Se han modificado 3 ficheros con 24 adiciones y 18 borrados
Dividir vista Mostrar estadísticas de diff
  1. 17
    12
      FilterChain.cpp
  2. 2
    1
      FilterChain.hpp
  3. 5
    5
      SNFMulti.cpp

+ 17
- 12
FilterChain.cpp Ver fichero

@@ -40,14 +40,16 @@ unsigned char FilterChainBase64::GetByte() {

while(true) { // Search for our startup string or get out.

try { // Try this...
try { // Try this...
ValidBuffer = false; // No valid buffer yet.
x=FilterChain::GetByte(); // Get the next byte from source.
} // If we get the empty signal
// here, we've failed to match.
catch(Empty) { // If so - and we haven't
if(0==ScanIx) throw Empty("FilterChainBase64: No more data"); // started then just throw Empty.
x=Base64Start[ScanIx]-1; // If we did start then make
} // sure we won't match below.
if(0==ScanIx) throw Empty("FilterChainBase64: No more data"); // started then just throw Empty.
State=DEQUEING;DequeIx=0; // If we have then we'll dequeue
return GetByte(); // it and throw when that's done
} // because Buffer is not valid.

// It's important that no empty's get beyond this point unless
// we've got a match started. Otherwise we'll return corruption.
@@ -55,7 +57,7 @@ unsigned char FilterChainBase64::GetByte() {
if(x!=Base64Start[ScanIx]){ // If the byte doesnt match,
// and we've started matching
if(0!=ScanIx) { // the sequence then save the
Buffer=x; // byte for later, change to
Buffer=x; ValidBuffer=true; // byte for later, change to
State=DEQUEING;DequeIx=0; // DEQUING mode, and return
return GetByte(); // the first Dequeued byte.
}
@@ -165,9 +167,15 @@ unsigned char FilterChainBase64::GetByte() {

} else { // When we're done with that part,
State=SCANNING; // we set our mode back to scanning,
ScanIx=DequeIx=0; // reset our indexes to start again,
return Buffer; // and return the unmatching byte that
} // got us to DEQUEING mode.
ScanIx=DequeIx=0; // reset our indexes to start again,
// Here we either have a buffered byte to dequeue, or we ran out
// of data while attempting to match our startup sequence. If we
// have a vaild byte we return it. If not, we throw No More Data!
if(ValidBuffer) return Buffer;
else throw Empty("FilterChainBase64: No more data");
}

break;
}
@@ -444,7 +452,7 @@ unsigned char FilterChainQuotedPrintable::GetByte() {
// FilterChainDefunker
/////////////////////////////////////////////////////////////////////////////////////////
const char* DefunkerPreamble = "\n----[DEFUNKER]----\n";
const char* DefunkerPreamble = " ----[DEFUNKER]---- ";
// Patterns to match
@@ -476,9 +484,6 @@ unsigned char FilterChainDefunker::Store() { // While in Store mod
unsigned char x; // we need a byte.

try {
if(DefunkerSize-10 < InputPosition) {
cout << "watch this" << endl;
}
if(DefunkerSize <= InputPosition)
throw Empty("FilterChainDefunker: No more data"); // Careful about the buffer.
x = FilterChain::GetByte(); // Try getting the next byte

+ 2
- 1
FilterChain.hpp Ver fichero

@@ -352,7 +352,8 @@ class FilterChainBase64 : public FilterChain {

unsigned int ScanIx; // Scanning Index.
unsigned int DequeIx; // Dequeing Index.
unsigned char Buffer; // Define a buffer.
unsigned char Buffer; // Define a buffer.
bool ValidBuffer; // Set if Buffer has data.

bool ValidByte(unsigned char y); // True if y can be decoded.


+ 5
- 5
SNFMulti.cpp Ver fichero

@@ -23,7 +23,7 @@ using namespace std;

//// Version Info

const char* SNF_ENGINE_VERSION = "SNFMulti Engine Version 3.0.14 Build: " __DATE__ " " __TIME__;
const char* SNF_ENGINE_VERSION = "SNFMulti Engine Version 3.0.15 Build: " __DATE__ " " __TIME__;

//// Script Caller Methods

@@ -1491,12 +1491,12 @@ int snf_EngineHandler::scanMessage(
// data, as well as the ability to output the pre-filtered data for use in
// rule development and debugging.

DebugInfo = "scanMessage() IZ.GetByte() ==> FilteredData"; // If we panic we are here.
DebugInfo = "scanMessage() IZ.GetByte() ==> FilteredData"; // If we panic we are here.
unsigned char xb=0;
MyScanData.FilteredData.clear(); // Clear the FilteredData buffer.
try { // Watch for exceptions and scan
for(int a = 0; a < snf_ScanHorizon; a++) // the message through the filter
MyScanData.FilteredData.push_back(IZ.GetByte()); // chain into the FilteredData buffer.
MyScanData.FilteredData.push_back(xb=IZ.GetByte()); // chain into the FilteredData buffer.
} // When we run out of data we will
catch(FilterChain::Empty) {} // get the Empty exception and stop.

@@ -1504,7 +1504,7 @@ int snf_EngineHandler::scanMessage(
// If something goes wrong, an exception will be thrown.

DebugInfo = "scanMessage() EvaluateThis(FilteredData)"; // If we panic, here we are.
if(false == MyScanData.GBUdbTruncateExecuted) { // If we haven't already truncated:
for(int a = 0, b = MyScanData.FilteredData.size(); a < b; a++) // Scan through the filtered data one
CurrentMatrix->EvaluateThis(MyScanData.FilteredData[a]); // byte at a time.

Escribir Vista previa
Cargando…
Cancelar
Guardar