예제 #1
0
파일: yara.go 프로젝트: rayyang2000/yara-1
func (r *Rules) ScanMemory(buffer []byte, fn Callback) error {
	data := (*C.uint8_t)(unsafe.Pointer(&buffer[0]))
	size := C.size_t(len(buffer))

	code := C.yr_rules_scan_mem(r.handle, data, size, 0, callback, *(*unsafe.Pointer)(unsafe.Pointer(&fn)), 0)

	if code != C.ERROR_SUCCESS {
		return Error(code)
	}

	return nil
}
예제 #2
0
// ScanMem scans an in-memory buffer using the ruleset.
func (r *Rules) ScanMem(buf []byte, flags ScanFlags, timeout time.Duration) (matches []MatchRule, err error) {
	var ptr *C.uint8_t
	if len(buf) > 0 {
		ptr = (*C.uint8_t)(unsafe.Pointer(&(buf[0])))
	}
	dummy = &matches
	err = newError(C.yr_rules_scan_mem(
		r.cptr,
		ptr,
		C.size_t(len(buf)),
		C.int(flags),
		C.YR_CALLBACK_FUNC(C.rules_callback),
		unsafe.Pointer(&matches),
		C.int(timeout/time.Second)))
	return
}