Simplify code for handling module data

7360bf2e · plusvic · aae3a570 · 7360bf2e
Commit 7360bf2e authored Feb 23, 2016 by plusvic
Show whitespace changes
Inline Side-by-side

Showing with 96 additions and 143 deletions

yara-python.c yara-python.c +96 -143

No files found.
--- a/yara-python.c
+++ b/yara-python.c
@@ -394,216 +394,166 @@ typedef struct _CALLBACK_DATA
 // Forward declarations for handling module data.
-PyObject* handle_module_data(YR_OBJECT_STRUCTURE* module_structure);
+PyObject* convert_structure_to_python(
-PyObject* handle_module_list(YR_OBJECT_ARRAY* array_object);
+    YR_OBJECT_STRUCTURE* structure);
-PyObject* handle_module_dictionary(YR_OBJECT_DICTIONARY* dictionary_object);
-PyObject* handle_module_data(YR_OBJECT_STRUCTURE* module_structure)
-{
-  PyObject* dict;
-  PyObject* object;
-  SIZED_STRING* sz;
-  YR_OBJECT* module_object;
-  YR_STRUCTURE_MEMBER* module_member;
-  dict = PyDict_New();
+PyObject* convert_array_to_python(
+    YR_OBJECT_ARRAY* array);
-  if (dict == NULL)
-    return dict;
-  module_member = module_structure->members;
+PyObject* convert_dictionary_to_python(
-  while (module_member)
+    YR_OBJECT_DICTIONARY* dictionary);
-  {
-    object = NULL;
-    module_object = (YR_OBJECT*) module_member->object;
-    switch(module_object->type)
+PyObject* convert_object_to_python(
+    YR_OBJECT* object)
+{
+  SIZED_STRING* sized_string;
+  PyObject* result = NULL;
+  if (object == NULL)
+    return NULL;
+  switch(object->type)
  {
    case OBJECT_TYPE_INTEGER:
-        if (((YR_OBJECT_INTEGER*) module_object)->value == UNDEFINED)
+      if (((YR_OBJECT_INTEGER*) object)->value != UNDEFINED)
+        result = Py_BuildValue(
+            "i", ((YR_OBJECT_INTEGER*) object)->value);
      break;
-        object = Py_BuildValue("i",
-                               ((YR_OBJECT_INTEGER*) module_object)->value);
-        break;
    case OBJECT_TYPE_STRING:
-        sz = ((YR_OBJECT_STRING*) module_object)->value;
+      sized_string = ((YR_OBJECT_STRING*) object)->value;
-        if (sz == NULL)
+      if (sized_string != NULL)
+        result = PyBytes_FromStringAndSize(
+            sized_string->c_string, sized_string->length);
      break;
-        object = PyBytes_FromStringAndSize(sz->c_string, sz->length);
-        break;
    case OBJECT_TYPE_STRUCTURE:
-        object = handle_module_data((YR_OBJECT_STRUCTURE*) module_object);
+      result = convert_structure_to_python((YR_OBJECT_STRUCTURE*) object);
      break;
    case OBJECT_TYPE_ARRAY:
-        if (((YR_OBJECT_ARRAY*) module_object)->items == NULL)
+      result = convert_array_to_python((YR_OBJECT_ARRAY*) object);
      break;
-        object = handle_module_list((YR_OBJECT_ARRAY*) module_object);
-        break;
    case OBJECT_TYPE_FUNCTION:
      // Do nothing with functions...
      break;
    case OBJECT_TYPE_REGEXP:
      // Fairly certain you can't have these. :)
      break;
    case OBJECT_TYPE_DICTIONARY:
-        object = handle_module_dictionary((YR_OBJECT_DICTIONARY*) module_object);
+      result = convert_dictionary_to_python((YR_OBJECT_DICTIONARY*) object);
      break;
    case OBJECT_TYPE_FLOAT:
-        if (((YR_OBJECT_DOUBLE*) module_object)->value == UNDEFINED)
+      if (!isnan(((YR_OBJECT_DOUBLE*) object)->value))
+        result = Py_BuildValue("d", ((YR_OBJECT_DOUBLE*) object)->value);
      break;
-        object = Py_BuildValue("d", ((YR_OBJECT_DOUBLE*) module_object)->value);
-        break;
    default:
      break;
  }
-    if (object != NULL)
+  return result;
+}
+PyObject* convert_structure_to_python(
+    YR_OBJECT_STRUCTURE* structure)
+{
+  YR_STRUCTURE_MEMBER* member;
+  PyObject* py_object;
+  PyObject* py_dict = PyDict_New();
+  if (py_dict == NULL)
+    return py_dict;
+  member = structure->members;
+  while (member != NULL)
  {
-      PyDict_SetItemString(dict, module_object->identifier, object);
+    py_object = convert_object_to_python(member->object);
-      Py_DECREF(object);
+    if (py_object != NULL)
+    {
+      PyDict_SetItemString(py_dict, member->object->identifier, py_object);
+      Py_DECREF(py_object);
    }
-    module_member = module_member->next;
+    member =member->next;
  }
-  return dict;
+  return py_dict;
 }
-PyObject* handle_module_list(YR_OBJECT_ARRAY* array_object)
+PyObject* convert_array_to_python(
+    YR_OBJECT_ARRAY* array)
 {
  int i;
-  YR_OBJECT* item;
-  SIZED_STRING* sz;
-  PyObject* object;
-  PyObject* list = PyList_New(0);
-  if (list == NULL)
+  PyObject* py_object;
-    return list;
+  PyObject* py_list = PyList_New(0);
-  // If there is nothing in the list, return an empty Python list
+  if (py_list == NULL)
-  if (array_object->items == NULL)
+    return py_list;
-    return list;
-  for (i = 0; i < array_object->items->count; i++)
-  {
-    object = NULL;
-    item = array_object->items->objects[i];
-    if (item == NULL)
+  // If there is nothing in the list, return an empty Python list
-      continue;
+  if (array->items == NULL)
+    return py_list;
-    switch(array_object->prototype_item->type)
+  for (i = 0; i < array->items->count; i++)
  {
-      case OBJECT_TYPE_INTEGER:
+    py_object = convert_object_to_python(array->items->objects[i]);
-        if (((YR_OBJECT_INTEGER*) item)->value == UNDEFINED)
-          break;
-        object = Py_BuildValue("i", ((YR_OBJECT_INTEGER*) item)->value);
-        break;
-      case OBJECT_TYPE_STRING:
-        if (((YR_OBJECT_STRING*) item)->value == NULL)
-          break;
-        sz = ((YR_OBJECT_STRING*) item)->value;
+    if (py_object != NULL)
-        object = PyBytes_FromStringAndSize(sz->c_string, sz->length);
-        break;
-      case OBJECT_TYPE_STRUCTURE:
-        object = handle_module_data((YR_OBJECT_STRUCTURE*) item);
-        break;
-      case OBJECT_TYPE_FLOAT:
-        if (((YR_OBJECT_DOUBLE*) item)->value == UNDEFINED)
-          break;
-        object = Py_BuildValue("d", ((YR_OBJECT_DOUBLE*) item)->value);
-        break;
-      default:
-        break;
-    }
-    // object can be NULL because handle_module_data() can return NULL.
-    if (object != NULL)
    {
-      PyList_Append(list, object);
+      PyList_Append(py_list, py_object);
-      Py_DECREF(object);
+      Py_DECREF(py_object);
    }
  }
-  return list;
+  return py_list;
 }
-PyObject* handle_module_dictionary(YR_OBJECT_DICTIONARY* dictionary_object)
+PyObject* convert_dictionary_to_python(
+    YR_OBJECT_DICTIONARY* dictionary)
 {
  int i;
-  YR_OBJECT* item;
-  SIZED_STRING* sz;
-  PyObject* object;
-  PyObject* dict = PyDict_New();
-  if (dict == NULL)
+  PyObject* py_object;
-    return dict;
+  PyObject* py_dict = PyDict_New();
+  if (py_dict == NULL)
+    return py_dict;
  // If there is nothing in the YARA dictionary, return an empty Python dict
-  if (dictionary_object->items == NULL)
+  if (dictionary->items == NULL)
-    return dict;
+    return py_dict;
-  for (i = 0; i < dictionary_object->items->used; i++)
+  for (i = 0; i < dictionary->items->used; i++)
  {
-    object = NULL;
+    py_object = convert_object_to_python(dictionary->items->objects[i].obj);
-    if (dictionary_object->items->objects + i == NULL)
-      continue;
-    item = dictionary_object->items->objects[i].obj;
+    if (py_object != NULL)
-    if (item == NULL)
-      continue;
-    switch(dictionary_object->prototype_item->type)
    {
-      case OBJECT_TYPE_INTEGER:
+      PyDict_SetItemString(
-        if (((YR_OBJECT_INTEGER*) item)->value == UNDEFINED)
+          py_dict,
-          break;
+          dictionary->items->objects[i].key,
+          py_object);
-        object = Py_BuildValue("i", ((YR_OBJECT_INTEGER*) item)->value);
-        break;
-      case OBJECT_TYPE_STRING:
-        if (((YR_OBJECT_STRING*) item)->value == NULL)
-          break;
-        sz = ((YR_OBJECT_STRING*) item)->value;
-        object = PyBytes_FromStringAndSize(sz->c_string, sz->length);
-        break;
-      case OBJECT_TYPE_STRUCTURE:
-        object = handle_module_data((YR_OBJECT_STRUCTURE*) item);
-        break;
-      case OBJECT_TYPE_FLOAT:
-        if (((YR_OBJECT_DOUBLE*) item)->value == UNDEFINED)
-          break;
-        object = Py_BuildValue("d", ((YR_OBJECT_DOUBLE*) item)->value);
-        break;
-      default:
-        break;
-    }
-    // object can be NULL if the value is UNDEFINED
+      Py_DECREF(py_object);
-    if (object != NULL)
-    {
-      PyDict_SetItemString(dict,
-                           dictionary_object->items->objects[i].key,
-                           object);
-      Py_DECREF(object);
    }
  }
-  return dict;
+  return py_dict;
 }
@@ -689,7 +639,9 @@ int yara_callback(
  if (message == CALLBACK_MSG_MODULE_IMPORTED)
  {
    gil_state = PyGILState_Ensure();
-    module_info_dict = handle_module_data((YR_OBJECT_STRUCTURE*) message_data);
+    module_info_dict = convert_structure_to_python(
+        (YR_OBJECT_STRUCTURE*) message_data);
    if (module_info_dict == NULL)
      return CALLBACK_CONTINUE;
@@ -699,6 +651,7 @@ int yara_callback(
    Py_DECREF(object);
    Py_INCREF(modules_callback);
    callback_result = PyObject_CallFunctionObjArgs(
        modules_callback,
        module_info_dict,