Changeset 1553
- Timestamp:
- 02/14/08 22:52:21 (7 months ago)
- Files:
-
- nebula/trunk/gst/Makefile.am (modified) (1 diff)
- nebula/trunk/gst/cstr.c (modified) (3 diffs)
- nebula/trunk/gst/cstr.h (modified) (1 diff)
- nebula/trunk/gst/gst.c (modified) (8 diffs)
- nebula/trunk/gst/gst.h (modified) (1 diff)
- nebula/trunk/gst/sig.c (added)
- nebula/trunk/gst/sig.h (added)
- nebula/trunk/gst/stree.c (modified) (1 diff)
- nebula/trunk/gst/stree.h (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
nebula/trunk/gst/Makefile.am
r1546 r1553 10 10 avl.c avl.h \ 11 11 lca.c \ 12 sig.c sig.h \ 12 13 gst.c gst.h nebula/trunk/gst/cstr.c
r1546 r1553 27 27 28 28 29 int substr_add(substr_list *list, stnode *n, ssize_t le ngth) {29 int substr_add(substr_list *list, stnode *n, ssize_t left, ssize_t right, ssize_t length) { 30 30 ssize_t i, low, high; 31 31 … … 53 53 list->elem[i].len = length; 54 54 list->elem[i].n = n; 55 list->elem[i].l = left; 56 list->elem[i].r = right; 55 57 56 58 list->len++; … … 60 62 61 63 int substr_len_cmp(const void *a, const void *b) { 62 if (((substr *)a)->len <((substr *)b)->len) return(-1);63 if (((substr *)a)->len >((substr *)b)->len) return(1);64 if (((substr *)a)->len > ((substr *)b)->len) return(-1); 65 if (((substr *)a)->len < ((substr *)b)->len) return(1); 64 66 return(0); 65 67 } nebula/trunk/gst/cstr.h
r1546 r1553 27 27 28 28 29 int substr_add(substr_list *list, stnode *n, ssize_t le ngth);29 int substr_add(substr_list *list, stnode *n, ssize_t left, ssize_t right, ssize_t length); 30 30 int substr_len_cmp(const void *a, const void *b); 31 31 void substr_list_free(substr_list list); nebula/trunk/gst/gst.c
r1547 r1553 34 34 #include "cstr.h" 35 35 #include "gst.h" 36 #include "sig.h" 36 37 #include "signals.h" 37 38 #include "stree.h" … … 47 48 "\t\t -l\t\t print list of occurences of common substrings\n" 48 49 "\t\t -m <length>\t minimal substring length\n" 50 "\t\t -S\t\t generate snort signature\n" 49 51 "\t\t -v\t\t be verbose (can be used multiple times)\n" 50 52 "\t\t\t\t [files ...]\n", … … 56 58 int main(int argc, char *argv[]) { 57 59 int i, acnt; 60 enum sig_type sigtype; 58 61 lchar *content; 59 62 DIR *dirp; … … 68 71 lchar *strlist; 69 72 ssize_t min_sstr_len; 73 double min_sstr_ent; 70 74 71 75 lca = NULL; … … 86 90 87 91 min_sstr_len = 0; 92 min_sstr_ent = 0; 88 93 num_of_files = 0; 89 94 acnt = 0; 90 95 i = 0; 91 96 97 sigtype = SIG_RAW; 98 92 99 93 100 // process args 94 while((option = getopt(argc, argv, "cd: ghlm:v?")) > 0) {101 while((option = getopt(argc, argv, "cd:e:ghlm:Sv?")) > 0) { 95 102 switch(option) { 96 103 case 'c': … … 108 115 } 109 116 break; 117 case 'e': 118 if ((min_sstr_ent = atof(optarg)) < 0) { 119 fprintf(stderr, "Error - The minimum entropy must not be negative.\n"); 120 exit(EXIT_FAILURE); 121 } 122 break; 110 123 case 'g': 111 124 print_gst = 1; … … 116 129 case 'm': 117 130 min_sstr_len = strtoul(optarg, NULL, 0); 131 break; 132 case 'S': 133 sigtype = SIG_SNORT; 118 134 break; 119 135 case 'v': … … 266 282 267 283 if (verbose) printf("Extracting common substrings with length >= %u.\n", (unsigned int) min_sstr_len); 268 if (cstr_list.len && print_sslist) for (i=cstr_list.len; i && cstr_list.elem[i-1].len >= min_sstr_len; i--) 269 list_substrings(gst, cstr_list.elem[i-1].n, cstr_list.elem[i-1].len); 284 if (cstr_list.len && print_sslist) for (i = 0; i < cstr_list.len && cstr_list.elem[i].len >= min_sstr_len; i++) 285 list_substrings(gst, cstr_list.elem[i].n, cstr_list.elem[i].len); 286 287 build_sig(gst, cstr_list, leaves, num_leaves, min_sstr_len, min_sstr_ent, sigtype); 270 288 271 289 nebula/trunk/gst/gst.h
r1546 r1553 36 36 u_int32_t *string_offset; 37 37 38 enum sig_type { 39 SIG_RAW, 40 SIG_SNORT 41 } sigtype; 42 38 43 #endif nebula/trunk/gst/stree.c
r1547 r1553 656 656 if (!lca->flag) { 657 657 num_cstr++; 658 substr_add(cstr_list, lca, get_node_label_end(t, lca)-lca->path_position+1);658 substr_add(cstr_list, lca, left, i, get_node_label_end(t, lca)-lca->path_position+1); 659 659 } 660 660 nebula/trunk/gst/stree.h
r1546 r1553 42 42 u_int32_t edge_label_start; /* Start index of the incoming edge */ 43 43 u_int32_t edge_label_end; /* End index of the incoming edge */ 44 u_int32_t string_id; 45 u_int32_t id; 44 u_int32_t string_id; // unique string terminator 45 u_int32_t id; // id for lca computation 46 46 u_char flag; 47 47 } stnode; … … 61 61 ssize_t len; 62 62 stnode *n; 63 ssize_t l; // left child node interval boundary 64 ssize_t r; // right child node interval boundary 63 65 } substr; 64 66
