.

VirusTotal · Oct 2, 2017 · 2538742 · 2538742
1 parent e65477d
commit 2538742
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 1 deletion.
diff --git a/yara b/yara
diff --git a/yara-python.c b/yara-python.c
@@ -2083,6 +2083,30 @@ static PyObject* yara_load(
 }
 
 
+static PyObject* yara_process_memory_iterator(
+    PyObject* self,
+    PyObject* args,
+    PyObject* keywords)
+{
+  static char *kwlist[] = {
+    "pid", NULL};
+
+  unsigned int pid = UINT_MAX;
+
+  if (!PyArg_ParseTupleAndKeywords(
+        args,
+        keywords,
+        "|I",
+        kwlist,
+        &pid))
+  {
+    return PyErr_Format(
+        PyExc_TypeError,
+        "Error parsing arguments.");
+  }
+  return Py_BuildValue("I", pid);
+}
+
 void finalize(void)
 {
   yr_finalize();
@@ -2102,6 +2126,13 @@ static PyMethodDef yara_methods[] = {
     METH_VARARGS | METH_KEYWORDS,
     "Loads a previously saved YARA rules file and returns an instance of class Rules"
   },
+  {
+    "process_memory_iterator",
+    (PyCFunction) yara_process_memory_iterator,
+    METH_VARARGS | METH_KEYWORDS,
+    "Returns an iterator over blocks of memory of a process.\n"
+    "Signature: process_memory_iterator(pid=None)"
+  },
   { NULL, NULL }
 };
+5 −0		README.md
+17 −0		docs/capi.rst
+1 −1		docs/gettingstarted.rst
+2 −2		docs/modules/dotnet.rst
+5 −0		docs/writingrules.rst
+15 −14		libyara/Makefile.am
+5 −1		libyara/arena.c
+18 −17		libyara/atoms.c
+35 −28		libyara/exec.c
+1 −1		libyara/grammar.c
+1 −1		libyara/grammar.y
+1 −1		libyara/include/yara/arena.h
+3 −0		libyara/include/yara/dotnet.h
+11 −2		libyara/include/yara/proc.h
+7 −0		libyara/include/yara/rules.h
+19 −7		libyara/include/yara/types.h
+2 −0		libyara/libyara.c
+3 −0		libyara/modules.c
+10 −1		libyara/modules/dotnet.c
+1 −1		libyara/modules/pe.c
+63 −9		libyara/parser.c
+17 −17		libyara/proc.c
+27 −0		libyara/rules.c
+7 −4		libyara/scan.c
+2 −10		tests/test-alignment.c
+38 −1		tests/test-rules.c