From 2fcb3079e5fcfd4e92dd1ca24fa3c04db92eab66 Mon Sep 17 00:00:00 2001 From: orbea Date: Mon, 26 Feb 2024 18:49:05 -0800 Subject: [PATCH 1/2] configure.ac: Add descriptions for AC_DEFINE --- configure.ac | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index bc23ee9fba..1ee0e9495b 100644 --- a/configure.ac +++ b/configure.ac @@ -145,7 +145,7 @@ AC_ARG_ENABLE([profiling], AC_ARG_WITH([debug-verbose], [AS_HELP_STRING([--with-debug-verbose=[[NUM]]], [Turn on runtime debugging information])], [if test $withval -gt 0; then - AC_DEFINE_UNQUOTED([YR_DEBUG_VERBOSITY], [$withval]) + AC_DEFINE_UNQUOTED([YR_DEBUG_VERBOSITY], [$withval], [Define for verbose debugging output]) else AC_MSG_ERROR([debug verbosity must be greater than 0]) fi]) @@ -379,8 +379,8 @@ AM_CONDITIONAL([USE_OPENBSD_PROC], [test x$proc_interface = xopenbsd ]) AM_CONDITIONAL([USE_MACH_PROC], [test x$proc_interface = xmach ]) AM_CONDITIONAL([USE_NO_PROC], [test x$proc_interface = xnone ]) AS_IF( - [test x$proc_interface != xnone],[AC_DEFINE([HAVE_SCAN_PROC_IMPL],[1])], - [test x$proc_interface = xnone],[AC_DEFINE([HAVE_SCAN_PROC_IMPL],[0])]) + [test x$proc_interface != xnone],[AC_DEFINE([HAVE_SCAN_PROC_IMPL],[1],[Define for proc-scan])], + [test x$proc_interface = xnone],[AC_DEFINE([HAVE_SCAN_PROC_IMPL],[0],[Define for proc-scan])]) # Configure TLSH function CFLAGS="$CFLAGS -DBUCKETS_128=1 -DCHECKSUM_1B=1" From e154a95d72bb000c2153eeae51ba21c22573c48e Mon Sep 17 00:00:00 2001 From: orbea Date: Mon, 26 Feb 2024 14:28:36 -0800 Subject: [PATCH 2/2] linux.c: don't use pread64 Starting with musl-1.2.4 all LFS64 APIs have been removed since musl is always 64-bit and yara now fails with implicit function declarations for pread64. --- libyara/proc/linux.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/libyara/proc/linux.c b/libyara/proc/linux.c index 72f2ab48bc..1963bf1710 100644 --- a/libyara/proc/linux.c +++ b/libyara/proc/linux.c @@ -46,6 +46,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include #include +#define _FILE_OFFSET_BITS 64 + typedef struct _YR_PROC_INFO { int pid; @@ -249,7 +251,7 @@ YR_API const uint8_t* yr_process_fetch_memory_block_data(YR_MEMORY_BLOCK* block) // target process VM. if (fd == -1) { - if (pread64( + if (pread( proc_info->mem_fd, (void*) context->buffer, block->size, @@ -265,7 +267,7 @@ YR_API const uint8_t* yr_process_fetch_memory_block_data(YR_MEMORY_BLOCK* block) { goto _exit; } - if (pread64( + if (pread( proc_info->pagemap_fd, pagemap, sizeof(uint64_t) * block->size / page_size, @@ -284,7 +286,7 @@ YR_API const uint8_t* yr_process_fetch_memory_block_data(YR_MEMORY_BLOCK* block) // swap-backed and if it differs from our mapping. uint8_t buffer[page_size]; - if (pread64( + if (pread( proc_info->mem_fd, buffer, page_size,