bytematcher

package

v1.11.0 Latest Latest Go to latest Published: Dec 17, 2023 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/richardlehane/siegfried

Links

Open Source Insights

Documentation ¶

Overview ¶

Package bytematcher builds a matching engine from a set of signatures and performs concurrent matching against an input siegreader.Buffer.

Index ¶

func Add(c core.Matcher, ss core.SignatureSet, priorities priority.List) (core.Matcher, int, error)
func Load(ls *persist.LoadSaver) core.Matcher
func Save(c core.Matcher, ls *persist.LoadSaver)
type Matcher
type SignatureSet

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Add ¶

func Add(c core.Matcher, ss core.SignatureSet, priorities priority.List) (core.Matcher, int, error)

Add a set of signatures to a bytematcher. The priority list should be of equal length to the signatures, or nil (if no priorities are to be set).

Example:

m, n, err := Add(bm, []frames.Signature{frames.Signature{frames.NewFrame(frames.BOF, patterns.Sequence{'p','d','f'}, 0, 0)}}, nil)

func Load ¶

func Load(ls *persist.LoadSaver) core.Matcher

Load loads a Matcher.

func Save ¶

func Save(c core.Matcher, ls *persist.LoadSaver)

Save persists a Matcher.

Types ¶

type Matcher ¶

type Matcher struct {
	// contains filtered or unexported fields
}

Matcher matches byte signatures against the siegreader.Buffer.

func (*Matcher) DescribeKeyFrames ¶ added in v1.7.9

func (b *Matcher) DescribeKeyFrames(i int) []string

func (*Matcher) DescribeTestTree ¶ added in v1.7.9

func (b *Matcher) DescribeTestTree(i int) ([]int, []int, int, int, int, int)

func (*Matcher) Identify ¶

func (b *Matcher) Identify(name string, sb *siegreader.Buffer, hints ...core.Hint) (chan core.Result, error)

Identify matches a Matcher's signatures against the input siegreader.Buffer. Results are passed on the returned channel.

Example:

ret := bm.Identify("", buf)
for v := range ret {
  if v.Index() == 0 {
    fmt.Print("Success! It is signature 0!")
  }
}

func (*Matcher) InspectTestTree ¶

func (b *Matcher) InspectTestTree(i int) []int

InspectTestTree reports which signatures are linked to a given index in the test tree. This is used by the -log debug and -log slow options for sf.

func (*Matcher) KeyFramesLen ¶ added in v1.7.9

func (b *Matcher) KeyFramesLen() int

func (*Matcher) String ¶

func (b *Matcher) String() string

String returns information about the Bytematcher including the number of BOF, VAR and EOF sequences, the number of BOF and EOF frames, and the total number of tests.

func (*Matcher) TestTreeLen ¶ added in v1.7.9

func (b *Matcher) TestTreeLen() int

type SignatureSet ¶

type SignatureSet []frames.Signature

SignatureSet for a bytematcher is a slice of frames.Signature.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
frames Package frames describes the Frame interface.	Package frames describes the Frame interface.
tests Package tests exports shared frames and signatures for use by the other bytematcher packages	Package tests exports shared frames and signatures for use by the other bytematcher packages
patterns Package patterns describes the Pattern interface.	Package patterns describes the Pattern interface.
tests Package tests exports shared patterns for use by the other bytematcher packages	Package tests exports shared patterns for use by the other bytematcher packages

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL