Date: Wed, 31 Jul 2013 09:24:32 +0000 (UTC) From: Antoine Brodin <antoine@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r324025 - in head/security/py-yara-editor: . files Message-ID: <201307310924.r6V9OWvb093560@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: antoine Date: Wed Jul 31 09:24:32 2013 New Revision: 324025 URL: http://svnweb.freebsd.org/changeset/ports/324025 Log: yara-editor: - bring in upstream fixes, including the fix for crash on 1st launch - mark that it is not ready for python 3 yet - no need to patch the shellbang, distutils do this already Added: head/security/py-yara-editor/files/ head/security/py-yara-editor/files/patch-bin__yara-editor (contents, props changed) head/security/py-yara-editor/files/patch-yaraeditor__core__controlleur.py (contents, props changed) head/security/py-yara-editor/files/patch-yaraeditor__ui__rules_generator.py (contents, props changed) head/security/py-yara-editor/files/patch-yaraeditor__ui__yaraeditor.py (contents, props changed) Modified: head/security/py-yara-editor/Makefile Modified: head/security/py-yara-editor/Makefile ============================================================================== --- head/security/py-yara-editor/Makefile Wed Jul 31 09:24:23 2013 (r324024) +++ head/security/py-yara-editor/Makefile Wed Jul 31 09:24:32 2013 (r324025) @@ -3,6 +3,7 @@ PORTNAME= yara-editor PORTVERSION= 0.1.5 +PORTREVISION= 1 CATEGORIES= security python MASTER_SITES= GOOGLE_CODE PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -16,7 +17,7 @@ RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}qt4- ${PYTHON_PKGNAMEPREFIX}qt4-gui>=0:${PORTSDIR}/x11-toolkits/py-qt4-gui \ ${PYTHON_PKGNAMEPREFIX}yara>=0:${PORTSDIR}/security/py-yara -USE_PYTHON= yes +USE_PYTHON= -2.7 USE_PYDISTUTILS=yes OPTIONS_DEFINE= DOCS @@ -28,8 +29,6 @@ MANLANG= "" fr MAN8= yara-editor.8 post-patch: - ${REINPLACE_CMD} -e 's|/usr/bin/env python|${PYTHON_CMD}|' \ - ${WRKSRC}/bin/yara-editor ${REINPLACE_CMD} -e '/config_dir/d' \ -e '/en\/man8/d' \ -e "/'man8'/s/fr/en/" ${WRKSRC}/setup.py Added: head/security/py-yara-editor/files/patch-bin__yara-editor ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-yara-editor/files/patch-bin__yara-editor Wed Jul 31 09:24:32 2013 (r324025) @@ -0,0 +1,13 @@ +--- ./bin/yara-editor.orig 2012-11-22 21:47:37.000000000 +0000 ++++ ./bin/yara-editor 2013-07-30 23:07:31.000000000 +0000 +@@ -75,7 +75,9 @@ + config_file.close() + except IOError as e: + make_config_file(config_path) +- ++ config_file = open(config_path, 'r') ++ config.readfp(config_file) ++ config_file.close() + + + translator = QtCore.QTranslator() Added: head/security/py-yara-editor/files/patch-yaraeditor__core__controlleur.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-yara-editor/files/patch-yaraeditor__core__controlleur.py Wed Jul 31 09:24:32 2013 (r324025) @@ -0,0 +1,161 @@ +--- ./yaraeditor/core/controlleur.py.orig 2012-12-02 11:09:48.000000000 +0000 ++++ ./yaraeditor/core/controlleur.py 2013-07-30 23:07:31.000000000 +0000 +@@ -329,8 +329,11 @@ + #self.ui_yaraeditor.verticalLayout_7 = QtGui.QVBoxLayout(self.ui_yaraeditor.tab_strings) + #self.ui_yaraeditor.verticalLayout_7.setObjectName(_fromUtf8("verticalLayout_7")) + self.ui_yaraeditor.treeMalwareStrings = YTreeWidget(self.ui_yaraeditor.tab_strings) +- self.ui_yaraeditor.treeMalwareStrings.setHeaderHidden(True) ++ self.ui_yaraeditor.treeMalwareStrings.setHeaderHidden(False) + self.ui_yaraeditor.treeMalwareStrings.setObjectName(_fromUtf8("treeMalwareStrings")) ++ self.ui_yaraeditor.treeMalwareStrings.setColumnCount(2) ++ self.ui_yaraeditor.treeMalwareStrings.headerItem().setText(0, QtGui.QApplication.translate("YaraEditor", "Value", None, QtGui.QApplication.UnicodeUTF8)) ++ self.ui_yaraeditor.treeMalwareStrings.headerItem().setText(1, QtGui.QApplication.translate("YaraEditor", "Type", None, QtGui.QApplication.UnicodeUTF8)) + self.ui_yaraeditor.verticalLayout_7.addWidget(self.ui_yaraeditor.treeMalwareStrings) + + +@@ -370,7 +373,7 @@ + self.add_element(self.treeMalwareProperties,"Name",fileInfo.fileName()) + self.add_element(self.treeMalwareProperties,"Path",fileInfo.filePath()) + self.add_element(self.treeMalwareProperties,"Size",str(fileInfo.size())) +- fi = open(str(fileInfo.filePath()),'r') ++ fi = open(str(fileInfo.filePath()),'rb') + data = fi.read() + fi.close() + sha1 = QtCore.QCryptographicHash.hash(data,QtCore.QCryptographicHash.Sha1).toHex() +@@ -378,14 +381,16 @@ + self.add_element(self.treeMalwareProperties,"MD5",str(md5)) + self.add_element(self.treeMalwareProperties,"SHA1",str(sha1)) + +- for s in self.get_strings(data): +- self.add_element(self.treeMalwareStrings,str(s)) ++ for s,t in self.get_strings(data): ++ self.add_element(self.treeMalwareStrings,str(s),t) + +- def add_element(self,tree,name,value=""): ++ def add_element(self,tree,name,value="",typeValue=""): + item = QtGui.QTreeWidgetItem(tree) + item.setText(0,name) + if value!="": + item.setText(1,value) ++ if typeValue!="": ++ item.setText(1,typeValue) + + def remove_element(self,tree,name): + findings = tree.findItems(name,Qt.MatchCaseSensitive) +@@ -393,12 +398,33 @@ + index = tree.indexOfTopLevelItem(f) + tree.takeTopLevelItem(index) + ++ def get_ascii(self,data,length_min=7): ++ strings = set() ++ for m in re.finditer("([\x21-\x7e]{4,})", data): ++ if len(m.group(1))> length_min: ++ strings.add(m.group(1)) ++ return strings ++ ++ def get_unicode(self,data,length_min=7): ++ strings = set() ++ for m in re.finditer("([\x20-\x7e]{4,})", data): ++ if len(m.group(1))> length_min: ++ strings.add(m.group(1)) ++ return strings + + def get_strings(self,data,length_min=7): +- strings = list() +- for m in re.finditer("([\x20-\x7e]{3,})", data): +- if len(m.group(1))> length_min: +- strings.append(m.group(1)) ++ strings_ascii = self.get_ascii(data,length_min) ++ strings_unicode = self.get_unicode(data,length_min) ++ ++ strings = set() ++ for sa in strings_ascii: ++ strings.add((sa,"ascii")) ++ ++ for su in strings_unicode: ++ if su in strings: ++ continue ++ strings.add((su,"unicode")) ++ + return strings + + def maybeSave(self): +@@ -610,7 +636,7 @@ + logging.debug(traceback.format_exc()) + self.add_message_output(report) + +- self.add_message_output("Finish : %d match" % found) ++ self.add_message_output("Finish : %d matches" % found) + + def check_yara(self,rules,path): + try: +@@ -664,13 +690,14 @@ + + rules = TEMPLATE_YARA + rules = rules.replace("###STRINGS###","\n".join(set_strings)) +- rules = rules.replace("###CONDITION###","\t(%s)" % " or ".join(set_condition)) ++ #rules = rules.replace("###CONDITION###","\t(%s)" % " and ".join(set_condition)) ++ rules = rules.replace("###CONDITION###","\tall of them") + return rules + + + def generator_add_file(self,path=""): + if path == "": +- pathes = QtGui.QFileDialog.getOpenFileNames(self.mainwindow, "Open File","","All (*.*)") ++ pathes = QtGui.QFileDialog.getOpenFileNames(self.mainwindow, "Open File","","All (*)") + if pathes == None: + return + +@@ -688,7 +715,7 @@ + + def generator_add_family(self,path=None): + if path == None: +- pathes = QtGui.QFileDialog.getOpenFileNames(self.mainwindow, "Open File","","All (*.*)") ++ pathes = QtGui.QFileDialog.getOpenFileNames(self.mainwindow, "Open File","","All (*)") + else: + pathes = path + +@@ -715,16 +742,25 @@ + self.generator_remove_string(item.text()) + + self.ui_generator.treeWidget.clear() +- for s,v in self.set_string.iteritems(): +- if v>=countFamily: +- self.add_element(self.ui_generator.treeWidget,str(s)) ++ good = False ++ while not good: ++ for s,v in self.set_string.iteritems(): ++ print s,v ++ if v>=countFamily: ++ self.add_element(self.ui_generator.treeWidget,str(s)) ++ good = True ++ countFamily -=1 + + + def generator_add_string(self,malware): +- f = open(malware,'r') ++ f = open(malware,'rb') + data = f.read() + f.close() +- for s in self.get_strings(data): ++ strings_in_file = set() ++ for s,t in self.get_strings(data): ++ strings_in_file.add(s) ++ ++ for s in strings_in_file: + if '"' not in s and '\\' not in s and not len(s)>40: + if self.set_string.has_key(str(s)): + self.set_string[str(s)] += 1 +@@ -733,10 +769,10 @@ + + + def generator_remove_string(self,malware): +- f = open(malware,'r') ++ f = open(malware,'rb') + data = f.read() + f.close() +- for s in self.get_strings(data): ++ for s,t in self.get_strings(data): + if self.set_string.has_key(str(s)): + self.set_string[str(s)] = 0 + Added: head/security/py-yara-editor/files/patch-yaraeditor__ui__rules_generator.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-yara-editor/files/patch-yaraeditor__ui__rules_generator.py Wed Jul 31 09:24:32 2013 (r324025) @@ -0,0 +1,41 @@ +--- ./yaraeditor/ui/rules_generator.py.orig 2012-12-02 11:09:53.000000000 +0000 ++++ ./yaraeditor/ui/rules_generator.py 2013-07-30 23:07:31.000000000 +0000 +@@ -2,7 +2,7 @@ + + # Form implementation generated from reading ui file 'rules_generator.ui' + # +-# Created: Sun Dec 2 12:09:53 2012 ++# Created: Tue Feb 26 07:52:45 2013 + # by: PyQt4 UI code generator 4.9.1 + # + # WARNING! All changes made in this file will be lost! +@@ -17,9 +17,18 @@ + class Ui_DialogGenerator(object): + def setupUi(self, DialogGenerator): + DialogGenerator.setObjectName(_fromUtf8("DialogGenerator")) +- DialogGenerator.resize(728, 507) ++ DialogGenerator.resize(728, 610) + self.verticalLayout = QtGui.QVBoxLayout(DialogGenerator) + self.verticalLayout.setObjectName(_fromUtf8("verticalLayout")) ++ self.label = QtGui.QLabel(DialogGenerator) ++ self.label.setObjectName(_fromUtf8("label")) ++ self.verticalLayout.addWidget(self.label) ++ self.label_4 = QtGui.QLabel(DialogGenerator) ++ self.label_4.setObjectName(_fromUtf8("label_4")) ++ self.verticalLayout.addWidget(self.label_4) ++ self.label_5 = QtGui.QLabel(DialogGenerator) ++ self.label_5.setObjectName(_fromUtf8("label_5")) ++ self.verticalLayout.addWidget(self.label_5) + self.widget = QtGui.QWidget(DialogGenerator) + self.widget.setObjectName(_fromUtf8("widget")) + self.horizontalLayout = QtGui.QHBoxLayout(self.widget) +@@ -86,6 +95,9 @@ + + def retranslateUi(self, DialogGenerator): + DialogGenerator.setWindowTitle(QtGui.QApplication.translate("DialogGenerator", "Dialog", None, QtGui.QApplication.UnicodeUTF8)) ++ self.label.setText(QtGui.QApplication.translate("DialogGenerator", "1 - Adding elements in the \"Same Family\", the strings will be retained only those that are found in each element.", None, QtGui.QApplication.UnicodeUTF8)) ++ self.label_4.setText(QtGui.QApplication.translate("DialogGenerator", "2 - Adding elements in the \"Other Malware\", the strings in these files will not be selected to build the rule.", None, QtGui.QApplication.UnicodeUTF8)) ++ self.label_5.setText(QtGui.QApplication.translate("DialogGenerator", "3 - In the middle part, you can see only the strings used for the detection.", None, QtGui.QApplication.UnicodeUTF8)) + self.label_2.setText(QtGui.QApplication.translate("DialogGenerator", "Other Malware (False positive)", None, QtGui.QApplication.UnicodeUTF8)) + self.btnBrowseNewFile.setText(QtGui.QApplication.translate("DialogGenerator", "...", None, QtGui.QApplication.UnicodeUTF8)) + self.label_3.setText(QtGui.QApplication.translate("DialogGenerator", "Same Family", None, QtGui.QApplication.UnicodeUTF8)) Added: head/security/py-yara-editor/files/patch-yaraeditor__ui__yaraeditor.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-yara-editor/files/patch-yaraeditor__ui__yaraeditor.py Wed Jul 31 09:24:32 2013 (r324025) @@ -0,0 +1,91 @@ +--- ./yaraeditor/ui/yaraeditor.py.orig 2012-12-02 11:09:53.000000000 +0000 ++++ ./yaraeditor/ui/yaraeditor.py 2013-07-30 23:07:31.000000000 +0000 +@@ -2,7 +2,7 @@ + + # Form implementation generated from reading ui file 'yaraeditor.ui' + # +-# Created: Sun Dec 2 12:09:53 2012 ++# Created: Tue Feb 26 07:52:45 2013 + # by: PyQt4 UI code generator 4.9.1 + # + # WARNING! All changes made in this file will be lost! +@@ -17,10 +17,11 @@ + class Ui_YaraEditor(object): + def setupUi(self, YaraEditor): + YaraEditor.setObjectName(_fromUtf8("YaraEditor")) +- YaraEditor.resize(1117, 600) ++ YaraEditor.resize(1117, 609) + icon = QtGui.QIcon() + icon.addPixmap(QtGui.QPixmap(_fromUtf8(":/logo/images/logo.jpg")), QtGui.QIcon.Normal, QtGui.QIcon.Off) + YaraEditor.setWindowIcon(icon) ++ YaraEditor.setUnifiedTitleAndToolBarOnMac(True) + self.centralwidget = QtGui.QWidget(YaraEditor) + self.centralwidget.setObjectName(_fromUtf8("centralwidget")) + self.verticalLayout = QtGui.QVBoxLayout(self.centralwidget) +@@ -34,18 +35,6 @@ + self.widgetEditor.setObjectName(_fromUtf8("widgetEditor")) + self.horizontalLayout.addWidget(self.widgetEditor) + self.verticalLayout.addWidget(self.MainWidget) +- self.widgetOutput = QtGui.QWidget(self.centralwidget) +- self.widgetOutput.setMaximumSize(QtCore.QSize(16777215, 110)) +- self.widgetOutput.setObjectName(_fromUtf8("widgetOutput")) +- self.horizontalLayout_2 = QtGui.QHBoxLayout(self.widgetOutput) +- self.horizontalLayout_2.setMargin(0) +- self.horizontalLayout_2.setObjectName(_fromUtf8("horizontalLayout_2")) +- self.outputEdit = QtGui.QTextEdit(self.widgetOutput) +- self.outputEdit.setMaximumSize(QtCore.QSize(16777215, 100)) +- self.outputEdit.setReadOnly(True) +- self.outputEdit.setObjectName(_fromUtf8("outputEdit")) +- self.horizontalLayout_2.addWidget(self.outputEdit) +- self.verticalLayout.addWidget(self.widgetOutput) + YaraEditor.setCentralWidget(self.centralwidget) + self.menubar = QtGui.QMenuBar(YaraEditor) + self.menubar.setGeometry(QtCore.QRect(0, 0, 1117, 25)) +@@ -95,9 +84,6 @@ + self.verticalLayout_3 = QtGui.QVBoxLayout(self.widgetMalware) + self.verticalLayout_3.setMargin(0) + self.verticalLayout_3.setObjectName(_fromUtf8("verticalLayout_3")) +- self.label_2 = QtGui.QLabel(self.widgetMalware) +- self.label_2.setObjectName(_fromUtf8("label_2")) +- self.verticalLayout_3.addWidget(self.label_2) + self.pathMalware = QtGui.QLineEdit(self.widgetMalware) + self.pathMalware.setMaximumSize(QtCore.QSize(16777215, 16777215)) + self.pathMalware.setReadOnly(False) +@@ -134,6 +120,20 @@ + self.verticalLayout_6.addWidget(self.tabWidget) + self.dockWidgetInspector.setWidget(self.dockWidgetContents_4) + YaraEditor.addDockWidget(QtCore.Qt.DockWidgetArea(2), self.dockWidgetInspector) ++ self.dockWidget = QtGui.QDockWidget(YaraEditor) ++ self.dockWidget.setObjectName(_fromUtf8("dockWidget")) ++ self.dockWidgetContents_3 = QtGui.QWidget() ++ self.dockWidgetContents_3.setObjectName(_fromUtf8("dockWidgetContents_3")) ++ self.verticalLayout_9 = QtGui.QVBoxLayout(self.dockWidgetContents_3) ++ self.verticalLayout_9.setObjectName(_fromUtf8("verticalLayout_9")) ++ self.outputEdit = QtGui.QTextEdit(self.dockWidgetContents_3) ++ self.outputEdit.setMinimumSize(QtCore.QSize(0, 100)) ++ self.outputEdit.setMaximumSize(QtCore.QSize(16777215, 16777215)) ++ self.outputEdit.setReadOnly(True) ++ self.outputEdit.setObjectName(_fromUtf8("outputEdit")) ++ self.verticalLayout_9.addWidget(self.outputEdit) ++ self.dockWidget.setWidget(self.dockWidgetContents_3) ++ YaraEditor.addDockWidget(QtCore.Qt.DockWidgetArea(8), self.dockWidget) + self.actionNouveau = QtGui.QAction(YaraEditor) + icon1 = QtGui.QIcon() + icon1.addPixmap(QtGui.QPixmap(_fromUtf8(":/icon/images/win/filenew.png")), QtGui.QIcon.Normal, QtGui.QIcon.On) +@@ -145,13 +145,14 @@ + self.actionEnregistrer.setObjectName(_fromUtf8("actionEnregistrer")) + + self.retranslateUi(YaraEditor) +- self.tabWidget.setCurrentIndex(1) ++ self.tabWidget.setCurrentIndex(0) + QtCore.QMetaObject.connectSlotsByName(YaraEditor) + + def retranslateUi(self, YaraEditor): + YaraEditor.setWindowTitle(QtGui.QApplication.translate("YaraEditor", "Yara-Editor", None, QtGui.QApplication.UnicodeUTF8)) + self.label_3.setText(QtGui.QApplication.translate("YaraEditor", "Yara Browser", None, QtGui.QApplication.UnicodeUTF8)) +- self.label_2.setText(QtGui.QApplication.translate("YaraEditor", "Malware Browser", None, QtGui.QApplication.UnicodeUTF8)) ++ self.dockWidgetMalware.setWindowTitle(QtGui.QApplication.translate("YaraEditor", "Malware Browser", None, QtGui.QApplication.UnicodeUTF8)) ++ self.dockWidgetInspector.setWindowTitle(QtGui.QApplication.translate("YaraEditor", "Inspector", None, QtGui.QApplication.UnicodeUTF8)) + self.treeMalwareProperties.headerItem().setText(0, QtGui.QApplication.translate("YaraEditor", "Name", None, QtGui.QApplication.UnicodeUTF8)) + self.treeMalwareProperties.headerItem().setText(1, QtGui.QApplication.translate("YaraEditor", "Value", None, QtGui.QApplication.UnicodeUTF8)) + self.tabWidget.setTabText(self.tabWidget.indexOf(self.tab_properties), QtGui.QApplication.translate("YaraEditor", "Tab Properties", None, QtGui.QApplication.UnicodeUTF8))
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307310924.r6V9OWvb093560>