自学教程：C++ yr_arena_write_data函数代码示例

int yr_parser_emit_with_arg_reloc(    yyscan_t yyscanner,    int8_t instruction,    int64_t argument,    int8_t** instruction_address){  void* ptr;  int result = yr_arena_write_data(      yyget_extra(yyscanner)->code_arena,      &instruction,      sizeof(int8_t),      (void**) instruction_address);  if (result == ERROR_SUCCESS)    result = yr_arena_write_data(        yyget_extra(yyscanner)->code_arena,        &argument,        sizeof(int64_t),        &ptr);  if (result == ERROR_SUCCESS)    result = yr_arena_make_relocatable(        yyget_extra(yyscanner)->code_arena,        ptr,        0,        EOL);  return result;}

int yr_arena_append(    YR_ARENA* target_arena,    YR_ARENA* source_arena){  uint8_t padding_data[15];  size_t padding_size = 16 - target_arena->current_page->used % 16;  if (padding_size < 16)  {    memset(&padding_data, 0xCC, padding_size);    FAIL_ON_ERROR(yr_arena_write_data(        target_arena,        padding_data,        padding_size,        NULL));  }  target_arena->current_page->next = source_arena->page_list_head;  source_arena->page_list_head->prev = target_arena->current_page;  target_arena->current_page = source_arena->current_page;  yr_free(source_arena);  return ERROR_SUCCESS;}

int yr_arena_write_string(    YR_ARENA* arena,    const char* string,    char** written_string){  return yr_arena_write_data(      arena,      (void*) string,      strlen(string) + 1,      (void**) written_string);}

int yr_parser_emit(    yyscan_t yyscanner,    int8_t instruction,    int8_t** instruction_address){  return yr_arena_write_data(      yyget_extra(yyscanner)->code_arena,      &instruction,      sizeof(int8_t),      (void**) instruction_address);}

int yr_parser_emit_with_arg(    yyscan_t yyscanner,    int8_t instruction,    int64_t argument,    int8_t** instruction_address){  int result = yr_arena_write_data(      yyget_extra(yyscanner)->code_arena,      &instruction,      sizeof(int8_t),      (void**) instruction_address);  if (result == ERROR_SUCCESS)    result = yr_arena_write_data(        yyget_extra(yyscanner)->code_arena,        &argument,        sizeof(int64_t),        NULL);  return result;}

int yr_parser_emit_with_arg_reloc(    yyscan_t yyscanner,    uint8_t instruction,    void* argument,    uint8_t** instruction_address,    void** argument_address){  int64_t* ptr = NULL;  int result;  DECLARE_REFERENCE(void*, ptr) arg;  memset(&arg, 0, sizeof(arg));  arg.ptr = argument;  result = yr_arena_write_data(      yyget_extra(yyscanner)->code_arena,      &instruction,      sizeof(uint8_t),      (void**) instruction_address);  if (result == ERROR_SUCCESS)    result = yr_arena_write_data(        yyget_extra(yyscanner)->code_arena,        &arg,        sizeof(arg),        (void**) &ptr);  if (result == ERROR_SUCCESS)    result = yr_arena_make_ptr_relocatable(        yyget_extra(yyscanner)->code_arena,        ptr,        0,        EOL);  if (argument_address != NULL)    *argument_address = (void*) ptr;  return result;}

int yr_parser_emit_with_arg_double(    yyscan_t yyscanner,    uint8_t instruction,    double argument,    uint8_t** instruction_address,    double** argument_address){  int result = yr_arena_write_data(      yyget_extra(yyscanner)->code_arena,      &instruction,      sizeof(uint8_t),      (void**) instruction_address);  if (result == ERROR_SUCCESS)    result = yr_arena_write_data(        yyget_extra(yyscanner)->code_arena,        &argument,        sizeof(double),        (void**) argument_address);  return result;}

int _yr_emit_split(    RE_EMIT_CONTEXT* emit_context,    uint8_t opcode,    int16_t argument,    uint8_t** instruction_addr,    int16_t** argument_addr,    int* code_size){  assert(opcode == RE_OPCODE_SPLIT_A || opcode == RE_OPCODE_SPLIT_B);  if (emit_context->next_split_id == RE_MAX_SPLIT_ID)    return ERROR_REGULAR_EXPRESSION_TOO_COMPLEX;  FAIL_ON_ERROR(yr_arena_write_data(      emit_context->arena,      &opcode,      sizeof(uint8_t),      (void**) instruction_addr));  FAIL_ON_ERROR(yr_arena_write_data(      emit_context->arena,      &emit_context->next_split_id,      sizeof(RE_SPLIT_ID_TYPE),      NULL));  emit_context->next_split_id++;  FAIL_ON_ERROR(yr_arena_write_data(      emit_context->arena,      &argument,      sizeof(int16_t),      (void**) argument_addr));  *code_size = sizeof(uint8_t) + sizeof(RE_SPLIT_ID_TYPE) + sizeof(int16_t);  return ERROR_SUCCESS;}

int _yr_emit_inst_arg_int16(    YR_ARENA* arena,    uint8_t opcode,    int16_t argument,    uint8_t** instruction_addr,    int16_t** argument_addr,    int* code_size){  FAIL_ON_ERROR(yr_arena_write_data(      arena,      &opcode,      sizeof(uint8_t),      (void**) instruction_addr));  FAIL_ON_ERROR(yr_arena_write_data(      arena,      &argument,      sizeof(int16_t),      (void**) argument_addr));  *code_size = sizeof(uint8_t) + sizeof(int16_t);  return ERROR_SUCCESS;}

int _yr_emit_inst_arg_int16(    RE_EMIT_CONTEXT* emit_context,    uint8_t opcode,    int16_t argument,    uint8_t** instruction_addr,    int16_t** argument_addr,    int* code_size){  FAIL_ON_ERROR(yr_arena_write_data(      emit_context->arena,      &opcode,      sizeof(uint8_t),      (void**) instruction_addr));  FAIL_ON_ERROR(yr_arena_write_data(      emit_context->arena,      &argument,      sizeof(int16_t),      (void**) argument_addr));  *code_size = sizeof(uint8_t) + sizeof(int16_t);  return ERROR_SUCCESS;}

static int _yr_parser_write_string(    const char* identifier,    int flags,    YR_COMPILER* compiler,    SIZED_STRING* str,    RE_AST* re_ast,    YR_STRING** string,    int* min_atom_quality,    int* num_atom){  SIZED_STRING* literal_string;  YR_ATOM_LIST_ITEM* atom;  YR_ATOM_LIST_ITEM* atom_list = NULL;  int c, result;  int max_string_len;  bool free_literal = false;  *string = NULL;  result = yr_arena_allocate_struct(      compiler->strings_arena,      sizeof(YR_STRING),      (void**) string,      offsetof(YR_STRING, identifier),      offsetof(YR_STRING, string),      offsetof(YR_STRING, chained_to),      offsetof(YR_STRING, rule),      EOL);  if (result != ERROR_SUCCESS)    return result;  result = yr_arena_write_string(      compiler->sz_arena,      identifier,      &(*string)->identifier);  if (result != ERROR_SUCCESS)    return result;  if (flags & STRING_GFLAGS_HEXADECIMAL ||      flags & STRING_GFLAGS_REGEXP)  {    literal_string = yr_re_ast_extract_literal(re_ast);    if (literal_string != NULL)    {      flags |= STRING_GFLAGS_LITERAL;      free_literal = true;    }    else    {      // Non-literal strings can't be marked as fixed offset because once we      // find a string atom in the scanned data we don't know the offset where      // the string should start, as the non-literal strings can contain      // variable-length portions.      flags &= ~STRING_GFLAGS_FIXED_OFFSET;    }  }  else  {    literal_string = str;    flags |= STRING_GFLAGS_LITERAL;  }  (*string)->g_flags = flags;  (*string)->chained_to = NULL;  (*string)->fixed_offset = UNDEFINED;  (*string)->rule = compiler->current_rule;  memset((*string)->matches, 0,         sizeof((*string)->matches));  memset((*string)->unconfirmed_matches, 0,         sizeof((*string)->unconfirmed_matches));  if (flags & STRING_GFLAGS_LITERAL)  {    (*string)->length = (uint32_t) literal_string->length;    result = yr_arena_write_data(        compiler->sz_arena,        literal_string->c_string,        literal_string->length + 1,   // +1 to include terminating NULL        (void**) &(*string)->string);    if (result == ERROR_SUCCESS)    {      result = yr_atoms_extract_from_string(          &compiler->atoms_config,          (uint8_t*) literal_string->c_string,          (int32_t) literal_string->length,          flags,          &atom_list,          min_atom_quality);    }  }  else//.........这里部分代码省略.........

//.........这里部分代码省略.........        }        function = object_as_function(r2.o);        result = ERROR_INTERNAL_FATAL_ERROR;        for (i = 0; i < YR_MAX_OVERLOADED_FUNCTIONS; i++)        {          if (function->prototypes[i].arguments_fmt == NULL)            break;          if (strcmp(function->prototypes[i].arguments_fmt, args_fmt) == 0)          {            result = function->prototypes[i].code(args, context, function);            break;          }        }        // if i == YR_MAX_OVERLOADED_FUNCTIONS at this point no matching        // prototype was found, but this shouldn't happen.        assert(i < YR_MAX_OVERLOADED_FUNCTIONS);        // make a copy of the returned object and push the copy into the stack        // function->return_obj can't be pushed because it can change in        // subsequent calls to the same function.        if (result == ERROR_SUCCESS)          result = yr_object_copy(function->return_obj, &r1.o);        // a pointer to the copied object is stored in a arena in order to        // free the object before exiting yr_execute_code        if (result == ERROR_SUCCESS)          result = yr_arena_write_data(obj_arena, &r1.o, sizeof(r1.o), NULL);        stop = (result != ERROR_SUCCESS);        push(r1);        break;      case OP_FOUND:        pop(r1);        r1.i = r1.s->matches[tidx].tail != NULL ? 1 : 0;        push(r1);        break;      case OP_FOUND_AT:        pop(r2);        pop(r1);        if (is_undef(r1))        {          r1.i = 0;          push(r1);          break;        }        match = r2.s->matches[tidx].head;        r3.i = false;        while (match != NULL)        {          if (r1.i == match->base + match->offset)          {            r3.i = true;            break;          }

//.........这里部分代码省略.........        code_size));    break;  case RE_NODE_NON_DIGIT:    FAIL_ON_ERROR(_yr_emit_inst(        emit_context,        RE_OPCODE_NON_DIGIT,        &instruction_addr,        code_size));    break;  case RE_NODE_ANY:    FAIL_ON_ERROR(_yr_emit_inst(        emit_context,        flags & EMIT_DOT_ALL ?          RE_OPCODE_ANY :          RE_OPCODE_ANY_EXCEPT_NEW_LINE,        &instruction_addr,        code_size));    break;  case RE_NODE_CLASS:    FAIL_ON_ERROR(_yr_emit_inst(        emit_context,        (flags & EMIT_NO_CASE) ?          RE_OPCODE_CLASS_NO_CASE :          RE_OPCODE_CLASS,        &instruction_addr,        code_size));    FAIL_ON_ERROR(yr_arena_write_data(        emit_context->arena,        re_node->class_vector,        32,        NULL));    *code_size += 32;    break;  case RE_NODE_ANCHOR_START:    FAIL_ON_ERROR(_yr_emit_inst(        emit_context,        RE_OPCODE_MATCH_AT_START,        &instruction_addr,        code_size));    break;  case RE_NODE_ANCHOR_END:    FAIL_ON_ERROR(_yr_emit_inst(        emit_context,        RE_OPCODE_MATCH_AT_END,        &instruction_addr,        code_size));    break;  case RE_NODE_CONCAT:    if (flags & EMIT_BACKWARDS)    {      left = re_node->right;      right = re_node->left;

int yr_ac_compile(    YR_AC_AUTOMATON* automaton,    YR_ARENA* arena,    YR_AC_TABLES* tables){  uint32_t i;  FAIL_ON_ERROR(_yr_ac_create_failure_links(automaton));  FAIL_ON_ERROR(_yr_ac_optimize_failure_links(automaton));  FAIL_ON_ERROR(_yr_ac_build_transition_table(automaton));  FAIL_ON_ERROR(yr_arena_reserve_memory(      arena,      automaton->tables_size * sizeof(tables->transitions[0]) +      automaton->tables_size * sizeof(tables->matches[0])));  FAIL_ON_ERROR(yr_arena_write_data(      arena,      automaton->t_table,      sizeof(YR_AC_TRANSITION),      (void**) &tables->transitions));  for (i = 1; i < automaton->tables_size; i++)  {    FAIL_ON_ERROR(yr_arena_write_data(        arena,        automaton->t_table + i,        sizeof(YR_AC_TRANSITION),        NULL));  }  FAIL_ON_ERROR(yr_arena_write_data(      arena,      automaton->m_table,      sizeof(YR_AC_MATCH_TABLE_ENTRY),      (void**) &tables->matches));  FAIL_ON_ERROR(yr_arena_make_relocatable(      arena,      tables->matches,      offsetof(YR_AC_MATCH_TABLE_ENTRY, match),      EOL));  for (i = 1; i < automaton->tables_size; i++)  {    void* ptr;    FAIL_ON_ERROR(yr_arena_write_data(        arena,        automaton->m_table + i,        sizeof(YR_AC_MATCH_TABLE_ENTRY),        (void**) &ptr));    FAIL_ON_ERROR(yr_arena_make_relocatable(        arena,        ptr,        offsetof(YR_AC_MATCH_TABLE_ENTRY, match),        EOL));  }  return ERROR_SUCCESS;}

//.........这里部分代码省略.........        }      }      match = next_match;    }  }  if (add_match)  {    if (STRING_IS_CHAIN_TAIL(matching_string))    {      match = matching_string->chained_to->unconfirmed_matches[tidx].head;      while (match != NULL)      {        ending_offset = match->offset + match->length;        if (ending_offset + matching_string->chain_gap_max >= match_offset &&            ending_offset + matching_string->chain_gap_min <= match_offset)        {          _yr_scan_update_match_chain_length(              tidx, matching_string->chained_to, match, 1);        }        match = match->next;      }      full_chain_length = 0;      string = matching_string;      while(string->chained_to != NULL)      {        full_chain_length++;        string = string->chained_to;      }      // "string" points now to the head of the strings chain      match = string->unconfirmed_matches[tidx].head;      while (match != NULL)      {        next_match = match->next;        if (match->chain_length == full_chain_length)        {          _yr_scan_remove_match_from_list(              match, &string->unconfirmed_matches[tidx]);          match->length = (int32_t) /              (match_offset - match->offset + match_length);          match->data = match_data - match_offset + match->offset;          match->prev = NULL;          match->next = NULL;          FAIL_ON_ERROR(_yr_scan_add_match_to_list(              match, &string->matches[tidx], FALSE));        }        match = next_match;      }    }    else    {      if (matching_string->matches[tidx].count == 0 &&          matching_string->unconfirmed_matches[tidx].count == 0)      {        // If this is the first match for the string, put the string in the        // list of strings whose flags needs to be cleared after the scan.        FAIL_ON_ERROR(yr_arena_write_data(            context->matching_strings_arena,            &matching_string,            sizeof(matching_string),            NULL));      }      FAIL_ON_ERROR(yr_arena_allocate_memory(          context->matches_arena,          sizeof(YR_MATCH),          (void**) &new_match));      new_match->base = match_base;      new_match->offset = match_offset;      new_match->length = match_length;      new_match->data = match_data;      new_match->chain_length = 0;      new_match->prev = NULL;      new_match->next = NULL;      FAIL_ON_ERROR(_yr_scan_add_match_to_list(          new_match,          &matching_string->unconfirmed_matches[tidx],          FALSE));    }  }  return ERROR_SUCCESS;}

//.........这里部分代码省略.........    FAIL_ON_ERROR(_yr_emit_inst(        arena,        RE_OPCODE_DIGIT,        &instruction_addr,        code_size));    break;  case RE_NODE_NON_DIGIT:    FAIL_ON_ERROR(_yr_emit_inst(        arena,        RE_OPCODE_NON_DIGIT,        &instruction_addr,        code_size));    break;  case RE_NODE_ANY:    FAIL_ON_ERROR(_yr_emit_inst(        arena,        RE_OPCODE_ANY,        &instruction_addr,        code_size));    break;  case RE_NODE_CLASS:    FAIL_ON_ERROR(_yr_emit_inst(        arena,        RE_OPCODE_CLASS,        &instruction_addr,        code_size));    FAIL_ON_ERROR(yr_arena_write_data(        arena,        re_node->class_vector,        32,        NULL));    *code_size += 32;    break;  case RE_NODE_ANCHOR_START:    FAIL_ON_ERROR(_yr_emit_inst(        arena,        RE_OPCODE_MATCH_AT_START,        &instruction_addr,        code_size));    break;  case RE_NODE_ANCHOR_END:    FAIL_ON_ERROR(_yr_emit_inst(        arena,        RE_OPCODE_MATCH_AT_END,        &instruction_addr,        code_size));    break;  case RE_NODE_CONCAT:    if (flags & EMIT_FLAGS_BACKWARDS)    {      left = re_node->right;      right = re_node->left;

int _yr_parser_write_string(    const char* identifier,    int flags,    YR_COMPILER* compiler,    SIZED_STRING* str,    RE* re,    YR_STRING** string,    int* min_atom_quality){  SIZED_STRING* literal_string;  YR_AC_MATCH* new_match;  YR_ATOM_LIST_ITEM* atom_list = NULL;  int result;  int max_string_len;  int free_literal = FALSE;  *string = NULL;  result = yr_arena_allocate_struct(      compiler->strings_arena,      sizeof(YR_STRING),      (void**) string,      offsetof(YR_STRING, identifier),      offsetof(YR_STRING, string),      offsetof(YR_STRING, chained_to),      EOL);  if (result != ERROR_SUCCESS)    return result;  result = yr_arena_write_string(      compiler->sz_arena,      identifier,      &(*string)->identifier);  if (result != ERROR_SUCCESS)    return result;  if (flags & STRING_GFLAGS_HEXADECIMAL ||      flags & STRING_GFLAGS_REGEXP)  {    literal_string = yr_re_extract_literal(re);    if (literal_string != NULL)    {      flags |= STRING_GFLAGS_LITERAL;      free_literal = TRUE;    }    else    {      // Non-literal strings can't be marked as fixed offset because once we      // find a string atom in the scanned data we don't know the offset where      // the string should start, as the non-literal strings can contain      // variable-length portions.      flags &= ~STRING_GFLAGS_FIXED_OFFSET;    }  }  else  {    literal_string = str;    flags |= STRING_GFLAGS_LITERAL;  }  (*string)->g_flags = flags;  (*string)->chained_to = NULL;  (*string)->fixed_offset = UNDEFINED;  #ifdef PROFILING_ENABLED  (*string)->clock_ticks = 0;  #endif  memset((*string)->matches, 0,         sizeof((*string)->matches));  memset((*string)->unconfirmed_matches, 0,         sizeof((*string)->unconfirmed_matches));  if (flags & STRING_GFLAGS_LITERAL)  {    (*string)->length = (uint32_t) literal_string->length;    result = yr_arena_write_data(        compiler->sz_arena,        literal_string->c_string,        literal_string->length + 1,   // +1 to include terminating NULL        (void**) &(*string)->string);    if (result == ERROR_SUCCESS)    {      result = yr_atoms_extract_from_string(          (uint8_t*) literal_string->c_string,          (int32_t) literal_string->length,          flags,          &atom_list);    }  }  else  {//.........这里部分代码省略.........

int _yr_compiler_compile_rules(  YR_COMPILER* compiler){  YARA_RULES_FILE_HEADER* rules_file_header = NULL;  YR_ARENA* arena = NULL;  YR_RULE null_rule;  YR_EXTERNAL_VARIABLE null_external;  YR_AC_TABLES tables;  int8_t halt = OP_HALT;  int result;  // Write halt instruction at the end of code.  yr_arena_write_data(      compiler->code_arena,      &halt,      sizeof(int8_t),      NULL);  // Write a null rule indicating the end.  memset(&null_rule, 0xFA, sizeof(YR_RULE));  null_rule.g_flags = RULE_GFLAGS_NULL;  yr_arena_write_data(      compiler->rules_arena,      &null_rule,      sizeof(YR_RULE),      NULL);  // Write a null external the end.  memset(&null_external, 0xFA, sizeof(YR_EXTERNAL_VARIABLE));  null_external.type = EXTERNAL_VARIABLE_TYPE_NULL;  yr_arena_write_data(      compiler->externals_arena,      &null_external,      sizeof(YR_EXTERNAL_VARIABLE),      NULL);  // Write Aho-Corasick automaton to arena.  result = yr_ac_compile(      compiler->automaton,      compiler->automaton_arena,      &tables);  if (result == ERROR_SUCCESS)    result = yr_arena_create(1024, 0, &arena);  if (result == ERROR_SUCCESS)    result = yr_arena_allocate_struct(        arena,        sizeof(YARA_RULES_FILE_HEADER),        (void**) &rules_file_header,        offsetof(YARA_RULES_FILE_HEADER, rules_list_head),        offsetof(YARA_RULES_FILE_HEADER, externals_list_head),        offsetof(YARA_RULES_FILE_HEADER, code_start),        offsetof(YARA_RULES_FILE_HEADER, match_table),        offsetof(YARA_RULES_FILE_HEADER, transition_table),        EOL);  if (result == ERROR_SUCCESS)  {    rules_file_header->rules_list_head = (YR_RULE*) yr_arena_base_address(        compiler->rules_arena);    rules_file_header->externals_list_head = (YR_EXTERNAL_VARIABLE*)		yr_arena_base_address(compiler->externals_arena);    rules_file_header->code_start = (uint8_t*) yr_arena_base_address(        compiler->code_arena);    rules_file_header->match_table = tables.matches;    rules_file_header->transition_table = tables.transitions;  }  if (result == ERROR_SUCCESS)  {    result = yr_arena_append(        arena,        compiler->code_arena);  }  if (result == ERROR_SUCCESS)  {    compiler->code_arena = NULL;    result = yr_arena_append(        arena,        compiler->re_code_arena);  }  if (result == ERROR_SUCCESS)  {    compiler->re_code_arena = NULL;    result = yr_arena_append(        arena,        compiler->rules_arena);  }  if (result == ERROR_SUCCESS)  {//.........这里部分代码省略.........

int _yr_parser_write_string(    const char* identifier,    int flags,    YR_COMPILER* compiler,    SIZED_STRING* str,    RE* re,    YR_STRING** string,    int* min_atom_length){  SIZED_STRING* literal_string;  YR_AC_MATCH* new_match;  YR_ATOM_LIST_ITEM* atom;  YR_ATOM_LIST_ITEM* atom_list = NULL;  int result;  int max_string_len;  int free_literal = FALSE;  *string = NULL;  result = yr_arena_allocate_struct(      compiler->strings_arena,      sizeof(YR_STRING),      (void**) string,      offsetof(YR_STRING, identifier),      offsetof(YR_STRING, string),      offsetof(YR_STRING, chained_to),      EOL);  if (result != ERROR_SUCCESS)    return result;  result = yr_arena_write_string(      compiler->sz_arena,      identifier,      &(*string)->identifier);  if (result != ERROR_SUCCESS)    return result;  if (flags & STRING_GFLAGS_HEXADECIMAL ||      flags & STRING_GFLAGS_REGEXP)  {    literal_string = yr_re_extract_literal(re);    if (literal_string != NULL)    {      flags |= STRING_GFLAGS_LITERAL;      free_literal = TRUE;    }  }  else  {    literal_string = str;    flags |= STRING_GFLAGS_LITERAL;  }  (*string)->g_flags = flags;  (*string)->chained_to = NULL;  memset((*string)->matches, 0,         sizeof((*string)->matches));  memset((*string)->unconfirmed_matches, 0,         sizeof((*string)->unconfirmed_matches));  if (flags & STRING_GFLAGS_LITERAL)  {    (*string)->length = literal_string->length;    result = yr_arena_write_data(        compiler->sz_arena,        literal_string->c_string,        literal_string->length,        (void*) &(*string)->string);    if (result == ERROR_SUCCESS)    {      result = yr_atoms_extract_from_string(          (uint8_t*) literal_string->c_string,          literal_string->length,          flags,          &atom_list);    }  }  else  {    result = yr_re_emit_code(re, compiler->re_code_arena);    if (result == ERROR_SUCCESS)      result = yr_atoms_extract_from_re(re, flags, &atom_list);  }  if (result == ERROR_SUCCESS)  {    // Add the string to Aho-Corasick automaton.    if (atom_list != NULL)    {//.........这里部分代码省略.........

int _yr_scan_match_callback(    uint8_t* match_data,    int32_t match_length,    int flags,    void* args){  CALLBACK_ARGS* callback_args = (CALLBACK_ARGS*) args;  YR_STRING* string = callback_args->string;  YR_MATCH* new_match;  int result = ERROR_SUCCESS;  int tidx = callback_args->context->tidx;  size_t match_offset = match_data - callback_args->data;  // total match length is the sum of backward and forward matches.  match_length += callback_args->forward_matches;  if (callback_args->full_word)  {    if (flags & RE_FLAGS_WIDE)    {      if (match_offset >= 2 &&          *(match_data - 1) == 0 &&          isalnum(*(match_data - 2)))        return ERROR_SUCCESS;      if (match_offset + match_length + 1 < callback_args->data_size &&          *(match_data + match_length + 1) == 0 &&          isalnum(*(match_data + match_length)))        return ERROR_SUCCESS;    }    else    {      if (match_offset >= 1 &&          isalnum(*(match_data - 1)))        return ERROR_SUCCESS;      if (match_offset + match_length < callback_args->data_size &&          isalnum(*(match_data + match_length)))        return ERROR_SUCCESS;    }  }  if (STRING_IS_CHAIN_PART(string))  {    result = _yr_scan_verify_chained_string_match(        string,        callback_args->context,        match_data,        callback_args->data_base,        match_offset,        match_length);  }  else  {    if (string->matches[tidx].count == 0)    {      // If this is the first match for the string, put the string in the      // list of strings whose flags needs to be cleared after the scan.      FAIL_ON_ERROR(yr_arena_write_data(          callback_args->context->matching_strings_arena,          &string,          sizeof(string),          NULL));    }    result = yr_arena_allocate_memory(        callback_args->context->matches_arena,        sizeof(YR_MATCH),        (void**) &new_match);    if (result == ERROR_SUCCESS)    {      new_match->base = callback_args->data_base;      new_match->offset = match_offset;      new_match->length = match_length;      new_match->data = match_data;      new_match->prev = NULL;      new_match->next = NULL;      FAIL_ON_ERROR(_yr_scan_add_match_to_list(          new_match,          &string->matches[tidx],          STRING_IS_GREEDY_REGEXP(string)));    }  }  return result;}

//.........这里部分代码省略.........    else    {      compiler->last_result = yr_re_emit_code(          re, compiler->re_code_arena);      if (compiler->last_result != ERROR_SUCCESS)      {        string = NULL;        goto _exit;      }      compiler->last_result = yr_atoms_extract_from_re(          re, string->g_flags, &atom_list);    }  }  else  {    string->g_flags |= STRING_GFLAGS_LITERAL;    literal_string = (uint8_t*) str->c_string;    literal_string_len = str->length;    compiler->last_result  = yr_atoms_extract_from_string(        literal_string, literal_string_len, string->g_flags, &atom_list);  }  if (compiler->last_result != ERROR_SUCCESS)  {    string = NULL;    goto _exit;  }  if (STRING_IS_LITERAL(string))  {    compiler->last_result = yr_arena_write_data(        compiler->sz_arena,        literal_string,        literal_string_len,        (void*) &string->string);    if (compiler->last_result != ERROR_SUCCESS)    {      string = NULL;      goto _exit;    }    string->length = literal_string_len;  }  // Add the string to Aho-Corasick automaton.  if (atom_list != NULL)  {    compiler->last_result = yr_ac_add_string(      compiler->automaton_arena,      compiler->automaton,      string,      atom_list);  }  else  {    compiler->last_result = yr_arena_allocate_struct(        compiler->automaton_arena,        sizeof(YR_AC_MATCH),        (void**) &new_match,        offsetof(YR_AC_MATCH, string),        offsetof(YR_AC_MATCH, forward_code),