/src/yara/libyara/modules/lnk/lnk_utils.c

Source (jump to first uncovered line)
#include <stdio.h>
#include <string.h>
#include <yara/endian.h>
#include <yara/integers.h>
#include <yara/lnk.h>
#include <yara/lnk_utils.h>
#include <yara/mem.h>
#include <yara/strutils.h>
#include <yara/utils.h>

uint64_t convertWindowsTimeToUnixTime(uint64_t input)
{
  // https://stackoverflow.com/questions/6161776/convert-windows-filetime-to-second-in-unix-linux
  long long int temp;
  temp = input / TICKS_PER_SECOND;  // convert from 100ns intervals to seconds;
  temp = temp - EPOCH_DIFFERENCE;   // subtract number of seconds between epochs
  return temp;
}

char* get_hotkey_char(uint8_t key)
{
  char key_str[64];
  key_str[0] = '\0';

  switch (key)
  {
  case 0x30:
    sprintf(key_str, "0");
    break;

  case 0x31:
    sprintf(key_str, "1");
    break;

  case 0x32:
    sprintf(key_str, "2");
    break;

  case 0x33:
    sprintf(key_str, "3");
    break;

  case 0x34:
    sprintf(key_str, "4");
    break;

  case 0x35:
    sprintf(key_str, "5");
    break;

  case 0x36:
    sprintf(key_str, "6");
    break;

  case 0x37:
    sprintf(key_str, "7");
    break;

  case 0x38:
    sprintf(key_str, "8");
    break;

  case 0x39:
    sprintf(key_str, "9");
    break;

  case 0x41:
    sprintf(key_str, "A");
    break;

  case 0x42:
    sprintf(key_str, "B");
    break;

  case 0x43:
    sprintf(key_str, "C");
    break;

  case 0x44:
    sprintf(key_str, "D");
    break;

  case 0x45:
    sprintf(key_str, "E");
    break;

  case 0x46:
    sprintf(key_str, "F");
    break;

  case 0x47:
    sprintf(key_str, "G");
    break;

  case 0x48:
    sprintf(key_str, "H");
    break;

  case 0x49:
    sprintf(key_str, "I");
    break;

  case 0x4A:
    sprintf(key_str, "J");
    break;

  case 0x4B:
    sprintf(key_str, "K");
    break;

  case 0x4C:
    sprintf(key_str, "L");
    break;

  case 0x4D:
    sprintf(key_str, "M");
    break;

  case 0x4E:
    sprintf(key_str, "N");
    break;

  case 0x4F:
    sprintf(key_str, "O");
    break;

  case 0x50:
    sprintf(key_str, "P");
    break;

  case 0x51:
    sprintf(key_str, "Q");
    break;

  case 0x52:
    sprintf(key_str, "R");
    break;

  case 0x53:
    sprintf(key_str, "S");
    break;

  case 0x54:
    sprintf(key_str, "T");
    break;

  case 0x55:
    sprintf(key_str, "U");
    break;

  case 0x56:
    sprintf(key_str, "V");
    break;

  case 0x57:
    sprintf(key_str, "W");
    break;

  case 0x58:
    sprintf(key_str, "X");
    break;

  case 0x59:
    sprintf(key_str, "Y");
    break;

  case 0x5A:
    sprintf(key_str, "Z");
    break;

  case 0x70:
    sprintf(key_str, "F1");
    break;

  case 0x71:
    sprintf(key_str, "F2");
    break;

  case 0x72:
    sprintf(key_str, "F3");
    break;

  case 0x73:
    sprintf(key_str, "F4");
    break;

  case 0x74:
    sprintf(key_str, "F5");
    break;

  case 0x75:
    sprintf(key_str, "F6");
    break;

  case 0x76:
    sprintf(key_str, "F7");
    break;

  case 0x77:
    sprintf(key_str, "F8");
    break;

  case 0x78:
    sprintf(key_str, "F9");
    break;

  case 0x79:
    sprintf(key_str, "F10");
    break;

  case 0x7A:
    sprintf(key_str, "F11");
    break;

  case 0x7B:
    sprintf(key_str, "F12");
    break;

  case 0x7C:
    sprintf(key_str, "F13");
    break;

  case 0x7D:
    sprintf(key_str, "F14");
    break;

  case 0x7E:
    sprintf(key_str, "F15");
    break;

  case 0x7F:
    sprintf(key_str, "F16");
    break;

  case 0x80:
    sprintf(key_str, "F17");
    break;

  case 0x81:
    sprintf(key_str, "F18");
    break;

  case 0x82:
    sprintf(key_str, "F19");
    break;

  case 0x83:
    sprintf(key_str, "F20");
    break;

  case 0x84:
    sprintf(key_str, "F21");
    break;

  case 0x85:
    sprintf(key_str, "F22");
    break;

  case 0x86:
    sprintf(key_str, "F23");
    break;

  case 0x87:
    sprintf(key_str, "F24");
    break;

  case 0x90:
    sprintf(key_str, "NUM LOCK");
    break;

  case 0x91:
    sprintf(key_str, "SCROLL LOCK");
    break;
  }

  return yr_strdup(key_str);
}

Coverage Report

Created: 2023-09-25 07:15

Line	Count	Source (jump to first uncovered line)
1		#include <stdio.h>
2		#include <string.h>
3		#include <yara/endian.h>
4		#include <yara/integers.h>
5		#include <yara/lnk.h>
6		#include <yara/lnk_utils.h>
7		#include <yara/mem.h>
8		#include <yara/strutils.h>
9		#include <yara/utils.h>
10
11		uint64_t convertWindowsTimeToUnixTime(uint64_t input)
12	0	{
13		// https://stackoverflow.com/questions/6161776/convert-windows-filetime-to-second-in-unix-linux
14	0	long long int temp;
15	0	temp = input / TICKS_PER_SECOND; // convert from 100ns intervals to seconds;
16	0	temp = temp - EPOCH_DIFFERENCE; // subtract number of seconds between epochs
17	0	return temp;
18	0	}
19
20		char* get_hotkey_char(uint8_t key)
21	0	{
22	0	char key_str[64];
23	0	key_str[0] = '\0';
24
25	0	switch (key)
26	0	{
27	0	case 0x30:
28	0	sprintf(key_str, "0");
29	0	break;
30
31	0	case 0x31:
32	0	sprintf(key_str, "1");
33	0	break;
34
35	0	case 0x32:
36	0	sprintf(key_str, "2");
37	0	break;
38
39	0	case 0x33:
40	0	sprintf(key_str, "3");
41	0	break;
42
43	0	case 0x34:
44	0	sprintf(key_str, "4");
45	0	break;
46
47	0	case 0x35:
48	0	sprintf(key_str, "5");
49	0	break;
50
51	0	case 0x36:
52	0	sprintf(key_str, "6");
53	0	break;
54
55	0	case 0x37:
56	0	sprintf(key_str, "7");
57	0	break;
58
59	0	case 0x38:
60	0	sprintf(key_str, "8");
61	0	break;
62
63	0	case 0x39:
64	0	sprintf(key_str, "9");
65	0	break;
66
67	0	case 0x41:
68	0	sprintf(key_str, "A");
69	0	break;
70
71	0	case 0x42:
72	0	sprintf(key_str, "B");
73	0	break;
74
75	0	case 0x43:
76	0	sprintf(key_str, "C");
77	0	break;
78
79	0	case 0x44:
80	0	sprintf(key_str, "D");
81	0	break;
82
83	0	case 0x45:
84	0	sprintf(key_str, "E");
85	0	break;
86
87	0	case 0x46:
88	0	sprintf(key_str, "F");
89	0	break;
90
91	0	case 0x47:
92	0	sprintf(key_str, "G");
93	0	break;
94
95	0	case 0x48:
96	0	sprintf(key_str, "H");
97	0	break;
98
99	0	case 0x49:
100	0	sprintf(key_str, "I");
101	0	break;
102
103	0	case 0x4A:
104	0	sprintf(key_str, "J");
105	0	break;
106
107	0	case 0x4B:
108	0	sprintf(key_str, "K");
109	0	break;
110
111	0	case 0x4C:
112	0	sprintf(key_str, "L");
113	0	break;
114
115	0	case 0x4D:
116	0	sprintf(key_str, "M");
117	0	break;
118
119	0	case 0x4E:
120	0	sprintf(key_str, "N");
121	0	break;
122
123	0	case 0x4F:
124	0	sprintf(key_str, "O");
125	0	break;
126
127	0	case 0x50:
128	0	sprintf(key_str, "P");
129	0	break;
130
131	0	case 0x51:
132	0	sprintf(key_str, "Q");
133	0	break;
134
135	0	case 0x52:
136	0	sprintf(key_str, "R");
137	0	break;
138
139	0	case 0x53:
140	0	sprintf(key_str, "S");
141	0	break;
142
143	0	case 0x54:
144	0	sprintf(key_str, "T");
145	0	break;
146
147	0	case 0x55:
148	0	sprintf(key_str, "U");
149	0	break;
150
151	0	case 0x56:
152	0	sprintf(key_str, "V");
153	0	break;
154
155	0	case 0x57:
156	0	sprintf(key_str, "W");
157	0	break;
158
159	0	case 0x58:
160	0	sprintf(key_str, "X");
161	0	break;
162
163	0	case 0x59:
164	0	sprintf(key_str, "Y");
165	0	break;
166
167	0	case 0x5A:
168	0	sprintf(key_str, "Z");
169	0	break;
170
171	0	case 0x70:
172	0	sprintf(key_str, "F1");
173	0	break;
174
175	0	case 0x71:
176	0	sprintf(key_str, "F2");
177	0	break;
178
179	0	case 0x72:
180	0	sprintf(key_str, "F3");
181	0	break;
182
183	0	case 0x73:
184	0	sprintf(key_str, "F4");
185	0	break;
186
187	0	case 0x74:
188	0	sprintf(key_str, "F5");
189	0	break;
190
191	0	case 0x75:
192	0	sprintf(key_str, "F6");
193	0	break;
194
195	0	case 0x76:
196	0	sprintf(key_str, "F7");
197	0	break;
198
199	0	case 0x77:
200	0	sprintf(key_str, "F8");
201	0	break;
202
203	0	case 0x78:
204	0	sprintf(key_str, "F9");
205	0	break;
206
207	0	case 0x79:
208	0	sprintf(key_str, "F10");
209	0	break;
210
211	0	case 0x7A:
212	0	sprintf(key_str, "F11");
213	0	break;
214
215	0	case 0x7B:
216	0	sprintf(key_str, "F12");
217	0	break;
218
219	0	case 0x7C:
220	0	sprintf(key_str, "F13");
221	0	break;
222
223	0	case 0x7D:
224	0	sprintf(key_str, "F14");
225	0	break;
226
227	0	case 0x7E:
228	0	sprintf(key_str, "F15");
229	0	break;
230
231	0	case 0x7F:
232	0	sprintf(key_str, "F16");
233	0	break;
234
235	0	case 0x80:
236	0	sprintf(key_str, "F17");
237	0	break;
238
239	0	case 0x81:
240	0	sprintf(key_str, "F18");
241	0	break;
242
243	0	case 0x82:
244	0	sprintf(key_str, "F19");
245	0	break;
246
247	0	case 0x83:
248	0	sprintf(key_str, "F20");
249	0	break;
250
251	0	case 0x84:
252	0	sprintf(key_str, "F21");
253	0	break;
254
255	0	case 0x85:
256	0	sprintf(key_str, "F22");
257	0	break;
258
259	0	case 0x86:
260	0	sprintf(key_str, "F23");
261	0	break;
262
263	0	case 0x87:
264	0	sprintf(key_str, "F24");
265	0	break;
266
267	0	case 0x90:
268	0	sprintf(key_str, "NUM LOCK");
269	0	break;
270
271	0	case 0x91:
272	0	sprintf(key_str, "SCROLL LOCK");
273	0	break;
274	0	}
275
276	0	return yr_strdup(key_str);
277	0	}