Hi all, > On Tue, 20 May 2003, Martin Josefsson wrote: > > > Maybe make it take a length parameter and if it's zero treat null's like > > all other algorithms do and it's non-zero use the length instead. > > Then you can hide it in a wrapper function for the "normal" case that > > just calls the actual search-function but with 0 as length. > > > > Actually, the library that you pointed to seems to have callbacks > associated with every match - so it could be used on string matches. > The author is on the cc. There is only one callback, but it will be called with a per-pattern cb_data pointer (and a per-search cb_data pointer too). > > Well we don't have a that big bread slicer (yet) but take a look at > > libqsearch, it is a library for searching and has been ported to the > > linux kernel by the author. It has support for various algorithms that > > Didnt see anything kernel related in my quick scan. > The library certainly appears sane. Be sure you took the latest version : cvs -d:pserver:anonymous@cvs.prelude-ids.org:/cvsroot/prelude co libqsearch I confirm I ported it to kernel space. To be exact, I ported the API and made a script that generate wrappers for algorithms, that are compiled as-is for kernel space. More infos here: http://www.cartel-securite.fr/pbiondi/libqsearch.html Lot more info here (presentation I made at FOSDEM03) : http://www.cartel-securite.fr/pbiondi/conf/libqsearch.pdf > > have diffrent capabilities, unfortunately I don't think it has an > > algorithm that has support for regexp yet (the framework is there, ie > > the flag that says an algorithm supports regexp). > > It's modular and I don't think it should be that hard to add an regexp > > algorithm. > > it does seems to imply regexp is available but wasnt anywhere i could > find. regexp support was planned but not done yet. (if someone know where I can download more free time !). The implementation should not be that hard, once you have the compiler to transform the string describing the regexp to an automaton. Note that to respect the framework, you have to deal with multiple patterns (should not be that hard). If you have pat1 and pat2, searching for (pat1|pat2) is not sufficient because for each match, you have to point which pattern matched. > > It looks quite nice and it can search for multiple strings at the same > > time and call diffrent callbacks depending on which string matched. > > > > yep, can sed that packet easily with those callbacks ;-> s/val/val2/g Nothing is done to change the content, but you have the position of the match in the buffer. You can modify it yourself. -- Philippe Biondi <biondi@ cartel-securite.fr> Cartel Sécurité Security Consultant/R&D http://www.cartel-securite.fr Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2 - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
