yara: Add patches to fix build on Linux

- No need for linux/magic.h - pread64 is not recognized by musl-gcc. Also fix pkg_PATCHES system to support more than one patch, as originally intended.
spyre-project · Feb 20, 2024 · 39c617c · 39c617c
1 parent 76f8d07
commit 39c617c
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 1 deletion.
diff --git a/3rdparty.mk b/3rdparty.mk
@@ -41,6 +41,7 @@ endef
 
 yara_VERSION := 4.5.0
 yara_URL     := https://github.com/VirusTotal/yara/archive/v$(yara_VERSION).tar.gz
+yara_PATCHES := yara-nomagic.patch yara-pread.patch
 yara_ARCHS   := $(3rdparty_ARCHS)
 # This is executed in the source directory
 yara_PREP    := ./bootstrap.sh
@@ -81,7 +82,7 @@ define unpack_TEMPLATE
 _3rdparty/src/$1-$($1_VERSION)/.unpack-stamp: _3rdparty/archive/$1-$($1_VERSION).tar.gz
 	@mkdir -p $$(@D)
 	$(TAR) --strip=1 -xzf $$^ -C $$(@D)
-	$(foreach patch,$($1_PATCHES),patch -p1 -d $$(@D) < _3rdparty/$(patch)$(\n))
+	$(foreach patch,$($1_PATCHES),patch -p1 -d $$(@D) < _3rdparty/$(patch); )
 	$(if $($1_PREP),cd $$(@D) && $($1_PREP))
 	touch $$@
 endef

diff --git a/_3rdparty/yara-nomagic.patch b/_3rdparty/yara-nomagic.patch
@@ -0,0 +1,13 @@
+diff --git a/libyara/filemap.c b/libyara/filemap.c
+index f8d06720..0b88640d 100644
+--- a/libyara/filemap.c
++++ b/libyara/filemap.c
+@@ -159,7 +159,7 @@ YR_API int yr_filemap_map_fd(
+
+ #ifdef __linux__
+ #include <sys/vfs.h>
+-#include <linux/magic.h>
++#define PROC_SUPER_MAGIC       0x9fa0
+ #endif
+
+ #define MAP_EXTRA_FLAGS 0
diff --git a/_3rdparty/yara-pread.patch b/_3rdparty/yara-pread.patch
@@ -0,0 +1,31 @@
+diff --git a/libyara/proc/linux.c b/libyara/proc/linux.c
+index 72f2ab48..d57788fd 100644
+--- a/libyara/proc/linux.c
++++ b/libyara/proc/linux.c
+@@ -249,7 +249,7 @@ YR_API const uint8_t* yr_process_fetch_memory_block_data(YR_MEMORY_BLOCK* block)
+   // target process VM.
+   if (fd == -1)
+   {
+-    if (pread64(
++    if (pread(
+             proc_info->mem_fd,
+             (void*) context->buffer,
+             block->size,
+@@ -265,7 +265,7 @@ YR_API const uint8_t* yr_process_fetch_memory_block_data(YR_MEMORY_BLOCK* block)
+     {
+       goto _exit;
+     }
+-    if (pread64(
++    if (pread(
+             proc_info->pagemap_fd,
+             pagemap,
+             sizeof(uint64_t) * block->size / page_size,
+@@ -284,7 +284,7 @@ YR_API const uint8_t* yr_process_fetch_memory_block_data(YR_MEMORY_BLOCK* block)
+       // swap-backed and if it differs from our mapping.
+       uint8_t buffer[page_size];
+
+-      if (pread64(
++      if (pread(
+               proc_info->mem_fd,
+               buffer,
+               page_size,