# Copyright (c) 2019. The YARA Authors. All Rights Reserved.
#
# Redistribution and use in source and binary forms, with or without modification,
# are permitted provided that the following conditions are met:
#
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation and/or
# other materials provided with the distribution.
#
# 3. Neither the name of the copyright holder nor the names of its contributors
# may be used to endorse or promote products derived from this software without
# specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

load("@rules_cc//cc:defs.bzl", "cc_proto_library")
load("@rules_proto//proto:defs.bzl", "proto_library")
load(
    "@com_google_sandboxed_api//sandboxed_api/bazel:proto.bzl",
    "sapi_proto_library",
)
load(
    "@com_google_sandboxed_api//sandboxed_api/bazel:sapi.bzl",
    "sapi_library",
)

# Proto message that stores YARA matches. Used to communicate matches from
# the sandboxee to the host code.
sapi_proto_library(
    name = "yara_matches",
    srcs = ["yara_matches.proto"],
)

# Library with a callback function to collect YARA matches into a YaraMatches
# proto
cc_library(
    name = "collect_matches",
    srcs = ["collect_matches.cc"],
    hdrs = ["collect_matches.h"],
    visibility = ["//visibility:public"],
    deps = [
        ":yara_matches_cc_proto",
        "//:yara",
    ],
)

# The sandboxee side of the YARA sandbox. This implements a dispatch queue
# shared by multiple worker threads. YARA rules are shared across all threads
# to keep memory usage down.
cc_library(
    name = "yara_entry_points",
    srcs = ["yara_entry_points.cc"],
    deps = [
        ":collect_matches",
        ":yara_matches_cc_proto",
        "//:libyara",
        "@com_google_absl//absl/base:core_headers",
        "@com_google_absl//absl/container:node_hash_map",
        "@com_google_absl//absl/strings",
        "@com_google_absl//absl/synchronization",
    ],
    alwayslink = 1,
)

# Sandboxed API for YARA. This is what clients of this library should use. The
# API is intentionally minimal and may be extended in the future.
# See the "sandboxed-yara" target for an example on how to use this from code.
sapi_library(
    name = "yara_sapi",
    srcs = ["yara_transaction.cc"],
    hdrs = ["yara_transaction.h"],
    embed = True,
    functions = [
        "YaraAsyncScanFd",
        "YaraGetScanResult",
        "YaraInitWorkers",
        "YaraLoadRules",
    ],
    input_files = ["yara_entry_points.cc"],
    lib = ":yara_entry_points",
    lib_name = "Yara",
    namespace = "yara::sandbox",
    visibility = ["//visibility:public"],
    deps = [
        ":yara_matches_cc_proto",
        "//:yara_errors",
        "@com_google_absl//absl/memory",
        "@com_google_absl//absl/synchronization",
        "@com_google_absl//absl/time",
        "@com_google_sandboxed_api//sandboxed_api/sandbox2/util:bpf_helper",
        "@com_google_sandboxed_api//sandboxed_api/util:status",
    ],
)

cc_test(
    name = "yara_transaction_test",
    srcs = ["yara_transaction_test.cc"],
    deps = [
        ":yara_sapi",
        "@com_google_googletest//:gtest_main",
        "@com_google_sandboxed_api//sandboxed_api/util:status_matchers",
    ],
)

# Sandboxed command-line executable demonstrating how to use the YARA SAPI.
cc_binary(
    name = "sandboxed_yara",
    srcs = ["sandboxed_yara.cc"],
    deps = [
        ":yara_sapi",
        "@com_google_absl//absl/flags:parse",
        "@com_google_absl//absl/strings",
    ],
)