Refactor how file analysis actions are tracked.

The Info record now uses a "table[ActionArgs] of ActionResults", which allows for simultaneous actions of a given type as long as other args (fields in the ActionArgs record) are different.
2025-10-10 10:38:20 +00:00 · 2013-02-25 16:35:42 -06:00 · 2013-02-25 16:35:42 -06:00 · 691622b3aa
commit 691622b3aa
parent 4b30cc2e24
13 changed files with 233 additions and 158 deletions
--- a/src/file_analysis/Action.h
+++ b/src/file_analysis/Action.h
@ -16,7 +16,11 @@ class Info;
 class Action {
 public:

-	virtual ~Action() {}
+	virtual ~Action()
+		{
+		DBG_LOG(DBG_FILE_ANALYSIS, "Destroy action %d", tag);
+		Unref(args);
+		}

 	/**
 	 * Subclasses may override this to receive file data non-sequentially.
@ -50,17 +54,40 @@ public:
 	virtual bool Undelivered(uint64 offset, uint64 len)
 		{ return true; }

+	/**
+	 * @return the action type enum value.
+	 */
 	ActionTag Tag() const { return tag; }

+	/**
+	 * @return the ActionArgs associated with the aciton.
+	 */
+	RecordVal* Args() const { return args; }
+
+	/**
+	 * @return the action tag equivalent of the 'act' field from the ActionArgs
+	 *         value \a args.
+	 */
+	static ActionTag ArgsTag(const RecordVal* args)
+		{
+		using BifType::Record::FileAnalysis::ActionArgs;
+		return static_cast<ActionTag>(
+		               args->Lookup(ActionArgs->FieldOffset("act"))->AsEnum());
+		}
+
 protected:

-	Action(Info* arg_info, ActionTag arg_tag) : info(arg_info), tag(arg_tag) {}
+	Action(RecordVal* arg_args, Info* arg_info)
+	    : tag(Action::ArgsTag(arg_args)), args(arg_args->Ref()->AsRecordVal()),
+	      info(arg_info)
+		{}

-	Info* info;
 	ActionTag tag;
+	RecordVal* args;
+	Info* info;
 };

-typedef Action* (*ActionInstantiator)(const RecordVal* args, Info* info);
+typedef Action* (*ActionInstantiator)(RecordVal* args, Info* info);

 } // namespace file_analysis