def find_matching_rule(self, frame):
#initialze rule to none to return if no matching rules are found
rule = None
#check if frame matches exact rule
if(frame.strFrame in self.dictExactFrame):
rule = self.dictExactFrame[frame.strFrame];
#check if frame matches rule with an exact module
if (rule is None and frame.strModule in self.dictExactModule):
ruleIdx = self.__find_indexof_first_match(frame.strRoutine, [rule.strRoutine for rule in self.dictExactModule[frame.strModule]])
if (ruleIdx >= 0):
rule = self.dictExactModule[frame.strModule][ruleIdx]
#check if frame matches rule with an exact routine
if (rule is None and frame.strRoutine in self.dictExactRoutine):
ruleIdx = self.__find_indexof_first_match(frame.strRoutine, [rule.strModule for rule in self.dictExactRoutine[frame.strRoutine]])
if (ruleIdx >= 0):
rule = self.dictExactModule[frame.strModule][ruleIdx]
#check if frame matches wildcard rule
ruleIdx = self.__find_indexof_first_match(frame.strRoutine, [rule.strFrame for rule in self.lstWildRules])
if (ruleIdx >= 0):
rule = self.lstWildRules[ruleIdx]
return rule
## private - finds the index of the first wildcard expression matching the specified string
## str - string to find a matching expression
## lstExpr - a list of expression to evaluate against the specified string
评论列表
文章目录
