#include <stdio.h>
#include <yara.h>

#define YARA_CHAT_RULE "yara_chat.yar"

static YR_COMPILER *comp_ctx;
static YR_RULES *rules;

int chat_callback(int message, void *message_data, void *user_data) {
  /* If we are reacting to a rule match. */
  if(message == CALLBACK_MSG_RULE_MATCHING) {
    YR_RULE *rule_hit = (YR_RULE*)message_data;

    /* Depending upon which rule triggers, craft a witty retort. */
    if(strcmp(rule_hit->identifier, "yes_rule") == 0) {
      printf("How nice of you!!\n");
    } else if(strcmp(rule_hit->identifier, "no_rule") == 0) {
      printf("Well, nevermind then...\n");
    }
  }

  /* To make yara continue scanning, return the following. */
  return CALLBACK_CONTINUE;
}

int
main(int argc, char **argv) {
  /* Initialize libyara */
  yr_initialize(); /* returns int */

  /* Create new compiler instance. */
  yr_compiler_create(&comp_ctx);

  /* Load rule file, and compile it. */
  FILE *rule = fopen(YARA_CHAT_RULE, "r");
  yr_compiler_add_file(comp_ctx, rule, NULL, YARA_CHAT_RULE);
  fclose(rule);

  /* The rules are compiled in memory, so
     when ready, get a handle to them. */
  yr_compiler_get_rules(comp_ctx, &rules);

  /* Next, run a loop asking the user for input, and
     scanning each input for rule hits. */
  for(;;) {
    char *input_line = NULL;
    size_t line_len = 0;
    getline(&input_line, &line_len, stdin); /* XXX: Unsafe, but yolo. */

    /* If end of file, then exit. */
    if(feof(stdin)) {
      break;
    }

    /* Run yara scanner on the data provided by the user. */
    yr_rules_scan_mem(rules,
                      (uint8_t*)input_line,         /* Our buffer. */
                      line_len,           /* Size of input_line */
                      0,                  /* Flags */
                      &chat_callback,      /* Function called for hits. */
                      NULL,               /* userdata */
                      0);                 /* Timeout */
  }
}