Merge pull request #594 from kernelwernel/dev

New arg handler and guidelines

Author: kernelwernel

.github/workflows/updater.yml

@@ -0,0 +1,35 @@
+name: Python script to update documentations and header details on merge
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  run-script:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+
+      - name: Install dependencies
+        run: |
+          pip install -r requirements.txt || true  # skip if no file
+
+      - name: Run script
+        run: python auxiliary/updater.py
+
+      - name: Commit and push changes
+        if: success()
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add -A
+          git diff-index --quiet HEAD || git commit -m "Automated update after merge"
+          git push

CONTRIBUTING.md

@@ -8,34 +8,79 @@ Also, please consider adding your name and github in the vmaware.hpp file and th
 
 
 ## Translations
-If you're making translations, please make sure that you actually speak the language, and you have the intention to be as accurate as possible. 
-
-What you SHOULDN'T translate are:
-- text that's in a codeblock
-- text in images
-- text of usernames
-- code
-- and other stuff that should obviously not be translated.
+If you're making translations, please make sure that you have the intention to be as accurate as possible. If you're unsure which parts should be translated or not, you can use the other translated files as a reference to guide you.
 
 Using translation software like google translate is allowed, but only if you cross-check between the english and translation version to verify if it's done correctly.
 
 The README is quite big, so this is quite an effort. I'm sure you have better thing to do in your life but if you can do this, it would be greatly appreciated :)
 
 
 ## Code contributions
-If you're making code changes to the cli or header file, we have a useful script at `auxiliary/updater.py` that will update:
-- the section line numbers in the header banner
-- the date of the update
-- and the library documentation for technique links
-
-It's highly recommended to use this script before sending the PR so that all the above don't have to be manually updated, which can be time consuming and can potentially creep in some human errors. 
+The general rules are:
+- Keep it C++11 compatible, this is extremely important
+- Use snake_case 
+- Be as simple as possible
+- Prefer readability over aggressive optimisations (especially intrinsics)
+- Keep indentations at a minimum
+- Don't create huge one-liners, try to break down statements line by line
+- Write as few lines as possible for what you're trying to achieve
+- Document your code and intentions very clearly, but don't overdo them for very obvious code.
+- Avoid `std::function`, `std::shared_ptr`, `std::bind`, `std::list`, or very obscure C++ features.
+- Indent size should be 4 spaces
+
+There are other formatting rules, which will be covered with a demonstration:
+
+```cpp
+int main() {
+    const u32 number = 10; // 1. use const whenever it should be used.
+                           // 2. use the rust integral type convention from 8 to 64 (i.e. i8, u16, u64, etc...)
+                           // 3. keep the names as simple and clear as possible, don't call it "n", call it "number".
+                           //    Try to name the variables into something that can universally be discerned by anybody,
+                           //    Make sure it's also context-aware and should make sense. Calling it "tmp" is also fine.
+                           //    Consistency is also key in this aspect, don't do "u32 number = find_num()", do find_number(). 
+
+    if (number >= 54) { // 4. avoid magic numbers, put a comment or make a constexpr variable prior to using it,
+        something();    //    preferably the latter.
+    } else if (number) {  // 5. make the if, else if, and else statement lines the same without breaking lines, so don't do:
+        something_else(); //    if () 
+    }                     //    {
+                          //       something();
+                          //    }
+                          //    else 
+                          //    {
+                          //       something_else(); 
+                          //    }
+                          //    
+                          // try to follow as shown in this actual demonstration.
+
+    if (
+        ((number % 4) == 0) && // 6. use separate lines for each statement of a condition check. While this might look ok
+        (number > 50) &&       //    on a single line, in practice your conditions will most likely not be as short and 
+        (number < 100)         //    and simple as this. Try to avoid multiple condition checks in a single line for simplicity.
+    ) {
+        something()
+    }
+
+
+    for (u8 i = 0; i < number; i++) { // 6. Be as simple as possible without using fancy features like iterators if it's not necessary.
+        something();
+    }
+
+    // Other rules will be added in the future, this is just a rough guideline for the moment.
+}
+```
+
+> [!WARNING]
+> ## Note from the developer:
+> It should be mentioned that not all of the codebase is formatted this way. This standard guideline has been introduced 2 years after the project has started, and the lack of any guideline has resulted in the codebase looking fragmented, inconsistent, and very different in some portions due to differing coding styles among developers. This is completely my fault, and it has accumulated technical debt over the years. Although the current state isn't formatted consistently, the guideline is meant to slowly evolve the library into a much simpler version that's approachable to anybody trying to contribute and read through the code.
 
 
 ## I want to add a new technique, how would I do that?
 There's a few steps that should be taken:
 1. Make sure to add the technique name in the enums of all the techniques in the appropriate place.
 2. Add the technique function itself in the technique section of the library. Make sure to add it in the right place, as there's preprocessor directives for each platform (Linux, Windows, and Apple)
 3. Add the technique in the technique table situated at the end of the header file. The score should be between 10 and 100. Although there are exceptions, it's advised to follow the aforementioned score range.
+4. Add it to the CLI's technique runner list.
 
 
 ## I want to make a major change to the library

docs/documentation.md

@@ -416,6 +416,9 @@ struct vmaware {
     std::uint8_t percentage;
     std::uint8_t detected_count;
     std::uint8_t technique_count;
+    std::vector<enum_flags> detected_techniques;
+    std::vector<std::string> detected_technique_strings;
+    std::vector<enum_flags> disabled_techniques;
 }; 
 ```
 
@@ -534,7 +537,7 @@ VMAware provides a convenient way to not only check for VMs, but also have the f
 | `VM::VMWARE_IOMEM` | Check for VMware string in /proc/iomem | 🐧 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L5094) |
 | `VM::VMWARE_IOPORTS` | Check for VMware string in /proc/ioports | 🐧 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L5606) |
 | `VM::VMWARE_SCSI` | Check for VMware string in /proc/scsi/scsi | 🐧 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L5403) |
-| `VM::VMWARE_DMESG` | Check for VMware-specific device name in dmesg output | 🪟 | 0% | Admin |  | Disabled by default | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L5422) |
+| `VM::VMWARE_DMESG` | Check for VMware-specific device name in dmesg output | 🐧 | 0% | Admin |  | Disabled by default | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L5422) |
 | `VM::VMWARE_STR` | Check str assembly instruction method for VMware | 🪟 | 0% |  | 32-bit |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L7528) |
 | `VM::VMWARE_BACKDOOR` | Check for official VMware io port backdoor technique | 🪟 | 0% |  | 32-bit |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L7553) |
 | `VM::MUTEX` | Check for mutex strings of VM brands | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L7614) |
@@ -584,10 +587,10 @@ VMAware provides a convenient way to not only check for VMs, but also have the f
 | `VM::MAC_SYS` | Check for VM-strings in system profiler commands for MacOS | 🍏 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L7074) |
 | `VM::OBJECTS` | Check for any signs of VMs in Windows kernel object entities | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L9336) |
 | `VM::NVRAM` | Check for known NVRAM signatures that are present on virtual firmware | 🪟 | 0% | Admin |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L9505) |
-| `VM::SMBIOS_INTEGRITY` | Check if SMBIOS is malformed/corrupted in a way that is typical for VMs | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L9958) |
-| `VM::EDID` | Check for non-standard EDID configurations | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L9969) |
-| `VM::CPU_HEURISTIC` | Check whether the CPU is genuine and its reported instruction capabilities are not masked | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L10194) |
-| `VM::CLOCK` | Check the presence of system timers | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L10659) |
+| `VM::SMBIOS_INTEGRITY` | Check if SMBIOS is malformed/corrupted in a way that is typical for VMs | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L9957) |
+| `VM::EDID` | Check for non-standard EDID configurations | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L9968) |
+| `VM::CPU_HEURISTIC` | Check whether the CPU is genuine and its reported instruction capabilities are not masked | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L10193) |
+| `VM::CLOCK` | Check the presence of system timers | 🪟 | 0% |  |  |  | [link](https://github.com/kernelwernel/VMAware/tree/main/src/vmaware.hpp#L10658) |
 <!-- END OF TECHNIQUE DOCUMENTATION -->
 
 <br>

src/cli.cpp

@@ -89,7 +89,6 @@ enum arg_enum : u8 {
     NULL_ARG
 };
 
-constexpr u8 max_bits = static_cast<u8>(VM::MULTIPLE) + 1;
 constexpr u8 arg_bits = static_cast<u8>(NULL_ARG) + 1;
 
 std::bitset<arg_bits> arg_bitset;
@@ -373,24 +372,6 @@ static bool is_unsupported(VM::enum_flags flag) {
     #endif
 }
 
-static std::bitset<max_bits> settings() {
-    std::bitset<max_bits> tmp;
-
-    if (arg_bitset.test(HIGH_THRESHOLD)) {
-        tmp.set(VM::HIGH_THRESHOLD);
-    }
-
-    if (arg_bitset.test(ALL)) {
-        tmp.set(VM::ALL);
-    }
-
-    if (arg_bitset.test(DYNAMIC)) {
-        tmp.set(VM::DYNAMIC);
-    }
-
-    return tmp;
-}
-
 // just a simple string replacer
 static void replace(std::string &text, const std::string &original, const std::string &new_brand) {
     size_t start_pos = 0;
@@ -697,7 +678,11 @@ const bool is_anyrun_driver = anyrun_driver();
 const bool is_anyrun = (is_anyrun_directory || is_anyrun_driver);
 
 
-static void general() {
+static void general(
+    const VM::enum_flags high_threshold, 
+    const VM::enum_flags all,
+    const VM::enum_flags dynamic
+) {
     bool notes_enabled = false;
 
     if (arg_bitset.test(NO_ANSI)) {
@@ -840,8 +825,7 @@ static void general() {
 #endif
 
     // struct containing the whole overview of the VM data
-    VM::vmaware vm(VM::MULTIPLE, settings());
-
+    VM::vmaware vm(VM::MULTIPLE, high_threshold, all, dynamic);
 
     // brand manager
     {
@@ -1036,7 +1020,11 @@ static void general() {
     // finishing touches with notes
     if (notes_enabled) {
         if (vm.detected_count != 0) {
-            std::cout << note << " If you found a false positive, please make sure to create an issue at https://github.com/kernelwernel/VMAware/issues\n\n";
+            std::cout << 
+                note << 
+                " If you found a false positive, please make sure to create\n \
+              an issue at https://github.com/kernelwernel/VMAware/issues\n\n";
+// ^ do not modify the space above
         }
     }
 
@@ -1120,7 +1108,7 @@ int main(int argc, char* argv[]) {
     VM::add_custom(35, anyrun_directory);
 
     if (arg_count == 0) {
-        general();
+        general(VM::NULL_ARG, VM::NULL_ARG, VM::DYNAMIC);
         return 0;
     }
 
@@ -1224,28 +1212,32 @@ int main(int argc, char* argv[]) {
         static_cast<u32>(arg_bitset.test(CONCLUSION))
     );
 
+    const VM::enum_flags high_threshold = (arg_bitset.test(HIGH_THRESHOLD) ? VM::HIGH_THRESHOLD : VM::NULL_ARG);
+    const VM::enum_flags all = (arg_bitset.test(ALL) ? VM::ALL : VM::NULL_ARG);
+    const VM::enum_flags dynamic = (arg_bitset.test(DYNAMIC) ? VM::DYNAMIC : VM::NULL_ARG);
+
     if (returners > 0) { // at least one of the options are set
         if (returners > 1) { // more than 2 options are set
             std::cerr << "--stdout, --percent, --detect, --brand, --type, and --conclusion must NOT be a combination, choose only a single one\n";
             return 1;
         }
 
         if (arg_bitset.test(STDOUT)) {
-            return (!VM::detect(settings()));
+            return (!VM::detect(high_threshold, all, dynamic));
         }
 
         if (arg_bitset.test(PERCENT)) {
-            std::cout << static_cast<u32>(VM::percentage(settings())) << "\n";
+            std::cout << static_cast<u32>(VM::percentage(high_threshold, all, dynamic)) << "\n";
             return 0;
         }
 
         if (arg_bitset.test(DETECT)) {
-            std::cout << VM::detect(settings()) << "\n";
+            std::cout << VM::detect(high_threshold, all, dynamic) << "\n";
             return 0;
         }
 
         if (arg_bitset.test(BRAND)) {
-            std::string brand = VM::brand(VM::MULTIPLE, settings());
+            std::string brand = VM::brand(VM::MULTIPLE, high_threshold, all, dynamic);
 
             if (is_anyrun && (brand == brands::NULL_BRAND)) {
                 brand = "ANY.RUN";
@@ -1257,7 +1249,7 @@ int main(int argc, char* argv[]) {
         }
 
         if (arg_bitset.test(TYPE)) {
-            std::string type = VM::type(VM::MULTIPLE, settings());
+            std::string type = VM::type(VM::MULTIPLE, high_threshold, all, dynamic);
 
             if (is_anyrun && (type == brands::NULL_BRAND)) {
                 type = "Sandbox";
@@ -1269,7 +1261,7 @@ int main(int argc, char* argv[]) {
         }
 
         if (arg_bitset.test(CONCLUSION)) {
-            std::string conclusion = VM::conclusion(VM::MULTIPLE, settings());
+            std::string conclusion = VM::conclusion(VM::MULTIPLE, high_threshold, all, dynamic);
 
             if (is_anyrun) {
                 const std::string original = brands::NULL_BRAND;
@@ -1284,6 +1276,6 @@ int main(int argc, char* argv[]) {
     }
 
     // at this point, it's assumed that the user's intention is for the general summary to be ran
-    general();
+    general(high_threshold, all, dynamic);
     return 0;
-}
+}