| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
This implements hivex_node_set_values which is used to
delete the (key, value) pairs at a node and optionally
replace them with a new set.
This also implements hivex_commit which is used to commit
changes to hives back to disk.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If this flag is omitted (as in the case for all existing callers)
then the hive is still opened read-only.
We add a 'writable' flag to the hive handle, and we change the way
that the hive file (data) is stored. The data is still mmapped if
the file is opened read-only, since that is more efficient and allows
us to handle larger hives. However if we need to write to the file
then we have to read it all into memory, since if we had to extend the
file we need to realloc that data.
Note the manpage section L</WRITING TO HIVE FILES> comes in a later
commit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit is not of general interest. It contains the tools which
I used to reverse engineer the hive format and to test changes.
Keeping these with the rest of the code is useful in case in future
we encounter a hive file that we fail to modify.
Note that the tools are not compiled by default. You have to compile
each explicitly with:
make -C hivex/tools <toolname>.opt
You will also need ocaml-extlib-devel and ocaml-bitstring-devel.
|
| | |
|
| |
|
|
|
|
| |
When hivexsh was called non-interactively, it would print an
annoying extra line. Only print this line if we are being
used interactively.
|
| |
|
|
|
|
|
|
| |
Make the result of isatty into a global variable (is_tty).
Change the rl_gets() function so it takes the prompt string
instead of a "display prompt?" flag. rl_gets() then consults
the global to find out if it should display the prompt at all.
|
| | |
|
| | |
|
| |
|
|
| |
This allows us to reuse these macros in hivexsh later.
|
| |
|
|
|
|
| |
hivexget is currently a large C program. Now that we have hivexsh
(the shell) we can reimplement hivexget as a simple bash script that
calls out to hivexsh.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds the calls to setlocale &c to all of the current
C programs.
It also adds l10n support to hivexget and hivexml which lacked them
previously.
To test this, try:
LANG=pa_IN.UTF-8 guestfish --cmd-help
(You can only do this test after installing the package, or at
least the 'pa.mo' mo-file in the correct place).
|
| | |
|
| |
|
|
|
|
| |
Update these fields with what we found out from reverse engineering
the file. Also bring the unknownX field names into line with
visualizer.ml.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This was missing. It only worked because we test on a little
endian platform.
|
| |
|
|
| |
Taken from sentinelchicken.com documentation.
|
| |
|
|
|
|
|
|
|
|
|
| |
Modify the functions that return child subnodes and values so they
can also be used to return a list of the intermediate blocks. This
is so we can delete those intermediate blocks (in a later commit).
We also introduce an offset_list structure which is used for collecting
lists of offsets, ie. lists of nodes, values or blocks.
Note that this commit should not change the semantics of the code.
|
| |
|
|
|
|
|
|
|
|
| |
The visitor currently contains lots of value_* callbacks, such as
value_string which is called back when the value has type string.
This is fine but it makes it complicated to deal with the case where
you just want to see 'a value', and don't care about its type.
The value_any callback allows visitors to see values generically.
|
| |
|
|
| |
This function can be reused later.
|
| |
|
|
|
|
|
|
| |
The documentation, as usual, is contradictory. However this
field is definitely the page size in all observed registries.
Furthermore the following field marked 'unknown' is always
zero, although this contradicts what the sentinelchicken.com
paper says.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Don't pollute the public header file with these macros.
|
| | |
|
| |
|
|
|
| |
* hivex/hivexget.c (EXIT_NOT_FOUND): Define.
(main): Use exit (EXIT_NOT_FOUND), not "exit (2)".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert all uses automatically, via these two commands:
git grep -l '\<exit *(1)' \
| grep -vEf .x-sc_prohibit_magic_number_exit \
| xargs --no-run-if-empty \
perl -pi -e 's/\b(exit ?)\(1\)/$1(EXIT_FAILURE)/'
git grep -l '\<exit *(0)' \
| grep -vEf .x-sc_prohibit_magic_number_exit \
| xargs --no-run-if-empty \
perl -pi -e 's/\b(exit ?)\(0\)/$1(EXIT_SUCCESS)/'
* .x-sc_prohibit_magic_number_exit: New file.
Edit (RWMJ): Don't change Java code.
|
| |
|
|
|
| |
git grep -l 'strcmp *([^=]*== *0'|xargs \
perl -pi -e 's/\bstrcmp( *\(.*?\)) *== *0/STREQ$1/g'
|
| |
|
|
|
| |
git grep -l 'strncmp *([^=]*== *0'|xargs \
perl -pi -e 's/\bstrncmp( *\(.*?\)) *== *0\b/STREQLEN$1/g'
|
| |
|
|
|
| |
git grep -l 'strcasecmp *([^=]*== *0'| xargs \
perl -pi -e 's/\bstrcasecmp( *\(.*?\)) *== *0/STRCASEEQ$1/'
|
| |
|
|
|
|
| |
* src/guestfs.h: Define STREQ and company.
* daemon/daemon.h: Likewise.
* hivex/hivex.h: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
| |
* HACKING: Expand indentation TABs.
* configure.ac: Likewise.
* daemon/daemon.h: Likewise.
* daemon/guestfsd.c: Likewise.
* fuse/guestmount.c: Likewise.
* hivex/LICENSE: Likewise.
* src/generator.ml: Likewise.
* tools/virt-win-reg: Likewise.
|
| |
|
|
| |
* hivex/hivex.c: Remove unused "#include <assert.h>".
|
| |
|
|
|
| |
* hivex/hivex.c (windows_utf16_to_utf8): Avoid overflow and a
potential infloop.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
