[Libguestfs] [PATCH] Add a minimal hive with "special" keys and values

--- images/README | 15 +++++++++++++++ images/mkzero/Makefile | 7 +++++++ images/mkzero/mkzero.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ images/special | Bin 0 -> 8192 bytes 4 files changed, 70 insertions(+) create mode 100644 images/mkzero/Makefile create mode 100644 images/mkzero/mkzero.c create mode 100644 images/special diff --git a/images/README b/images/README index 2131885..34c65f3 100644 --- a/images/README +++ b/images/README @@ -11,3 +11,18 @@ hand-crafted binary blob. tests. - Richard W.M. Jones 2010-02-24. + +'special' was created by importing 'minimal' into a VM running Windows +XP and loading it into HKEY_LOCAL_MACHINE\minimal using regedit.exe +(File/Load Hive...) + +- A subkey 'asdf_äöüß' was created in the root node + - An empty REG_STRING value 'asdf_äöüß' was created within that node. +- A subkey 'weird™' was created in the root node. + - An empty REG_STRING value 'symbols $£₤₧€' (SMALL DOLLAR SIGN, + FULLWIDTH POUND SIGN, PESETA SIGN, EURO SIGN) was created within + that node. +- A subkey 'zero\0key' with an REG_DWORD value 'zero\0val' + was created using the 'mkzero/mkzero.c'. (\0 = zero character) + +- Hilko Bengen 2014-01-10. diff --git a/images/mkzero/Makefile b/images/mkzero/Makefile new file mode 100644 index 0000000..4d33ade --- /dev/null +++ b/images/mkzero/Makefile @@ -0,0 +1,7 @@ +CROSS=i686-w64-mingw32- + +all: mkzero.exe +mkzero.exe: mkzero.o + $(CROSS)gcc -o $@ $< -lntdll +%.o: %.c + $(CROSS)gcc -o $@ -c $< diff --git a/images/mkzero/mkzero.c b/images/mkzero/mkzero.c new file mode 100644 index 0000000..1b50b22 --- /dev/null +++ b/images/mkzero/mkzero.c @@ -0,0 +1,48 @@ +/* use the NT native API to create registry key and value that contain + a zero character */ + +#include <ntdef.h> +#include <stdio.h> +#include <ddk/wdm.h> +#include <windef.h> + +int main (int argc, char **argv) +{ + NTSTATUS rc; + + UNICODE_STRING root_key_name; + RtlInitUnicodeString(&root_key_name, L"\\Registry\\Machine\\minimal"); + OBJECT_ATTRIBUTES root_key_obj; + InitializeObjectAttributes (&root_key_obj, &root_key_name, + OBJ_OPENIF | OBJ_CASE_INSENSITIVE, + NULL, NULL); + HANDLE minimal_key_handle; + rc = ZwCreateKey (&minimal_key_handle, KEY_ALL_ACCESS, &root_key_obj, + 0, NULL, REG_OPTION_NON_VOLATILE, NULL); + if (!NT_SUCCESS (rc)) { + printf("error: CreateKey <HKLM\\minimal>: 0x%08x\n", rc); + exit(1); + } + + UNICODE_STRING key_name = {16, 16, L"zero\0key"}; + OBJECT_ATTRIBUTES key_obj; + InitializeObjectAttributes (&key_obj, &key_name, + OBJ_OPENIF | OBJ_CASE_INSENSITIVE, + minimal_key_handle, NULL); + HANDLE key_handle; + rc = ZwCreateKey (&key_handle, KEY_ALL_ACCESS, &key_obj, + 0, NULL, REG_OPTION_NON_VOLATILE, NULL); + if (!NT_SUCCESS (rc)) { + printf("error: CreateKey: 0x%08x\n", rc); + exit(1); + } + + UNICODE_STRING value_name = {16, 16, L"zero\0val"}; + DWORD value = 0; + rc = ZwSetValueKey (key_handle, &value_name, 0, + REG_DWORD, &value, sizeof(value)); + if (!NT_SUCCESS (rc)) { + printf("error: SetValueKey: 0x%08x\n", rc); + exit(1); + } +} diff --git a/images/special b/images/special new file mode 100644 index 0000000000000000000000000000000000000000..8aa4f2254af7b52f0a79061a7288c2128eee7b63 GIT binary patch literal 8192 zcmeHLziU%b6h28COhb#$Ul4=fYx@MLKL!^^6)M(2Dk4tBk~GnVmnM=(q~Z`n)IUHs zhkyk;I61kvcM)}{1Q$C94muRkP^1{Y@7_GxmnJ$170!YC?z!ijckape-TNS?oV$K) zEF!{jqOm&ic<4<8s>CoT)Lkl$)hjY3XCy0gl9wVzMQ%!2(s-6IPszCCVDruT2G&8` z9AXO0qq1!fXx39_w@ooxh$5f}C<2OrBA^H;0*Zhlpa>`eioicbU^bI4nho&(K9Haf zz;(UVY8CyX^5XN4gX|5^c6x_M9~H=AzX(EF)H&DM^IjS{WDsl5^DbVRygYe);`|l5 zmwvTc6<;J7wSyZRz#}64kJx;0%#I?=7nQG);7gK}{a8it4kYH{F-$#?#6xOZ>|NqV zd&C<%;!nxWP=0qK-r1br*ioH{x3$K0vx<a4z%k7f)M#uy^M+y#w4Hl|^N6ef>#83Y zz+dBbm`$(dcCK8KYPzrn|4Y=<FmVGw%f_)pj&x=wJN>D-{t;aqV!DdB6*xGaxzF8t zo0l4V94u-aKJapH5c6RSisfa^^5XR1CDntMF7XEcF7d{W_^!Oz_^rG+U3f`_u(rH7 zp3Q5UUa@`nU5h8*=k9#*hDN7n{O|m&;rA>@e~6Ft@U?kmJ59(>9P_z7$1d1=Ci3&h zu4c7;&s_Kd0X;?x>>!)>g@(ZILg5jm@Sfd5A1;rMTvkSgX(I!L*{Io*`#r=jSYEha zBJU3JaZr}9uKKCad7-@`^XTPe(B&&Ycg2&Zvf%Qh&>MUwTv>ne?$F)8)E`Hoo%OT6 zp#A~q8|RbR?Kv*Y_Q?e5yt@40bx{9XtY3ZeKG-PmhWd-X8~R?kffF;_Mu=krkIp*C oOB)Kqjk!;LZoXkZJexA9st70oihv@Z2q*%IfFhs>{C^1i23(Tu`2YX_ literal 0 HcmV?d00001 -- 1.8.5.2