October 2011 - Libguestfs - Libguestfs List Archives

by Hilko Bengen

--- daemon/Makefile.am | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/daemon/Makefile.am b/daemon/Makefile.am index e23ce86..af075d7 100644 --- a/daemon/Makefile.am +++ b/daemon/Makefile.am @@ -42,10 +42,10 @@ noinst_LIBRARIES = libprotocol.a libprotocol_a_SOURCES = guestfs_protocol.c guestfs_protocol.h libprotocol_a_CFLAGS = -Wall -Wno-unused -fno-strict-aliasing -guestfs_protocol.c: $(libsrcdir)/guestfs_protocol.c +guestfs_protocol.c: $(srcdir)/guestfs_protocol.c rm -f $@ ln $< $@ -guestfs_protocol.h: $(libsrcdir)/guestfs_protocol.h +guestfs_protocol.h: $(srcdir)/guestfs_protocol.h rm -f $@ ln $< $@ $(libsrcdir)/guestfs_protocol.c: force -- 1.7.7

12 years, 7 months

2
4
0 / 0

[PATCH febootstrap] Some cleanups for Debian and Ubuntu

by Richard W.M. Jones

I just tried to get libguestfs to compile on Ubuntu 11.10 using the latest febootstrap, and the following patches were necessary for me. They are all just reasonable code cleanups *except* for patch 5/5 which is a gross hack for something I don't understand about how Ubuntu 11.10 multiarch support works. Rich.

12 years, 7 months

2
7
0 / 0

[hivex][PATCH 4/8] ocaml: Add unit test for new RLenValue type

by Alex Nelson

Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu> --- .gitignore | 1 + ocaml/Makefile.am | 1 + ocaml/t/hivex_120_rlenvalue.ml | 42 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 0 deletions(-) create mode 100644 ocaml/t/hivex_120_rlenvalue.ml diff --git a/.gitignore b/.gitignore index 40a4780..9c17ac6 100644 --- a/.gitignore +++ b/.gitignore @@ -67,6 +67,7 @@ ocaml/t/hivex_010_open ocaml/t/hivex_020_root ocaml/t/hivex_100_errors ocaml/t/hivex_110_gc_handle +ocaml/t/hivex_120_rlenvalue ocaml/t/hivex_200_write ocaml/t/hivex_300_fold perl/blib diff --git a/ocaml/Makefile.am b/ocaml/Makefile.am index ca4c111..eb49431 100644 --- a/ocaml/Makefile.am +++ b/ocaml/Makefile.am @@ -59,6 +59,7 @@ TESTS = \ t/hivex_020_root \ t/hivex_100_errors \ t/hivex_110_gc_handle \ + t/hivex_120_rlenvalue \ t/hivex_200_write \ t/hivex_300_fold noinst_DATA += $(TESTS) diff --git a/ocaml/t/hivex_120_rlenvalue.ml b/ocaml/t/hivex_120_rlenvalue.ml new file mode 100644 index 0000000..310c5b9 --- /dev/null +++ b/ocaml/t/hivex_120_rlenvalue.ml @@ -0,0 +1,42 @@ +(* hivex OCaml bindings + * Copyright (C) 2009-2010 Red Hat Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + *) + +(* Demonstrate value_data_cell_offset by looking at the value at + * "\$$$\PROTO.HIV\A\A", verified to be at file offset 297680 (0x48ad0) + * of the large test hive. The returned offset and length for this + * value cell should be 0,0, due to the value data being inline. + *) + + +open Unix +open Printf +let (//) = Filename.concat + +let () = + let h = Hivex.open_file ("../images/large") [] in + let (data_off, data_len) = Hivex.value_data_cell_offset h (Obj.magic 297680:Hivex.value) in + let check_off = assert (data_off == (Obj.magic 0:Hivex.value)) in + let check_len = assert (data_len == 0) in + printf "Offset and length of value data for value metadata at offset 297680 is %d, %d.\n" (Obj.magic data_off:int) (Obj.magic data_len:int); + + Hivex.close h; + + (* Gc.compact is a good way to ensure we don't have + * heap corruption or double-freeing. + *) + Gc.compact () -- 1.7.4.4

12 years, 7 months

2
1
0 / 0

[hivex][PATCH 8/8] hivexml: Add byte run reporting functions

by Alex Nelson

This patch adds value_byte_runs and node_byte_runs. Each byte run represents the offset and length of a data structure within the hive, one per node, and one or two per value depending on the length of the value data. These byte run functions also add additional data sanity checks as a hive is being parsed, mainly checking that a node address actually points to a node, and similarly for values. Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu> --- xml/hivexml.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 files changed, 95 insertions(+), 9 deletions(-) diff --git a/xml/hivexml.c b/xml/hivexml.c index 5030c24..7e5f51c 100644 --- a/xml/hivexml.c +++ b/xml/hivexml.c @@ -208,6 +208,34 @@ filetime_to_8601 (int64_t windows_ticks) return ret; } +#define BYTE_RUN_BUF_LEN 32 + +static int +node_byte_runs (hive_h *h, void *writer_v, hive_node_h node) +{ + xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; + char buf[1+BYTE_RUN_BUF_LEN]; + errno = 0; + size_t node_struct_length = hivex_node_struct_length (h, node); + if (errno) { + if (errno == EINVAL) { + fprintf (stderr, "node_byte_runs: Invoked on what does not seem to be a node (%zu).\n", node); + } + return -1; + } + /* A node has one byte run. */ + XML_CHECK (xmlTextWriterStartElement, (writer, BAD_CAST "byte_runs")); + XML_CHECK (xmlTextWriterStartElement, (writer, BAD_CAST "byte_run")); + memset (buf, 0, 1+BYTE_RUN_BUF_LEN); + snprintf (buf, 1+BYTE_RUN_BUF_LEN, "%d", node); + XML_CHECK (xmlTextWriterWriteAttribute, (writer, BAD_CAST "file_offset", BAD_CAST buf)); + snprintf (buf, 1+BYTE_RUN_BUF_LEN, "%d", node_struct_length); + XML_CHECK (xmlTextWriterWriteAttribute, (writer, BAD_CAST "len", BAD_CAST buf)); + XML_CHECK (xmlTextWriterEndElement, (writer)); + XML_CHECK (xmlTextWriterEndElement, (writer)); + return 0; +} + static int node_start (hive_h *h, void *writer_v, hive_node_h node, const char *name) { @@ -234,7 +262,8 @@ node_start (hive_h *h, void *writer_v, hive_node_h node, const char *name) } } - return 0; + ret = node_byte_runs (h, writer_v, node); + return ret; } static int @@ -266,11 +295,53 @@ end_value (xmlTextWriterPtr writer) } static int +value_byte_runs (hive_h *h, void *writer_v, hive_value_h value) { + xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; + char buf[1+BYTE_RUN_BUF_LEN]; + size_t value_data_cell_length; + errno = 0; + size_t value_data_structure_length = hivex_value_struct_length (h, value); + if (errno != 0) { + if (errno == EINVAL) { + fprintf (stderr, "value_byte_runs: Invoked on what does not seem to be a value (%zu).\n", value); + } + return -1; + } + hive_value_h value_data_cell_offset = hivex_value_data_cell_offset (h, value, &value_data_cell_length); + if (errno != 0) + return -1; + + XML_CHECK (xmlTextWriterStartElement, (writer, BAD_CAST "byte_runs")); + memset (buf, 0, 1+BYTE_RUN_BUF_LEN); + + /* Write first byte run for data structure */ + XML_CHECK (xmlTextWriterStartElement, (writer, BAD_CAST "byte_run")); + snprintf (buf, 1+BYTE_RUN_BUF_LEN, "%d", value); + XML_CHECK (xmlTextWriterWriteAttribute, (writer, BAD_CAST "file_offset", BAD_CAST buf)); + snprintf (buf, 1+BYTE_RUN_BUF_LEN, "%d", value_data_structure_length); + XML_CHECK (xmlTextWriterWriteAttribute, (writer, BAD_CAST "len", BAD_CAST buf)); + XML_CHECK (xmlTextWriterEndElement, (writer)); + + /* Write second byte run for longer values */ + if (value_data_cell_length > 4) { + XML_CHECK (xmlTextWriterStartElement, (writer, BAD_CAST "byte_run")); + snprintf (buf, 1+BYTE_RUN_BUF_LEN, "%d", value_data_cell_offset); + XML_CHECK (xmlTextWriterWriteAttribute, (writer, BAD_CAST "file_offset", BAD_CAST buf)); + snprintf (buf, 1+BYTE_RUN_BUF_LEN, "%d", value_data_cell_length); + XML_CHECK (xmlTextWriterWriteAttribute, (writer, BAD_CAST "len", BAD_CAST buf)); + XML_CHECK (xmlTextWriterEndElement, (writer)); + } + XML_CHECK (xmlTextWriterEndElement, (writer)); + return 0; +} + +static int value_string (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, hive_type t, size_t len, const char *key, const char *str) { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; const char *type; + int ret = 0; switch (t) { case hive_t_string: type = "string"; break; @@ -296,8 +367,9 @@ value_string (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, XML_CHECK (xmlTextWriterStartAttribute, (writer, BAD_CAST "value")); XML_CHECK (xmlTextWriterWriteString, (writer, BAD_CAST str)); XML_CHECK (xmlTextWriterEndAttribute, (writer)); + ret = value_byte_runs (h, writer_v, value); end_value (writer); - return 0; + return ret; } static int @@ -306,6 +378,7 @@ value_multiple_strings (hive_h *h, void *writer_v, hive_node_h node, const char *key, char **argv) { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; + int ret = 0; start_value (writer, key, "string-list", NULL); size_t i; @@ -315,8 +388,9 @@ value_multiple_strings (hive_h *h, void *writer_v, hive_node_h node, XML_CHECK (xmlTextWriterEndElement, (writer)); } + ret = value_byte_runs (h, writer_v, value); end_value (writer); - return 0; + return ret; } static int @@ -327,6 +401,7 @@ value_string_invalid_utf16 (hive_h *h, void *writer_v, hive_node_h node, { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; const char *type; + int ret = 0; switch (t) { case hive_t_string: type = "bad-string"; break; @@ -352,9 +427,10 @@ value_string_invalid_utf16 (hive_h *h, void *writer_v, hive_node_h node, XML_CHECK (xmlTextWriterStartAttribute, (writer, BAD_CAST "value")); XML_CHECK (xmlTextWriterWriteBase64, (writer, str, 0, len)); XML_CHECK (xmlTextWriterEndAttribute, (writer)); + ret = value_byte_runs (h, writer_v, value); end_value (writer); - return 0; + return ret; } static int @@ -362,10 +438,12 @@ value_dword (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, hive_type t, size_t len, const char *key, int32_t v) { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; + int ret = 0; start_value (writer, key, "int32", NULL); XML_CHECK (xmlTextWriterWriteFormatAttribute, (writer, BAD_CAST "value", "%" PRIi32, v)); + ret = value_byte_runs (h, writer_v, value); end_value (writer); - return 0; + return ret; } static int @@ -373,10 +451,12 @@ value_qword (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, hive_type t, size_t len, const char *key, int64_t v) { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; + int ret = 0; start_value (writer, key, "int64", NULL); XML_CHECK (xmlTextWriterWriteFormatAttribute, (writer, BAD_CAST "value", "%" PRIi64, v)); + ret = value_byte_runs (h, writer_v, value); end_value (writer); - return 0; + return ret; } static int @@ -384,12 +464,14 @@ value_binary (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, hive_type t, size_t len, const char *key, const char *v) { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; + int ret = 0; start_value (writer, key, "binary", "base64"); XML_CHECK (xmlTextWriterStartAttribute, (writer, BAD_CAST "value")); XML_CHECK (xmlTextWriterWriteBase64, (writer, v, 0, len)); XML_CHECK (xmlTextWriterEndAttribute, (writer)); + ret = value_byte_runs (h, writer_v, value); end_value (writer); - return 0; + return ret; } static int @@ -397,14 +479,16 @@ value_none (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, hive_type t, size_t len, const char *key, const char *v) { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; + int ret = 0; start_value (writer, key, "none", "base64"); if (len > 0) { XML_CHECK (xmlTextWriterStartAttribute, (writer, BAD_CAST "value")); XML_CHECK (xmlTextWriterWriteBase64, (writer, v, 0, len)); XML_CHECK (xmlTextWriterEndAttribute, (writer)); + ret = value_byte_runs (h, writer_v, value); } end_value (writer); - return 0; + return ret; } static int @@ -413,6 +497,7 @@ value_other (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, { xmlTextWriterPtr writer = (xmlTextWriterPtr) writer_v; const char *type; + int ret = 0; switch (t) { case hive_t_none: @@ -439,8 +524,9 @@ value_other (hive_h *h, void *writer_v, hive_node_h node, hive_value_h value, XML_CHECK (xmlTextWriterStartAttribute, (writer, BAD_CAST "value")); XML_CHECK (xmlTextWriterWriteBase64, (writer, v, 0, len)); XML_CHECK (xmlTextWriterEndAttribute, (writer)); + ret = value_byte_runs (h, writer_v, value); } end_value (writer); - return 0; + return ret; } -- 1.7.4.4

12 years, 7 months

1
0
0 / 0

[hivex][PATCH 7/8] ruby: Add unit test for new RLenValue type

by Alex Nelson

Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu> --- ruby/tests/tc_120_rlenvalue.rb | 39 +++++++++++++++++++++++++++++++++++++++ 1 files changed, 39 insertions(+), 0 deletions(-) create mode 100644 ruby/tests/tc_120_rlenvalue.rb diff --git a/ruby/tests/tc_120_rlenvalue.rb b/ruby/tests/tc_120_rlenvalue.rb new file mode 100644 index 0000000..d24b92a --- /dev/null +++ b/ruby/tests/tc_120_rlenvalue.rb @@ -0,0 +1,39 @@ +# hivex Ruby bindings -*- ruby -*- +# Copyright (C) 2009-2011 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +# Demonstrate value_data_cell_offset by looking at the value at +# "\$$$\PROTO.HIV\A\A", verified to be at file offset 297680 (0x48ad0) +# of the large test hive. The returned offset and length for this +# value cell should be 0,0, due to the value data being inline. + +require 'test/unit' +$:.unshift(File::join(File::dirname(__FILE__), "..", "lib")) +$:.unshift(File::join(File::dirname(__FILE__), "..", "ext", "hivex")) +require 'hivex' + +class TestRLenValue < Test::Unit::TestCase + def test_RLenValue + h = Hivex::open("../images/large", {}) + assert_not_nil (h) + + root = h.root() + assert (root) + + r = h.value_data_cell_offset(297680) + r.each {|key,value| assert_equal (value, 0)} + end +end -- 1.7.4.4

12 years, 7 months

1
0
0 / 0

[hivex][PATCH 6/8] python: Add unit test for new RLenValue type

by Alex Nelson

Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu> --- python/t/120-rlenvalue.py | 35 +++++++++++++++++++++++++++++++++++ 1 files changed, 35 insertions(+), 0 deletions(-) create mode 100644 python/t/120-rlenvalue.py diff --git a/python/t/120-rlenvalue.py b/python/t/120-rlenvalue.py new file mode 100644 index 0000000..1a63697 --- /dev/null +++ b/python/t/120-rlenvalue.py @@ -0,0 +1,35 @@ +# hivex Python bindings +# Copyright (C) 2010 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +# Demonstrate value_data_cell_offset by looking at the value at +# "\$$$\PROTO.HIV\A\A", verified to be at file offset 297680 (0x48ad0) +# of the large test hive. The returned offset and length for this +# value cell should be 0,0, due to the value data being inline. + +import os +import hivex + +srcdir = os.environ["srcdir"] +if not srcdir: + srcdir = "." + +h = hivex.Hivex ("%s/../images/large" % srcdir) +assert h + +r = h.value_data_cell_offset (297680) +assert r[0] == 0 +assert r[1] == 0 -- 1.7.4.4

12 years, 7 months

1
0
0 / 0

[hivex][PATCH 5/8] perl: Add unit test for new RLenValue type

by Alex Nelson

Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu> --- perl/t/130-rlenvalue.t | 41 +++++++++++++++++++++++++++++++++++++++++ 1 files changed, 41 insertions(+), 0 deletions(-) create mode 100644 perl/t/130-rlenvalue.t diff --git a/perl/t/130-rlenvalue.t b/perl/t/130-rlenvalue.t new file mode 100644 index 0000000..bc8dd61 --- /dev/null +++ b/perl/t/130-rlenvalue.t @@ -0,0 +1,41 @@ +# hivex Perl bindings -*- perl -*- +# Copyright (C) 2010 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +# Demonstrate value_data_cell_offset by looking at the value at +# "\$$$\PROTO.HIV\A\A", verified to be at file offset 297680 (0x48ad0) +# of the large test hive. The returned offset and length for this +# value cell should be 0,0, due to the value data being inline. + +use strict; +use warnings; +use Test::More tests => 5; + +use Win::Hivex; + +my $srcdir = $ENV{srcdir} || "."; + +my $h = Win::Hivex->open ("$srcdir/../images/large"); +ok ($h); + +my $root = $h->root (); +ok ($root); + +my ($off, $len) = $h->value_data_cell_offset (297680); +ok ($off == 0); +ok ($len == 0); + +ok (1); -- 1.7.4.4

12 years, 7 months

1
0
0 / 0

[hivex][PATCH 3/8] hivex: Add offset-&-length function for long value data

by Alex Nelson

This patch adds value_data_cell_offset to the hivex ABI, to report the hive space used for long (>4 bytes) value data. Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu> --- generator/generator.ml | 12 +++++++++ lib/hivex.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 0 deletions(-) diff --git a/generator/generator.ml b/generator/generator.ml index 7ece245..6204ecd 100755 --- a/generator/generator.ml +++ b/generator/generator.ml @@ -273,6 +273,18 @@ Return the length of the node data structure."; "\ Return the length of the value data structure."; + "value_data_cell_offset", (RLenValue, [AHive; AValue "val"]), + "return the offset and length of a value data cell", + "\ +Return the offset and length of the value's data cell, not value cell. +E.g. if the value data were \"foobar\" then the cell length would be 10, +and the offset would be to a value data cell, which houses the data +prefixed with 4 bytes describing the size. If the data length is not +greater than 4, then 0 is returned as offset and length, as the data +are inline in the value. + +Returns 0 and sets errno on error."; + "value_value", (RLenTypeVal, [AHive; AValue "val"]), "return data length, data type and data of a value", "\ diff --git a/lib/hivex.c b/lib/hivex.c index bf1a860..df313bf 100644 --- a/lib/hivex.c +++ b/lib/hivex.c @@ -1257,6 +1257,66 @@ hivex_value_type (hive_h *h, hive_value_h value, hive_type *t, size_t *len) return 0; } +hive_value_h +hivex_value_data_cell_offset (hive_h *h, hive_value_h value, size_t *len) +{ + if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) { + errno = EINVAL; + return 0; + } + + if (h->msglvl >= 2) + fprintf (stderr, "hivex_value_data_cell_offset: value=0x%zx\n", value); + struct ntreg_vk_record *vk = (struct ntreg_vk_record *) (h->addr + value); + + size_t data_len; + int is_inline; + + data_len = le32toh (vk->data_len); + is_inline = !!(data_len & 0x80000000); + data_len &= 0x7fffffff; + + if (h->msglvl >= 2) + fprintf (stderr, "hivex_value_data_cell_offset: is_inline=%d\n", is_inline); + + if (h->msglvl >= 2) + fprintf (stderr, "hivex_value_data_cell_offset: data_len=%zx\n", data_len); + + if (is_inline && data_len > 4) { + errno = ENOTSUP; + return 0; + } + + if (is_inline) { + /* There is no other location for the value data. */ + if (len) + *len = 0; + return 0; + } else { + if (len) + *len = data_len + 4; /* Include 4 header length bytes */ + } + + if (h->msglvl >= 2) + fprintf (stderr, "hivex_value_data_cell_offset: Proceeding with indirect data.\n"); + + size_t data_offset = le32toh (vk->data_offset); + data_offset += 0x1000; /* Add 0x1000 because everything's off by 4KiB */ + if (!IS_VALID_BLOCK (h, data_offset)) { + if (h->msglvl >= 2) + fprintf (stderr, "hivex_value_data_cell_offset: returning EFAULT because data " + "offset is not a valid block (0x%zx)\n", + data_offset); + errno = EFAULT; + return 0; + } + + if (h->msglvl >= 2) + fprintf (stderr, "hivex_value_data_cell_offset: data_offset=%zx\n", data_offset); + + return data_offset; +} + char * hivex_value_value (hive_h *h, hive_value_h value, hive_type *t_rtn, size_t *len_rtn) -- 1.7.4.4

12 years, 7 months

1
0
0 / 0

[hivex][PATCH 1/8] perl: Add demonstration unit test for Perl

by Alex Nelson

Signed-off-by: Alex Nelson <ajnelson(a)cs.ucsc.edu> --- perl/t/120-dword.t | 35 +++++++++++++++++++++++++++++++++++ 1 files changed, 35 insertions(+), 0 deletions(-) create mode 100644 perl/t/120-dword.t diff --git a/perl/t/120-dword.t b/perl/t/120-dword.t new file mode 100644 index 0000000..d3b4f02 --- /dev/null +++ b/perl/t/120-dword.t @@ -0,0 +1,35 @@ +# hivex Perl bindings -*- perl -*- +# Copyright (C) 2010 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +use strict; +use warnings; +use Test::More tests => 4; + +use Win::Hivex; + +my $srcdir = $ENV{srcdir} || "."; + +my $h = Win::Hivex->open ("$srcdir/../images/large"); +ok ($h); + +my $root = $h->root (); +ok ($root); + +my $dword = $h->value_dword (297640); +ok ($dword == 305419896); + +ok (1); -- 1.7.4.4

12 years, 7 months

1
0
0 / 0

[hivex][PATCH v4 0/8] Add byte run reporting to hivexml

by Alex Nelson

This patch series completes byte run outputting for long values. Several unit tests are now in place for the new RLenValue generator type, including one added example unit test for Perl. Two patches are equivalent to their submissions from early September: hivex: Add offset-&-length function for long value data hivexml: Add byte run reporting functions Alex Nelson (8): perl: Add demonstration unit test for Perl generator: Add new return type to ABI: RLenValue hivex: Add offset-&-length function for long value data ocaml: Add unit test for new RLenValue type perl: Add unit test for new RLenValue type python: Add unit test for new RLenValue type ruby: Add unit test for new RLenValue type hivexml: Add byte run reporting functions .gitignore | 1 + generator/generator.ml | 90 ++++++++++++++++++++++++++++++++++ lib/hivex.c | 60 +++++++++++++++++++++++ ocaml/Makefile.am | 1 + ocaml/t/hivex_120_rlenvalue.ml | 42 ++++++++++++++++ perl/t/120-dword.t | 35 +++++++++++++ perl/t/130-rlenvalue.t | 41 ++++++++++++++++ python/t/120-rlenvalue.py | 35 +++++++++++++ ruby/tests/tc_120_rlenvalue.rb | 39 +++++++++++++++ xml/hivexml.c | 104 ++++++++++++++++++++++++++++++++++++---- 10 files changed, 439 insertions(+), 9 deletions(-) create mode 100644 ocaml/t/hivex_120_rlenvalue.ml create mode 100644 perl/t/120-dword.t create mode 100644 perl/t/130-rlenvalue.t create mode 100644 python/t/120-rlenvalue.py create mode 100644 ruby/tests/tc_120_rlenvalue.rb -- 1.7.4.4

12 years, 7 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

Libguestfs October 2011