Re: [Libguestfs] hivex: Make node names and value names with embedded null characters accessible

Wednesday, 8 January 2014

On Wed, Jan 08, 2014 at 01:26:23AM +0100, Hilko Bengen wrote:
...
 On Windows, there exist at least two APIs for dealing with the
 Registry: The Win32 API (RegCreateKeyA, RegCreateKeyW, etc.) works
 with null-terminated ASCII or UTF-16 strings. The native API
 (ZwCreateKey, etc.), on the other hand works with UTF-16 strings that
 are stored as buffers+length and may contain null characters. Malware
 authors have been relying on the Win32 API's inability to properly
 work with such names for several years.

 These changes make such names accessible from hivex. 
ACK to all 3 patches.

It be nice to have some sort of test coverage of these.

Thanks,

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

Re: [Libguestfs] hivex: Make node names and value names with embedded null characters accessible