[Libguestfs] hivex lib: Add function hivex_node_num_children

Hello, I've been working on a graphical registry hive editing tool in Qt using the hivex C library. While creating it, I noticed that in order to determine if an expansion element should be shown on a node, you have to determine if a node has any children. Currently, in order to determine if a node has any children, you must find every child with hivex_node_children, which is a relatively expensive operation. So, I have created a function called hivex_node_num_children that isolates the first few lines of hivex_node_children to simply return the number of child nodes a node has by accessing ntreg_nk_record->nr_subkeys. I'm a bit of a newer developer, so I'm not incredibly familiar with the patching process through mailing lists, nor do I have any history with libguestfs. Please let me know if I am doing anything wrong or what can be improved. This is the git branch: https://github.com/kupiakos/hivex/tree/node_children_count This is a patch of the difference: diff --git a/generator/generator.ml b/generator/generator.ml index be783ae..4f878ff 100755 --- a/generator/generator.ml +++ b/generator/generator.ml @@ -210,6 +210,11 @@ Return the child of node with the name C<name>, if it exists. The name is matched case insensitively."; + "node_num_children", (RSize, [AHive; ANode "node"]), + "return the number of children of a node", + "\ +Return the number of nodes as produced by C<hivex_node_children>."; + "node_parent", (RNode, [AHive; ANode "node"]), "return the parent of node", "\ diff --git a/lib/node.c b/lib/node.c index 1fb48cf..fc3ca71 100644 --- a/lib/node.c +++ b/lib/node.c @@ -513,6 +513,22 @@ hivex_node_children (hive_h *h, hive_node_h node) return children; } +size_t +hivex_node_num_children (hive_h *h, hive_node_h node) +{ + if (!IS_VALID_BLOCK (h, node) || !block_id_eq(h, node, "nk")) { + SET_ERRNO( EINVAL, "invalid block or not an 'nk' block"); + return 0; + } + + struct ntreg_nk_record *nk = + (struct ntreg_nk_record *) ((char *) h->addr + node); + + size_t nr_subkeys_in_nk = le32toh(nk->nr_subkeys); + + return nr_subkeys_in_nk; +} + /* Very inefficient, but at least having a separate API call * allows us to make it more efficient in future. */ -- - Kevin Haroldsen (kupiakos)