thr3ads.net - Libguestfs - Re: [Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives. [Feb 2017]

If this information is useful, please help other people find it:
Share via:

Richard W.M. Jones

2017-Feb-17 10:24 UTC

[Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.

Map the HIVEX_OPEN_UNSAFE flag into the libguestfs API and use it
in various places.

Rich.

Richard W.M. Jones

2017-Feb-17 10:24 UTC

head link

[Libguestfs] [PATCH 1/2] hivex: Map new HIVEX_OPEN_UNSAFE flag into the API.

In hivex >= 1.3.14, there is a new HIVEX_OPEN_UNSAFE flag allowing
heuristics to be used to deal with corrupted hives.  Map this flag
into the libguestfs API.

If the flag is not supported (because libguestfs was compiled with
hivex < 1.3.14) then the flag is ignored.  This is safe behaviour:
opening corrupted hives will give an error, as happened previously.
---
 daemon/hivex.c       | 9 ++++++++-
 generator/actions.ml | 8 ++++----
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/daemon/hivex.c b/daemon/hivex.c
index b47329e..95ed7dd 100644
--- a/daemon/hivex.c
+++ b/daemon/hivex.c
@@ -68,7 +68,8 @@ hivex_finalize (void)
 
 /* Takes optional arguments, consult optargs_bitmask. */
 int
-do_hivex_open (const char *filename, int verbose, int debug, int write)
+do_hivex_open (const char *filename,
+               int verbose, int debug, int write, int unsafe)
 {
   CLEANUP_FREE char *buf = NULL;
   int flags = 0;
@@ -96,6 +97,12 @@ do_hivex_open (const char *filename, int verbose, int debug,
int write)
     if (write)
       flags |= HIVEX_OPEN_WRITE;
   }
+#ifdef HIVEX_OPEN_UNSAFE
+  if (optargs_bitmask & GUESTFS_HIVEX_OPEN_UNSAFE_BITMASK) {
+    if (unsafe)
+      flags |= HIVEX_OPEN_UNSAFE;
+  }
+#endif
 
   h = hivex_open (buf, flags);
   if (!h) {
diff --git a/generator/actions.ml b/generator/actions.ml
index ed0e8cc..67db08c 100644
--- a/generator/actions.ml
+++ b/generator/actions.ml
@@ -11228,13 +11228,13 @@ C<guestfs_xfs_growfs> calls." };
 
   { defaults with
     name = "hivex_open"; added = (1, 19, 35);
-    style = RErr, [Pathname "filename"], [OBool "verbose";
OBool "debug"; OBool "write"];
+    style = RErr, [Pathname "filename"], [OBool "verbose";
OBool "debug"; OBool "write"; OBool "unsafe"];
     proc_nr = Some 350;
     optional = Some "hivex";
     tests = [
       InitScratchFS, Always, TestRun (
         [["upload";
"$srcdir/../../test-data/files/minimal"; "/hivex_open"];
-         ["hivex_open"; "/hivex_open"; "";
""; "false"];
+         ["hivex_open"; "/hivex_open"; "";
""; "false"; ""];
          ["hivex_root"]; (* in this hive, it returns 0x1020 *)
          ["hivex_node_name"; "0x1020"];
          ["hivex_node_children"; "0x1020"];
@@ -11382,11 +11382,11 @@ See also: C<guestfs_hivex_value_utf8>." };
     tests = [
       InitScratchFS, Always, TestRun (
         [["upload";
"$srcdir/../../test-data/files/minimal"; "/hivex_commit1"];
-         ["hivex_open"; "/hivex_commit1"; "";
""; "true"];
+         ["hivex_open"; "/hivex_commit1"; "";
""; "true"; ""];
          ["hivex_commit"; "NULL"]]),
[["hivex_close"]];
       InitScratchFS, Always, TestResultTrue (
         [["upload";
"$srcdir/../../test-data/files/minimal"; "/hivex_commit2"];
-         ["hivex_open"; "/hivex_commit2"; "";
""; "true"];
+         ["hivex_open"; "/hivex_commit2"; "";
""; "true"; ""];
          ["hivex_commit"; "/hivex_commit2_copy"];
          ["is_file"; "/hivex_commit2_copy";
"false"]]), [["hivex_close"]]
     ];
-- 
2.10.2

Richard W.M. Jones

2017-Feb-17 10:25 UTC

head link

[Libguestfs] [PATCH 2/2] lib, v2v: Use unsafe flag when reading (but NOT writing) hives.

Pass the HIVEX_OPEN_UNSAFE flag when opening hives for reading.
Do NOT pass it when opening hives for writing.

This should make inspection and virt-v2v more tolerant about handling
Windows Registry corruption, without increasing the risk of causing
new corruption in hives.
---
 lib/inspect-apps.c       | 4 +++-
 lib/inspect-fs-windows.c | 8 ++++++--
 v2v/windows.ml           | 3 ++-
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/lib/inspect-apps.c b/lib/inspect-apps.c
index b377f57..0f2b505 100644
--- a/lib/inspect-apps.c
+++ b/lib/inspect-apps.c
@@ -792,7 +792,9 @@ list_applications_windows (guestfs_h *g, struct inspect_fs
*fs)
     return NULL;
 
   if (guestfs_hivex_open (g, software_path,
-                          GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, -1) == -1)
+                          GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose,
+                          GUESTFS_HIVEX_OPEN_UNSAFE, 1,
+                          -1) == -1)
     return NULL;
 
   /* Allocate apps list. */
diff --git a/lib/inspect-fs-windows.c b/lib/inspect-fs-windows.c
index c139051..fc0b42b 100644
--- a/lib/inspect-fs-windows.c
+++ b/lib/inspect-fs-windows.c
@@ -283,7 +283,9 @@ check_windows_software_registry (guestfs_h *g, struct
inspect_fs *fs)
   bool ignore_currentversion = false;
 
   if (guestfs_hivex_open (g, software_path,
-                          GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, -1) == -1)
+                          GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose,
+                          GUESTFS_HIVEX_OPEN_UNSAFE, 1,
+                          -1) == -1)
     return -1;
 
   node = guestfs_hivex_root (g);
@@ -405,7 +407,9 @@ check_windows_system_registry (guestfs_h *g, struct
inspect_fs *fs)
     { NULL /* current control set */, "Services", "Tcpip",
"Parameters" };
 
   if (guestfs_hivex_open (g, system_path,
-                          GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, -1) == -1)
+                          GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose,
+                          GUESTFS_HIVEX_OPEN_UNSAFE, 1,
+                          -1) == -1)
     goto out;
 
   root = guestfs_hivex_root (g);
diff --git a/v2v/windows.ml b/v2v/windows.ml
index 9e8ef1e..79a14aa 100644
--- a/v2v/windows.ml
+++ b/v2v/windows.ml
@@ -49,7 +49,8 @@ and (=~) str rex  
 let with_hive_readonly (g : Guestfs.guestfs) hive_filename f    let verbose =
verbose () in
-  g#hivex_open ~write:false ~verbose (* ~debug:verbose *) hive_filename;
+  g#hivex_open ~write:false ~unsafe:true ~verbose (* ~debug:verbose *)
+               hive_filename;
   protect ~f:(
     fun () ->
       let root = g#hivex_root () in
-- 
2.10.2

Pino Toscano

2017-Feb-17 14:01 UTC

head link

Re: [Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.

On Friday, 17 February 2017 10:24:58 CET Richard W.M. Jones
wrote:> Map the HIVEX_OPEN_UNSAFE flag into the libguestfs API and use it
> in various places.
The series LGTM.  Should virt-win-reg in display/export mode use the
unsafe mode as well?

Thanks,
-- 
Pino Toscano

Richard W.M. Jones

2017-Feb-17 14:49 UTC

head link

Re: [Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.

On Fri, Feb 17, 2017 at 03:01:36PM +0100, Pino Toscano
wrote:> On Friday, 17 February 2017 10:24:58 CET Richard W.M. Jones wrote:
> > Map the HIVEX_OPEN_UNSAFE flag into the libguestfs API and use it
> > in various places.
> 
> The series LGTM.  Should virt-win-reg in display/export mode use the
> unsafe mode as well?
Indeed, good point.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org

Reasonably Related Threads

Search for more seemingly similar threads

Libguestfs - Feb 2017 - Re: [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.

[Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.

[Libguestfs] [PATCH 1/2] hivex: Map new HIVEX_OPEN_UNSAFE flag into the API.

[Libguestfs] [PATCH 2/2] lib, v2v: Use unsafe flag when reading (but NOT writing) hives.

Re: [Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.

Re: [Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.

Reasonably Related Threads