Richard W.M. Jones
2017-Feb-17 10:24 UTC
[Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.
Map the HIVEX_OPEN_UNSAFE flag into the libguestfs API and use it in various places. Rich.
Richard W.M. Jones
2017-Feb-17 10:24 UTC
[Libguestfs] [PATCH 1/2] hivex: Map new HIVEX_OPEN_UNSAFE flag into the API.
In hivex >= 1.3.14, there is a new HIVEX_OPEN_UNSAFE flag allowing heuristics to be used to deal with corrupted hives. Map this flag into the libguestfs API. If the flag is not supported (because libguestfs was compiled with hivex < 1.3.14) then the flag is ignored. This is safe behaviour: opening corrupted hives will give an error, as happened previously. --- daemon/hivex.c | 9 ++++++++- generator/actions.ml | 8 ++++---- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/daemon/hivex.c b/daemon/hivex.c index b47329e..95ed7dd 100644 --- a/daemon/hivex.c +++ b/daemon/hivex.c @@ -68,7 +68,8 @@ hivex_finalize (void) /* Takes optional arguments, consult optargs_bitmask. */ int -do_hivex_open (const char *filename, int verbose, int debug, int write) +do_hivex_open (const char *filename, + int verbose, int debug, int write, int unsafe) { CLEANUP_FREE char *buf = NULL; int flags = 0; @@ -96,6 +97,12 @@ do_hivex_open (const char *filename, int verbose, int debug, int write) if (write) flags |= HIVEX_OPEN_WRITE; } +#ifdef HIVEX_OPEN_UNSAFE + if (optargs_bitmask & GUESTFS_HIVEX_OPEN_UNSAFE_BITMASK) { + if (unsafe) + flags |= HIVEX_OPEN_UNSAFE; + } +#endif h = hivex_open (buf, flags); if (!h) { diff --git a/generator/actions.ml b/generator/actions.ml index ed0e8cc..67db08c 100644 --- a/generator/actions.ml +++ b/generator/actions.ml @@ -11228,13 +11228,13 @@ C<guestfs_xfs_growfs> calls." }; { defaults with name = "hivex_open"; added = (1, 19, 35); - style = RErr, [Pathname "filename"], [OBool "verbose"; OBool "debug"; OBool "write"]; + style = RErr, [Pathname "filename"], [OBool "verbose"; OBool "debug"; OBool "write"; OBool "unsafe"]; proc_nr = Some 350; optional = Some "hivex"; tests = [ InitScratchFS, Always, TestRun ( [["upload"; "$srcdir/../../test-data/files/minimal"; "/hivex_open"]; - ["hivex_open"; "/hivex_open"; ""; ""; "false"]; + ["hivex_open"; "/hivex_open"; ""; ""; "false"; ""]; ["hivex_root"]; (* in this hive, it returns 0x1020 *) ["hivex_node_name"; "0x1020"]; ["hivex_node_children"; "0x1020"]; @@ -11382,11 +11382,11 @@ See also: C<guestfs_hivex_value_utf8>." }; tests = [ InitScratchFS, Always, TestRun ( [["upload"; "$srcdir/../../test-data/files/minimal"; "/hivex_commit1"]; - ["hivex_open"; "/hivex_commit1"; ""; ""; "true"]; + ["hivex_open"; "/hivex_commit1"; ""; ""; "true"; ""]; ["hivex_commit"; "NULL"]]), [["hivex_close"]]; InitScratchFS, Always, TestResultTrue ( [["upload"; "$srcdir/../../test-data/files/minimal"; "/hivex_commit2"]; - ["hivex_open"; "/hivex_commit2"; ""; ""; "true"]; + ["hivex_open"; "/hivex_commit2"; ""; ""; "true"; ""]; ["hivex_commit"; "/hivex_commit2_copy"]; ["is_file"; "/hivex_commit2_copy"; "false"]]), [["hivex_close"]] ]; -- 2.10.2
Richard W.M. Jones
2017-Feb-17 10:25 UTC
[Libguestfs] [PATCH 2/2] lib, v2v: Use unsafe flag when reading (but NOT writing) hives.
Pass the HIVEX_OPEN_UNSAFE flag when opening hives for reading. Do NOT pass it when opening hives for writing. This should make inspection and virt-v2v more tolerant about handling Windows Registry corruption, without increasing the risk of causing new corruption in hives. --- lib/inspect-apps.c | 4 +++- lib/inspect-fs-windows.c | 8 ++++++-- v2v/windows.ml | 3 ++- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/lib/inspect-apps.c b/lib/inspect-apps.c index b377f57..0f2b505 100644 --- a/lib/inspect-apps.c +++ b/lib/inspect-apps.c @@ -792,7 +792,9 @@ list_applications_windows (guestfs_h *g, struct inspect_fs *fs) return NULL; if (guestfs_hivex_open (g, software_path, - GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, -1) == -1) + GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, + GUESTFS_HIVEX_OPEN_UNSAFE, 1, + -1) == -1) return NULL; /* Allocate apps list. */ diff --git a/lib/inspect-fs-windows.c b/lib/inspect-fs-windows.c index c139051..fc0b42b 100644 --- a/lib/inspect-fs-windows.c +++ b/lib/inspect-fs-windows.c @@ -283,7 +283,9 @@ check_windows_software_registry (guestfs_h *g, struct inspect_fs *fs) bool ignore_currentversion = false; if (guestfs_hivex_open (g, software_path, - GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, -1) == -1) + GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, + GUESTFS_HIVEX_OPEN_UNSAFE, 1, + -1) == -1) return -1; node = guestfs_hivex_root (g); @@ -405,7 +407,9 @@ check_windows_system_registry (guestfs_h *g, struct inspect_fs *fs) { NULL /* current control set */, "Services", "Tcpip", "Parameters" }; if (guestfs_hivex_open (g, system_path, - GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, -1) == -1) + GUESTFS_HIVEX_OPEN_VERBOSE, g->verbose, + GUESTFS_HIVEX_OPEN_UNSAFE, 1, + -1) == -1) goto out; root = guestfs_hivex_root (g); diff --git a/v2v/windows.ml b/v2v/windows.ml index 9e8ef1e..79a14aa 100644 --- a/v2v/windows.ml +++ b/v2v/windows.ml @@ -49,7 +49,8 @@ and (=~) str rex let with_hive_readonly (g : Guestfs.guestfs) hive_filename f let verbose = verbose () in - g#hivex_open ~write:false ~verbose (* ~debug:verbose *) hive_filename; + g#hivex_open ~write:false ~unsafe:true ~verbose (* ~debug:verbose *) + hive_filename; protect ~f:( fun () -> let root = g#hivex_root () in -- 2.10.2
Pino Toscano
2017-Feb-17 14:01 UTC
Re: [Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.
On Friday, 17 February 2017 10:24:58 CET Richard W.M. Jones wrote:> Map the HIVEX_OPEN_UNSAFE flag into the libguestfs API and use it > in various places.The series LGTM. Should virt-win-reg in display/export mode use the unsafe mode as well? Thanks, -- Pino Toscano
Richard W.M. Jones
2017-Feb-17 14:49 UTC
Re: [Libguestfs] [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.
On Fri, Feb 17, 2017 at 03:01:36PM +0100, Pino Toscano wrote:> On Friday, 17 February 2017 10:24:58 CET Richard W.M. Jones wrote: > > Map the HIVEX_OPEN_UNSAFE flag into the libguestfs API and use it > > in various places. > > The series LGTM. Should virt-win-reg in display/export mode use the > unsafe mode as well?Indeed, good point. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org
Seemingly Similar Threads
- [PATCH libguestfs 0/2] Use unsafe flag when reading (but NOT writing) hives.
- [PATCH v4 1/5] add HIVEX_OPEN_UNSAFE flag.
- [PATCH v4 0/5] hivex: handle corrupted hives better.
- [PATCH] hivexml: Add -u flag for HIVEX_OPEN_UNSAFE
- ANNOUNCE: hivex - read and write Windows Registry hives - version 1.3.15 released