Displaying 5 results from an estimated 5 matches for "65404d7".
2014 Jan 13
1
[PATCH 2/7 take 2] lib: Use vk->len for string conversion
---
lib/value.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/lib/value.c b/lib/value.c
index 65404d7..7b2e9d3 100644
--- a/lib/value.c
+++ b/lib/value.c
@@ -207,14 +207,14 @@ hivex_value_key (hive_h *h, hive_value_h value)
struct ntreg_vk_record *vk =
(struct ntreg_vk_record *) ((char *) h->addr + value);
- /* AFAIK the key is always plain ASCII, so no conversion to UTF-8 is
- * ne...
2014 Jan 13
3
Re: [PATCH 2/7] lib: Use vk->len for string conversion
On Sat, Jan 11, 2014 at 12:12:47AM +0100, Hilko Bengen wrote:
> ---
> lib/value.c | 8 +-------
> 1 file changed, 1 insertion(+), 7 deletions(-)
>
> diff --git a/lib/value.c b/lib/value.c
> index 65404d7..e700c84 100644
> --- a/lib/value.c
> +++ b/lib/value.c
> @@ -207,14 +207,8 @@ hivex_value_key (hive_h *h, hive_value_h value)
> struct ntreg_vk_record *vk =
> (struct ntreg_vk_record *) ((char *) h->addr + value);
>
> - /* AFAIK the key is always plain ASCII, so...
2014 Jan 10
0
[PATCH 2/7] lib: Use vk->len for string conversion
---
lib/value.c | 8 +-------
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/lib/value.c b/lib/value.c
index 65404d7..e700c84 100644
--- a/lib/value.c
+++ b/lib/value.c
@@ -207,14 +207,8 @@ hivex_value_key (hive_h *h, hive_value_h value)
struct ntreg_vk_record *vk =
(struct ntreg_vk_record *) ((char *) h->addr + value);
- /* AFAIK the key is always plain ASCII, so no conversion to UTF-8 is
- * nec...
2014 Jan 10
14
[PATCH 1/7] Add a minimal hive with "special" keys and values
---
images/README | 14 ++++++++++++
images/mkzero/Makefile | 9 ++++++++
images/mkzero/mkzero.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++
images/special | Bin 0 -> 8192 bytes
4 files changed, 82 insertions(+)
create mode 100644 images/mkzero/Makefile
create mode 100644 images/mkzero/mkzero.c
create mode 100644 images/special
diff --git a/images/README
2014 Jan 08
5
hivex: Make node names and value names with embedded null characters accessible
On Windows, there exist at least two APIs for dealing with the
Registry: The Win32 API (RegCreateKeyA, RegCreateKeyW, etc.) works
with null-terminated ASCII or UTF-16 strings. The native API
(ZwCreateKey, etc.), on the other hand works with UTF-16 strings that
are stored as buffers+length and may contain null characters. Malware
authors have been relying on the Win32 API's inability to