Displaying 20 results from an estimated 109 matches for "hivexml".
Did you mean:
hivex
2011 Nov 30
1
[PATCH] hivex: Added gnulib includes from builddir, as suggested by the Gnulib documentation; link hivexml against libgnu.
Since some modules (`getopt', for example) may copy files
into the build directory, `top_builddir/lib' is needed as well as
`top_srcdir/lib'. -- GNU Gnulib manual, section 2.2 Initial import
This fixes an in-tree build failure on a Debian/sid system (see
below). hivexml could be built out-of-tree, but it turned out that due
to a missing include path, in this case the system's getopt
implementation was used insted of Gnulib's.
make[2]: Entering directory `?SRCDIR?/xml'
gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I.. -DLOCALEBASEDIR=\""/usr/local/s...
2011 May 07
2
hivexml rewrite
Greetings.
I am new to this list.
I am writing to you about hivexml. Richard Jones told me that he was considering abandoning this program. Instead, I am willing to take over maintenance of it.
I am involved in computer forensics. I are in the midst of developing an XML standard to describe the Windows Registry.
There are several programs that export the windows...
2011 Jun 27
2
hivex-1.2.7 build failure on Ubuntu 10.04, rpl_getopt, rpl_optind
I'm trying to build hivex 1.2.7 on Ubuntu 10.04, and get the following failure:
Making all in xml
make[2]: Entering directory `/opt/sandbox/src/hivex/hivex-1.2.7/xml'
CC hivexml-hivexml.o
CCLD hivexml
hivexml-hivexml.o: In function `main':
/opt/sandbox/src/hivex/hivex-1.2.7/xml/hivexml.c:86: undefined reference to `rpl_getopt'
/opt/sandbox/src/hivex/hivex-1.2.7/xml/hivexml.c:100: undefined reference to `rpl_optind'
/opt/sandbox/src/hivex/hivex-1.2.7/...
2017 Jul 11
0
[PATCH] hivexml: Add -u flag for HIVEX_OPEN_UNSAFE
---
xml/hivexml.c | 5 ++++-
xml/hivexml.pod | 7 +++++++
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index b496bb6..8ba6594 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -95,7 +95,7 @@ main (int argc, char *argv[])
int open_flags = 0;
int visit_flags =...
2011 Sep 17
1
[PATCH] hivexml: Do not print null input times
Dealing with "1601-01-01T00:00:00Z" is unnecessarily awkward, especially
since the value only represents a 0 found in the data.
Signed-off-by: Alex Nelson <ajnelson at cs.ucsc.edu>
---
xml/hivexml.c | 7 +++++++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index cf11676..5030c24 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -169,6 +169,10 @@ main (int argc, char *argv[])
* fiwalk.cpp.
*
* The caller should free the returned buffer....
2012 Mar 11
3
Compilation troubles
...ext you should type 'make' to build the package,
then 'make check' to run the tests.
------------------------------------------------------------
but then compilation end badly::
Making all in xml
make[2]: Entering directory `/tmp/hivex-1.3.3/xml'
CCLD hivexml
hivexml-hivexml.o: In function `main':
/tmp/hivex-1.3.3/xml/hivexml.c:96: undefined reference to `rpl_getopt'
/tmp/hivex-1.3.3/xml/hivexml.c:110: undefined reference to `rpl_optind'
/tmp/hivex-1.3.3/xml/hivexml.c:154: undefined reference to `rpl_optind'
collect2:...
2011 Sep 02
1
[PATCH 0/7] hivex + hivexml: Add byte runs for nodes and values
This changeset adds byte run reporters for node and value metadata in the
hivexml program. This location reporting required several new ABI
functions, which required new ABI return types. One benefit to the byte
run functions is additional sanity checks, which have revealed new data
or parsing errors when run on M57 patents images. An example error:
Image: Charlie, 2009-12...
2011 Sep 02
1
[PATCH 6/7] hivexml: Report attributes in values instead of text.
Reporting value data in attributes has two advantages:
* The output of hivexml breaks Python expat processing if binary data
makes it out. This was observed in Software hives.
* Not having child text makes room for child elements.
Signed-off-by: Alex Nelson <ajnelson at cs.ucsc.edu>
---
xml/hivexml.c | 25 ++++++++++++++++++++-----
1 files changed, 20 insertions(+)...
2012 Feb 01
1
[PATCH] hivexml
On Tue, Jan 31, 2012 at 12:21:44PM -0500, Todd Mummert wrote:
> I've made some changes to hivexml.c, that I think addresses the
> invalid XML that is being generated (as of version 1.3.3). I'm only
> addressing invalid XML characters in string values and string-lists.
> As I saw mentioned in earlier forum messages
> (https://www.redhat.com/archives/libguestfs/2011-September/m...
2011 Aug 16
1
[PATCH] hivexml: Add root attribute to the root node
New feature: If the root node of the XML root is the hive root node,
denote with attribute/value root="1".
Signed-off-by: Alex Nelson <ajnelson at cs.ucsc.edu>
---
xml/hivexml.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index 2967ac9..f29c80c 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -204,6 +204,10 @@ node_start (hive_h *h, void *writer_v, hive_node_h node, const char *name)
XML_CHECK (xmlTextWrit...
2011 Sep 17
3
[PATCH 1/1] hivexml: Base64-encode non-printable data
Some of the data in names and string values were being unsafely printed,
causing some types of XML processors to fail (e.g. Python's Expat).
This patch checks for printability of each character and outputs base64
with an encoding attribute for unsafe data.
---
xml/hivexml.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++--------
1 files changed, 64 insertions(+), 11 deletions(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index cf11676..110c8fb 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -27,6 +27,7 @@
#include <errno.h>
#include <time.h>...
2010 Mar 19
2
hivexml - Flattened vs. Expanded XML
All,
Greetings. I am new to this mailing list.
We have been working with XML for digital forensics. One of the areas that we wish to create a schema for is the representation of registry entries.
We are interested in hivexml as a tool for extracting the registry as an XML representation.
In our discussion with possible users, we have generally come to the conclusion that it is useful to represent each XML key as a fully expanded path, rather than preserving the tree structure of the registry hive. Although this may se...
2014 Jan 16
2
[PATCH 1/2] hivex: ruby: find files to install in correct directories when building out-of-tree
---
ruby/Makefile.am | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby/Makefile.am b/ruby/Makefile.am
index b6654d3..e78ab59 100644
--- a/ruby/Makefile.am
+++ b/ruby/Makefile.am
@@ -51,7 +51,7 @@ RUBY_SITEARCH := $(shell $(RUBY) -rrbconfig -e "puts RbConfig::CONFIG['sitearchd
install:
$(MKDIR_P) $(DESTDIR)$(RUBY_SITELIB)
$(MKDIR_P)
2011 Sep 17
1
[PATCH 0/1] Base64-encode non-printable data
I expect this patch to require a second version. I mainly wanted to
spur discussion:
* I firmly believe hivexml needs more encoding checks before printing.
Base64 encoding made the most sense as hivexml already uses it
elsewhere. Is this the right direction to go, to escape non-printable
data?
* Should there be an enumeration for encoding decisions? I'm returning
strings because it felt a little like o...
2011 Dec 13
1
[hivex] [PATCH 1/1] hivexml: Change value type output to standard names
Signed-off-by: Alex Nelson <ajnelson at cs.ucsc.edu>
---
xml/hivexml.c | 42 ++++++++++++++++++++++++++++++++++--------
1 files changed, 34 insertions(+), 8 deletions(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index d38e9d4..1a75593 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -247,6 +247,32 @@ node_end (hive_h *h, void *writer_v, hive_node_h node, const...
2011 Dec 08
1
[hivex] [PATCH 8/8] hivexml: Add byte run reporting functions
...value depending on the length of the
value data.
These byte run functions also add additional data sanity checks as a
hive is being parsed, mainly checking that a node address actually
points to a node, and similarly for values.
Signed-off-by: Alex Nelson <ajnelson at cs.ucsc.edu>
---
xml/hivexml.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 95 insertions(+), 9 deletions(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index d38e9d4..6591c98 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -210,6 +210,34 @@ filetime_to_8601 (int64_t windows_ticks)
re...
2011 Dec 13
1
[hivex] [PATCH 0/1] hivexml: Revise type names in output
...es the value type information printed. It is also
somewhat a test of how open to revision the output of a program is
according to RedHat's policies, of which I am not very aware beyond
strongly guaranteeing ABI compatability.
Alex Nelson (1):
Change value type output to standard names
xml/hivexml.c | 42 ++++++++++++++++++++++++++++++++++--------
1 files changed, 34 insertions(+), 8 deletions(-)
--
1.7.6.4
2012 Mar 31
2
[PATCH v6] hivexml: Add byte run reporting functions
...structure within the hive,
one per node, and one or two per value depending on the length of the
value data.
These byte run functions also add additional data sanity checks as a
hive is being parsed, mainly checking that a node address actually
points to a node, and similarly for values.
---
xml/hivexml.c | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 96 insertions(+), 9 deletions(-)
diff --git a/xml/hivexml.c b/xml/hivexml.c
index 54d9049..a4bc7eb 100644
--- a/xml/hivexml.c
+++ b/xml/hivexml.c
@@ -210,11 +210,40 @@ filetime_to_8601 (int64_t windows_ticks)
r...
2009 Oct 29
0
Got Windows guests?
...nvert them to XML:
guestfish -i MyWinGuest --ro <<'EOF'
download win:\windows\system32\config\software software
download win:\windows\system32\config\system system
download win:\windows\system32\config\sam sam
download win:\windows\system32\config\security security
EOF
hivexml software > software.xml
hivexml system > system.xml
hivexml sam > sam.xml
hivexml security > security.xml
Do those commands run without error?
If there's an error, try adding the hivexml -k option.
Does the XML look complete? (Try running the XML through
tidy -xml...
2011 Sep 06
2
[PATCH 0/3] hivex: Improve OS X support
This patch series improves, but does not complete, OS X support for
hivex. There are several outstanding issues before hivexml and hivexsh
can run:
* hivexsh uses open_memstream, which doesn't exist in OS X as near as I
can see. Unfortunately, I'm inexperienced with autoconf, so I'm not
sure how to employ AC_CHECK_FUNCS([open_memstream]) to conditionally add
'sh' to the Makefile.am's SUBDIRS.
* T...