Displaying 20 results from an estimated 21 matches for "ntreg_vk_record".
Did you mean:
ntreg_nk_record
2014 Jan 13
1
[PATCH 2/7 take 2] lib: Use vk->len for string conversion
---
lib/value.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/lib/value.c b/lib/value.c
index 65404d7..7b2e9d3 100644
--- a/lib/value.c
+++ b/lib/value.c
@@ -207,14 +207,14 @@ hivex_value_key (hive_h *h, hive_value_h value)
struct ntreg_vk_record *vk =
(struct ntreg_vk_record *) ((char *) h->addr + value);
- /* AFAIK the key is always plain ASCII, so no conversion to UTF-8 is
- * necessary. However we do need to nul-terminate the string.
- */
- errno = 0;
- size_t len = hivex_value_key_len (h, value);
- if (len == 0 &...
2011 Sep 02
1
[PATCH 2/7] hivex: Split value_key function into value_key and value_key_len
...*
-hivex_value_key (hive_h *h, hive_value_h value)
+size_t
+hivex_value_key_len (hive_h *h, hive_value_h value)
{
if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) {
errno = EINVAL;
@@ -1199,23 +1199,38 @@ hivex_value_key (hive_h *h, hive_value_h value)
struct ntreg_vk_record *vk = (struct ntreg_vk_record *) (h->addr + value);
- /* AFAIK the key is always plain ASCII, so no conversion to UTF-8 is
- * necessary. However we do need to nul-terminate the string.
- */
-
/* vk->name_len is unsigned, 16 bit, so this is safe ... However
* we have to make s...
2014 Jan 13
3
Re: [PATCH 2/7] lib: Use vk->len for string conversion
...lib/value.c | 8 +-------
> 1 file changed, 1 insertion(+), 7 deletions(-)
>
> diff --git a/lib/value.c b/lib/value.c
> index 65404d7..e700c84 100644
> --- a/lib/value.c
> +++ b/lib/value.c
> @@ -207,14 +207,8 @@ hivex_value_key (hive_h *h, hive_value_h value)
> struct ntreg_vk_record *vk =
> (struct ntreg_vk_record *) ((char *) h->addr + value);
>
> - /* AFAIK the key is always plain ASCII, so no conversion to UTF-8 is
> - * necessary. However we do need to nul-terminate the string.
> - */
> - errno = 0;
> - size_t len = hivex_value_key_le...
2013 Nov 25
1
[PATCH 3/3, take 2] lib: Add support for creating nodes (keys) and values with UTF-16LE-encoded names
...en);
return nkoffset;
}
@@ -942,7 +954,12 @@ hivex_node_set_values (hive_h *h, hive_node_h node,
for (i = 0; i < nr_values; ++i) {
/* Allocate vk record to store this (key, value) pair. */
static const char vk_id[2] = { 'v', 'k' };
- seg_len = sizeof (struct ntreg_vk_record) + strlen (values[i].key);
+ size_t name_len = strlen (values[i].key);
+ size_t recoded_name_len;
+ int use_utf16;
+ char* recoded_name = _hivex_encode_string (values[i].key, &recoded_name_len,
+ &use_utf16);
+ seg_len = sizeof (s...
2013 Nov 25
3
Re: [PATCH 3/3] lib: Add support for creating nodes (keys) and values with UTF-16LE-encoded names
...; }
> @@ -942,7 +954,12 @@ hivex_node_set_values (hive_h *h, hive_node_h node,
> for (i = 0; i < nr_values; ++i) {
> /* Allocate vk record to store this (key, value) pair. */
> static const char vk_id[2] = { 'v', 'k' };
> - seg_len = sizeof (struct ntreg_vk_record) + strlen (values[i].key);
> + size_t name_len = strlen (values[i].key);
> + size_t recoded_name_len;
> + int use_utf16;
> + char* recoded_name = _hivex_encode_string (values[i].key, &recoded_name_len,
> + &use_utf16);...
2013 Nov 24
4
[PATCH 1/3] lib: Further generalize iconv wrapper function.
---
lib/hivex-internal.h | 8 +++++---
lib/utf16.c | 11 +++++++----
2 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/lib/hivex-internal.h b/lib/hivex-internal.h
index 4135f58..64fd49a 100644
--- a/lib/hivex-internal.h
+++ b/lib/hivex-internal.h
@@ -268,11 +268,13 @@ extern size_t * _hivex_return_offset_list (offset_list *list);
extern void _hivex_print_offset_list
2013 Nov 24
0
[PATCH 3/3] lib: Add support for creating nodes (keys) and values with UTF-16LE-encoded names
...en);
return nkoffset;
}
@@ -942,7 +954,12 @@ hivex_node_set_values (hive_h *h, hive_node_h node,
for (i = 0; i < nr_values; ++i) {
/* Allocate vk record to store this (key, value) pair. */
static const char vk_id[2] = { 'v', 'k' };
- seg_len = sizeof (struct ntreg_vk_record) + strlen (values[i].key);
+ size_t name_len = strlen (values[i].key);
+ size_t recoded_name_len;
+ int use_utf16;
+ char* recoded_name = _hivex_encode_string (values[i].key, &recoded_name_len,
+ &use_utf16);
+ seg_len = sizeof (s...
2011 Aug 31
1
[PATCH] hivex: Add byte runs for nodes and values
...r *
-hivex_value_key (hive_h *h, hive_value_h value)
+size_t
+hivex_value_struct_length (hive_h *h, hive_value_h value) {
+ size_t key_len = hivex_value_key_len (h, value);
+ if (errno)
+ return 0;
+ /* -1 to avoid double-counting the first name character */
+ return key_len + sizeof (struct ntreg_vk_record) - 1;
+}
+
+size_t
+hivex_value_key_len (hive_h *h, hive_value_h value)
{
if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) {
errno = EINVAL;
@@ -1199,24 +1232,39 @@ hivex_value_key (hive_h *h, hive_value_h value)
struct ntreg_vk_record *vk = (struct ntreg_vk_...
2014 Jan 10
0
[PATCH 2/7] lib: Use vk->len for string conversion
---
lib/value.c | 8 +-------
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/lib/value.c b/lib/value.c
index 65404d7..e700c84 100644
--- a/lib/value.c
+++ b/lib/value.c
@@ -207,14 +207,8 @@ hivex_value_key (hive_h *h, hive_value_h value)
struct ntreg_vk_record *vk =
(struct ntreg_vk_record *) ((char *) h->addr + value);
- /* AFAIK the key is always plain ASCII, so no conversion to UTF-8 is
- * necessary. However we do need to nul-terminate the string.
- */
- errno = 0;
- size_t len = hivex_value_key_len (h, value);
- if (len == 0 &...
2011 Oct 19
0
[hivex][PATCH 3/8] hivex: Add offset-&-length function for long value data
...et (hive_h *h, hive_value_h value, size_t *len)
+{
+ if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) {
+ errno = EINVAL;
+ return 0;
+ }
+
+ if (h->msglvl >= 2)
+ fprintf (stderr, "hivex_value_data_cell_offset: value=0x%zx\n", value);
+ struct ntreg_vk_record *vk = (struct ntreg_vk_record *) (h->addr + value);
+
+ size_t data_len;
+ int is_inline;
+
+ data_len = le32toh (vk->data_len);
+ is_inline = !!(data_len & 0x80000000);
+ data_len &= 0x7fffffff;
+
+ if (h->msglvl >= 2)
+ fprintf (stderr, "hivex_value_data_cell_off...
2011 Dec 08
0
[hivex] [PATCH 3/8] hivex: Add offset-&-length function for long value data
...et (hive_h *h, hive_value_h value, size_t *len)
+{
+ if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) {
+ errno = EINVAL;
+ return 0;
+ }
+
+ if (h->msglvl >= 2)
+ fprintf (stderr, "hivex_value_data_cell_offset: value=0x%zx\n", value);
+ struct ntreg_vk_record *vk = (struct ntreg_vk_record *) (h->addr + value);
+
+ size_t data_len;
+ int is_inline;
+
+ data_len = le32toh (vk->data_len);
+ is_inline = !!(data_len & 0x80000000);
+ data_len &= 0x7fffffff;
+
+ if (h->msglvl >= 2)
+ fprintf (stderr, "hivex_value_data_cell_off...
2011 Sep 02
1
[PATCH 5/7] hivex: Add offset-&-length function for long value data
...ive_h *h, hive_value_h value, hive_type *t, size_t *len)
return 0;
}
+hive_value_h
+hivex_value_data_cell_offset (hive_h *h, hive_value_h value, size_t *len)
+{
+ if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) {
+ errno = EINVAL;
+ return 0;
+ }
+
+ struct ntreg_vk_record *vk = (struct ntreg_vk_record *) (h->addr + value);
+
+ size_t data_len;
+ int is_inline;
+
+ data_len = le32toh (vk->data_len);
+ is_inline = !!(data_len & 0x80000000);
+ data_len &= 0x7fffffff;
+
+ if (is_inline && data_len > 4) {
+ errno = ENOTSUP;
+ return 0...
2011 Sep 02
1
[PATCH 4/7] hivex: Add metadata length functions for nodes and values
...(hive_h *h, hive_node_h node, const char *key)
}
size_t
+hivex_value_struct_length (hive_h *h, hive_value_h value) {
+ size_t key_len = hivex_value_key_len (h, value);
+ if (errno)
+ return 0;
+ /* -1 to avoid double-counting the first name character */
+ return key_len + sizeof (struct ntreg_vk_record) - 1;
+}
+
+size_t
hivex_value_key_len (hive_h *h, hive_value_h value)
{
if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) {
--
1.7.6
2013 Jul 25
19
[PATCH hivex 00/19] Fix read/write handling of li-records.
This is, hopefully, a full fix for handling of li-records.
See:
https://bugzilla.redhat.com/show_bug.cgi?id=717583
https://bugzilla.redhat.com/show_bug.cgi?id=987463
Rich.
2010 Jul 22
0
Fwd: [PATCH hivex] non-ASCII characters in node names
..._h node, const char *key)
char *
hivex_value_key (hive_h *h, hive_value_h value)
{
+ iconv_t ic;
if (!IS_VALID_BLOCK (h, value) || !BLOCK_ID_EQ (h, value, "vk")) {
errno = EINVAL;
return 0;
@@ -1120,10 +1119,6 @@ hivex_value_key (hive_h *h, hive_value_h value)
struct ntreg_vk_record *vk = (struct ntreg_vk_record *) (h->addr + value);
- /* AFAIK the key is always plain ASCII, so no conversion to UTF-8 is
- * necessary. However we do need to nul-terminate the string.
- */
-
/* vk->name_len is unsigned, 16 bit, so this is safe ... However
* we have to make s...
2014 Jan 10
14
[PATCH 1/7] Add a minimal hive with "special" keys and values
---
images/README | 14 ++++++++++++
images/mkzero/Makefile | 9 ++++++++
images/mkzero/mkzero.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++
images/special | Bin 0 -> 8192 bytes
4 files changed, 82 insertions(+)
create mode 100644 images/mkzero/Makefile
create mode 100644 images/mkzero/mkzero.c
create mode 100644 images/special
diff --git a/images/README
2014 Jan 08
5
hivex: Make node names and value names with embedded null characters accessible
On Windows, there exist at least two APIs for dealing with the
Registry: The Win32 API (RegCreateKeyA, RegCreateKeyW, etc.) works
with null-terminated ASCII or UTF-16 strings. The native API
(ZwCreateKey, etc.), on the other hand works with UTF-16 strings that
are stored as buffers+length and may contain null characters. Malware
authors have been relying on the Win32 API's inability to
2018 Feb 09
3
[PATCH] Add a cache for iconv_t handles to hive_t
...name_len;
int use_utf16;
- char* recoded_name = _hivex_encode_string (values[i].key, &recoded_name_len,
+ char* recoded_name = _hivex_encode_string (h, values[i].key, &recoded_name_len,
&use_utf16);
seg_len = sizeof (struct ntreg_vk_record) + recoded_name_len;
size_t vk_offs = allocate_block (h, seg_len, vk_id);
--
2.11.0
2018 Feb 09
0
Re: [PATCH] Add a cache for iconv_t handles to hive_t
...se_utf16;
> - char* recoded_name = _hivex_encode_string (values[i].key, &recoded_name_len,
> + char* recoded_name = _hivex_encode_string (h, values[i].key, &recoded_name_len,
> &use_utf16);
> seg_len = sizeof (struct ntreg_vk_record) + recoded_name_len;
> size_t vk_offs = allocate_block (h, seg_len, vk_id);
The rest looks OK.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machine...
2018 Feb 09
2
[PATCH] Add a cache for iconv_t handles to hive_t
...name_len;
int use_utf16;
- char* recoded_name = _hivex_encode_string (values[i].key, &recoded_name_len,
+ char* recoded_name = _hivex_encode_string (h, values[i].key, &recoded_name_len,
&use_utf16);
seg_len = sizeof (struct ntreg_vk_record) + recoded_name_len;
size_t vk_offs = allocate_block (h, seg_len, vk_id);
diff --git a/m4/.gitignore b/m4/.gitignore
index 05ca27c..a19035c 100644
--- a/m4/.gitignore
+++ b/m4/.gitignore
@@ -138,3 +138,5 @@
/xalloc.m4
/xsize.m4
/xstrtol.m4
+/thread.m4
+/yield.m4
--
2.11.0