source: releases/0.12.0/src/common.c @ 273

Last change on this file since 273 was 179, checked in by tim, 15 years ago

fixed a bug in time validation that improves recovery rates

  • Property svn:keywords set to Id
File size: 8.7 KB
RevLine 
[111]1/*
[121]2 * This file stores code common to the command line tools.
3 * XXX: This should be converted to a proper library.
[111]4 *
5 * Copyright (C) 2005-2008 Timothy D. Morgan
6 * Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; version 3 of the License.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 
20 *
[121]21 * $Id: common.c 179 2010-03-13 18:00:15Z tim $
[111]22 */
23
24#include <iconv.h>
25iconv_t conv_desc;
26
27const char* key_special_chars = ",\"\\/";
28const char* subfield_special_chars = ",\"\\|";
29const char* common_special_chars = ",\"\\";
30
[179]31#define REGLOOKUP_VERSION "0.12.1-unreleased"
[111]32
[143]33#define REGLOOKUP_EXIT_OK       0
34#define REGLOOKUP_EXIT_OSERR   71
35#define REGLOOKUP_EXIT_USAGE   64
36#define REGLOOKUP_EXIT_DATAERR 65
37#define REGLOOKUP_EXIT_NOINPUT 66
[111]38
[143]39
[111]40void bailOut(int code, char* message)
41{
42  fprintf(stderr, message);
43  exit(code);
44}
45
[138]46void printMsgs(REGFI_FILE* f)
[137]47{
[138]48  char* msgs = regfi_get_messages(f);
[137]49  if(msgs != NULL)
50  {
51    fprintf(stderr, "%s", msgs);
52    free(msgs);
53  }
54}
[111]55
[138]56void clearMsgs(REGFI_FILE* f)
57{
58  char* msgs = regfi_get_messages(f);
59  if(msgs != NULL)
60    free(msgs);
61}
[137]62
[138]63
[111]64/* Returns a newly malloc()ed string which contains original buffer,
65 * except for non-printable or special characters are quoted in hex
66 * with the syntax '\xQQ' where QQ is the hex ascii value of the quoted
67 * character.  A null terminator is added, since only ascii, not binary,
68 * is returned.
69 */
70static char* quote_buffer(const unsigned char* str, 
71                          unsigned int len, const char* special)
72{
73  unsigned int i, added_len;
74  unsigned int num_written = 0;
75
76  unsigned int buf_len = sizeof(char)*(len+1);
[136]77  char* ret_val = NULL; 
[111]78  char* tmp_buf;
79
[136]80  if(buf_len > 0) 
81    ret_val = malloc(buf_len);
[111]82  if(ret_val == NULL)
83    return NULL;
84
85  for(i=0; i<len; i++)
86  {
87    if(buf_len <= (num_written+5))
88    {
89      /* Expand the buffer by the memory consumption rate seen so far
90       * times the amount of input left to process.  The expansion is bounded
91       * below by a minimum safety increase, and above by the maximum possible
92       * output string length.  This should minimize both the number of
93       * reallocs() and the amount of wasted memory.
94       */
95      added_len = (len-i)*num_written/(i+1);
96      if((buf_len+added_len) > (len*4+1))
97        buf_len = len*4+1;
98      else
99      {
100        if (added_len < 5)
101          buf_len += 5;
102        else
103          buf_len += added_len;
104      }
105
106      tmp_buf = realloc(ret_val, buf_len);
107      if(tmp_buf == NULL)
108      {
109        free(ret_val);
110        return NULL;
111      }
112      ret_val = tmp_buf;
113    }
114   
115    if(str[i] < 32 || str[i] > 126 || strchr(special, str[i]) != NULL)
116    {
117      num_written += snprintf(ret_val + num_written, buf_len - num_written,
118                              "\\x%.2X", str[i]);
119    }
120    else
121      ret_val[num_written++] = str[i];
122  }
123  ret_val[num_written] = '\0';
124
125  return ret_val;
126}
127
128
129/* Returns a newly malloc()ed string which contains original string,
130 * except for non-printable or special characters are quoted in hex
131 * with the syntax '\xQQ' where QQ is the hex ascii value of the quoted
132 * character.
133 */
134static char* quote_string(const char* str, const char* special)
135{
136  unsigned int len;
137
138  if(str == NULL)
139    return NULL;
140
141  len = strlen(str);
142  return quote_buffer((const unsigned char*)str, len, special);
143}
144
145
146/*
147 * Convert a data value to a string for display.  Returns NULL on error,
148 * and the string to display if there is no error, or a non-fatal
149 * error.  On any error (fatal or non-fatal) occurs, (*error_msg) will
150 * be set to a newly allocated string, containing an error message.  If
151 * a memory allocation failure occurs while generating the error
152 * message, both the return value and (*error_msg) will be NULL.  It
153 * is the responsibility of the caller to free both a non-NULL return
154 * value, and a non-NULL (*error_msg).
155 */
[159]156static char* data_to_ascii(REGFI_DATA* data, char** error_msg)
[111]157{
[159]158  char* ret_val;
[111]159  char* cur_quoted;
[159]160  char* tmp_ptr;
161  char* delim;
[168]162  uint32_t ret_val_left, i, tmp_len;
[111]163
[159]164  if(data == NULL || data->size == 0)
[111]165  {
[159]166    *error_msg = (char*)malloc(37);
[111]167    if(*error_msg == NULL)
168      return NULL;
[159]169    strcpy(*error_msg, "Data pointer was NULL or size was 0.");
[111]170    return NULL;
171  }
172  *error_msg = NULL;
173
[159]174
175  if(data->interpreted_size == 0)
[111]176  {
[159]177    *error_msg = (char*)malloc(51);
178    if(*error_msg == NULL)
179      return NULL;
180    strcpy(*error_msg, "Data could not be interpreted, quoting raw buffer.");
[171]181    return quote_buffer(data->raw, data->size, subfield_special_chars);
[159]182  }
183
184  switch (data->type) 
185  {
[111]186  case REG_SZ:
[159]187    ret_val = quote_string((char*)data->interpreted.string, common_special_chars);
188    if(ret_val == NULL && (*error_msg = (char*)malloc(49)) != NULL)
189        strcpy(*error_msg, "Buffer could not be quoted due to unknown error.");
190
191    return ret_val;
192    break;
193
194   
[111]195  case REG_EXPAND_SZ:
[159]196    ret_val = quote_string((char*)data->interpreted.expand_string, 
197                           common_special_chars);
198    if(ret_val == NULL && (*error_msg = (char*)malloc(49)) != NULL)
199        strcpy(*error_msg, "Buffer could not be quoted due to unknown error.");
200
201    return ret_val;
202    break;
203
[111]204  case REG_LINK:
[159]205    ret_val = quote_string((char*)data->interpreted.link, common_special_chars);
206    if(ret_val == NULL && (*error_msg = (char*)malloc(49)) != NULL)
[126]207        strcpy(*error_msg, "Buffer could not be quoted due to unknown error.");
[159]208
209    return ret_val;
[111]210    break;
211
212  case REG_DWORD:
[159]213    ret_val = malloc(sizeof(char)*(8+2+1));
214    if(ret_val == NULL)
[111]215      return NULL;
216
[159]217    sprintf(ret_val, "0x%.8X", data->interpreted.dword);
218    return ret_val;
[111]219    break;
220
221  case REG_DWORD_BE:
[159]222    ret_val = malloc(sizeof(char)*(8+2+1));
223    if(ret_val == NULL)
[111]224      return NULL;
225
[159]226    sprintf(ret_val, "0x%.8X", data->interpreted.dword_be);
227    return ret_val;
[111]228    break;
229
230  case REG_QWORD:
[159]231    ret_val = malloc(sizeof(char)*(16+2+1));
232    if(ret_val == NULL)
[111]233      return NULL;
234
[159]235    sprintf(ret_val, "0x%.16llX", 
236            (long long unsigned int)data->interpreted.qword);
237    return ret_val;
[111]238    break;
[159]239
[111]240  case REG_MULTI_SZ:
[159]241    ret_val_left = data->interpreted_size*4+1;
242    ret_val = malloc(ret_val_left);
243    if(ret_val == NULL)
[111]244      return NULL;
245
[159]246    tmp_ptr = ret_val;
247    tmp_ptr[0] = '\0';
248    delim = "";
249    for(i=0; data->interpreted.multiple_string[i] != NULL; i++)
[111]250    {
[159]251      cur_quoted = quote_string((char*)data->interpreted.multiple_string[i],
252                                subfield_special_chars);
253      if(cur_quoted != NULL && cur_quoted[0] != '\0')
[136]254      {
[159]255        tmp_len = snprintf(tmp_ptr, ret_val_left, "%s%s",delim, cur_quoted);
256        tmp_ptr += tmp_len;
257        ret_val_left -= tmp_len;
258        free(cur_quoted);
[136]259      }
[159]260      delim = "|";
[126]261    }
262
[159]263    return ret_val;
[111]264    break;
265
266   
267  case REG_NONE:
[159]268    return quote_buffer(data->interpreted.none, data->interpreted_size,
269                        common_special_chars);
270
271    break;
272
[111]273  case REG_RESOURCE_LIST:
[159]274    return quote_buffer(data->interpreted.resource_list, data->interpreted_size,
275                        common_special_chars);
276
277    break;
278
[111]279  case REG_FULL_RESOURCE_DESCRIPTOR:
[159]280    return quote_buffer(data->interpreted.full_resource_descriptor, 
281                        data->interpreted_size, common_special_chars);
282
283    break;
284
[111]285  case REG_RESOURCE_REQUIREMENTS_LIST:
[159]286    return quote_buffer(data->interpreted.resource_requirements_list,
287                        data->interpreted_size, common_special_chars);
[111]288
[159]289    break;
290
[111]291  case REG_BINARY:
[159]292    return quote_buffer(data->interpreted.binary, data->interpreted_size,
293                        common_special_chars);
294
[111]295    break;
[159]296
297  default:
298    /* This shouldn't happen, since the regfi routines won't interpret
299     * unknown types, but just as a safety measure against library changes...
300     */
301    *error_msg = (char*)malloc(65);
302    if(*error_msg == NULL)
303      return NULL;
304    sprintf(*error_msg,
305            "Unrecognized registry data type (0x%.8X); quoting as binary.",
306            data->type);
307    return quote_buffer(data->raw, data->size, common_special_chars);
[111]308  }
[159]309   
[111]310  return NULL;
311}
[172]312
313
314static char* get_quoted_keyname(const REGFI_NK_REC* nk)
315{
316  char* ret_val;
317
318  if(nk->keyname == NULL)
319    ret_val = quote_buffer(nk->keyname_raw, nk->name_length, key_special_chars);
320  else
321    ret_val = quote_string(nk->keyname, key_special_chars);
322
323  return ret_val;
324}
325
326
327static char* get_quoted_valuename(const REGFI_VK_REC* vk)
328{
329  char* ret_val;
330
331  if(vk->valuename == NULL)
332    ret_val = quote_buffer(vk->valuename_raw, vk->name_length, 
333                           key_special_chars);
334  else
335    ret_val = quote_string(vk->valuename, key_special_chars);
336
337  return ret_val;
338}
Note: See TracBrowser for help on using the repository browser.