1 | $Id: TODO 241 2011-04-29 21:00:33Z tim $ |
---|
2 | |
---|
3 | If you are interested in contributing to this project, here's a few |
---|
4 | things you could look into: |
---|
5 | |
---|
6 | - Currently there is no way on the command line to search for exotic |
---|
7 | paths/types. For instance, if reglookup encounters an unknown VK |
---|
8 | type, it just prints it out in Hex. However, if you wanted to search |
---|
9 | specifically for that type, there is no way to do it. Similarly, it |
---|
10 | isn't possible to specify certain binary or weird characters in |
---|
11 | paths. Reglookup should take the user path and unquote each path |
---|
12 | component using the \xQQ syntax prior to searching. |
---|
13 | |
---|
14 | - It might be nice to have a way to filter results by security |
---|
15 | descriptor information. Maybe by MTIME as well. |
---|
16 | |
---|
17 | - Testing, testing, and more testing. reglookup needs to be more |
---|
18 | heavily tested on all recent Windows platforms. A regression test |
---|
19 | suite would be nice too. Some thoughts on this include a script |
---|
20 | which randomly fuzzes an existing registry file, and tries to detect |
---|
21 | crashes of reglookup when parsing it. Another test script might |
---|
22 | randomly truncate an existing registry file, which will help improve |
---|
23 | reglookup's parsing on fragmentary files. |
---|
24 | |
---|
25 | - Unicode support still needs improvement. While parsing strings seems |
---|
26 | to be decent, UTF-8 output would be nice. |
---|
27 | |
---|
28 | - Develop and solidify regfi API. Regfi should be better documented and |
---|
29 | eventually needs a set of higher-language wrappers, starting with Python |
---|
30 | and possibly moving on to Perl as well. |
---|
31 | |
---|
32 | - Documentation. The security descriptor output format needs to be |
---|
33 | documented. Also, function contracts should be added to the |
---|
34 | lower-level functions of regfi.c. |
---|
35 | |
---|
36 | - Consider switching from libiconv to Joachim Metz's libuna for |
---|
37 | increased portability and easier builds. |
---|
38 | |
---|
39 | - Grep through the source for 'XXX', and you'll find more. |
---|
40 | |
---|
41 | |
---|
42 | |
---|
43 | 1.0 RELEASE |
---|
44 | =========== |
---|
45 | |
---|
46 | Add fields/methods for accessing security descriptors in pyregfi |
---|
47 | |
---|
48 | Key caching |
---|
49 | |
---|
50 | Add function to obtain path list from iterator |
---|
51 | |
---|
52 | convert MTIME structure to uint64_t if possible |
---|
53 | |
---|
54 | investigate why file descriptors can't be directly used in Windows |
---|
55 | |
---|
56 | Fill in and update remaining regfi/pyregfi API documentation |
---|
57 | |
---|
58 | Possible debian package build rules |
---|
59 | |
---|
60 | Possibly replace reglookup-timeline with something cross-platform |
---|
61 | |
---|
62 | Testing |
---|
63 | Full diffs |
---|
64 | regfi and pyregfi threading |
---|
65 | valgrind in multiple scenarios for reglookup, reglookup-recover |
---|
66 | |
---|