[12] | 1 | $Id: TODO 122 2008-08-09 20:24:01Z tim $ |
---|
| 2 | |
---|
| 3 | If you are interested in contributing to this project, here's a few |
---|
| 4 | things you could look into: |
---|
| 5 | |
---|
[122] | 6 | - Currently there is no way on the command line to search for exotic |
---|
| 7 | paths/types. For instance, if reglookup encounters an unknown VK |
---|
| 8 | type, it just prints it out in Hex. However, if you wanted to search |
---|
| 9 | specifically for that type, there is no way to do it. Similarly, it |
---|
| 10 | isn't possible to specify certain binary or weird characters in |
---|
| 11 | paths. Reglookup should take the user path and unquote each path |
---|
| 12 | component using the \xQQ syntax prior to searching. |
---|
| 13 | |
---|
[12] | 14 | - Testing, testing, and more testing. reglookup needs to be tested on |
---|
[86] | 15 | NT/XP/2k3/Vista. A regression test suite would be nice too. Some |
---|
| 16 | thoughts on this include a script which randomly fuzzes an existing |
---|
| 17 | registry file, and tries to detect crashes of reglookup when parsing |
---|
| 18 | it. Another test script might randomly truncate an existing registry |
---|
| 19 | file, which will help improve reglookup's parsing on fragmentary |
---|
| 20 | files. |
---|
[12] | 21 | |
---|
| 22 | - Build system. I do not wish to use automake/autoconf in this |
---|
[49] | 23 | project. I have also now decided that make is painful to use for |
---|
| 24 | everything. I'd like to switch to a suite of shell scripts driven by |
---|
| 25 | minimal make rules. If you got any ideas on this, shoot them my way. |
---|
[12] | 26 | |
---|
[86] | 27 | - Unicode support still needs improvement. While parsing strings seems |
---|
| 28 | to be decent, UTF-8 output would be nice. |
---|
[12] | 29 | |
---|
[86] | 30 | - The interface between reglookup.c and regfi.c is much better than it |
---|
| 31 | used to be, but the iter2Stack function needs to be moved into the |
---|
| 32 | library, which means the \xQQ quoting syntax will have to go with it. |
---|
| 33 | This syntax will need to be more carefully documented if it's going |
---|
| 34 | to be a part of the library. |
---|
[49] | 35 | |
---|
[86] | 36 | - NK/VK/SK record caching. Right now, HBINs and perhaps SK records are |
---|
| 37 | cached, but it's pretty haphazard, and NK/VK records are repeatedly |
---|
| 38 | re-parsed. A generic caching library should be introduced which can |
---|
| 39 | cache many of these records with a specific memory limit in mind. |
---|
| 40 | I think this will speed things up greatly. |
---|
| 41 | |
---|
| 42 | - It might be nice to have a way to filter results by security |
---|
[122] | 43 | descriptor information. Maybe by MTIME as well. |
---|
[86] | 44 | |
---|
| 45 | - Documentation. The security descriptor output format needs to be |
---|
| 46 | documented. Also, function contracts should be added to the |
---|
| 47 | lower-level functions of regfi.c. |
---|
| 48 | |
---|
[49] | 49 | - The stuff in smb_deps.h and smb_deps.c needs to be cleaned up. The |
---|
[86] | 50 | eventual goal is to have it all either integrated into regfi, or to |
---|
[49] | 51 | be eliminated, or broken out into small supporting libraries, as |
---|
| 52 | necessary. It is currently just a jumble of old Samba code that I |
---|
| 53 | haven't decided where to put yet. |
---|
| 54 | |
---|
[86] | 55 | - At least one user reported that they use reglookup on a Windows host |
---|
| 56 | through Cygwin, but after version 0.3.0 came out, the dependency on |
---|
| 57 | libiconv caused that to break. libiconv seems to be a portability |
---|
| 58 | issue on other platforms as well. However, it's interface is a POSIX |
---|
| 59 | standard, and I think I'd like to keep it around. Perhaps it would |
---|
| 60 | be nice if reglookup could be cross-compiled using MinGW. Then a |
---|
| 61 | binary could be distributed for that platform. This app was never |
---|
| 62 | meant for Windows though, so this isn't a high priority. |
---|
| 63 | |
---|
[12] | 64 | - Grep through the source for 'XXX', and you'll find more. |
---|