Context Navigation

source: trunk/lib/regfio.c @ 59

Last change on this file since 59 was 59, checked in by tim, 19 years ago

Updated version

Code format cleanup, some comments added.

Property svn:keywords set to Id

File size: 37.2 KB

Rev	Line
[30]	1	/*
	2	* Branched from Samba project Subversion repository, version #7470:
	3	* http://websvn.samba.org/cgi-bin/viewcvs.cgi/trunk/source/registry/regfio.c
	4	*
	5	* Unix SMB/CIFS implementation.
	6	* Windows NT registry I/O library
	7	*
	8	* Copyright (C) 2005 Timothy D. Morgan
	9	* Copyright (C) 2005 Gerald (Jerry) Carter
	10	*
	11	* This program is free software; you can redistribute it and/or modify
	12	* it under the terms of the GNU General Public License as published by
	13	* the Free Software Foundation; version 2 of the License.
	14	*
	15	* This program is distributed in the hope that it will be useful,
	16	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	17	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	18	* GNU General Public License for more details.
	19	*
	20	* You should have received a copy of the GNU General Public License
	21	* along with this program; if not, write to the Free Software
	22	* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	23	*
	24	* $Id: regfio.c 59 2005-10-03 01:26:12Z tim $
	25	*/
	26
	27	#include "../include/regfio.h"
	28
	29
	30
[32]	31	/* Registry types mapping */
	32	const VAL_STR reg_type_names[] =
	33	{
	34	{ REG_SZ, "SZ" },
	35	{ REG_EXPAND_SZ, "EXPAND_SZ" },
[41]	36	{ REG_BINARY, "BINARY" },
[32]	37	{ REG_DWORD, "DWORD" },
	38	{ REG_DWORD_BE, "DWORD_BE" },
	39	{ REG_LINK, "LINK" },
	40	{ REG_MULTI_SZ, "MULTI_SZ" },
	41	{ REG_RESOURCE_LIST, "RSRC_LIST" },
	42	{ REG_FULL_RESOURCE_DESCRIPTOR, "RSRC_DESC" },
	43	{ REG_RESOURCE_REQUIREMENTS_LIST,"RSRC_REQ_LIST"},
	44	{ REG_KEY, "KEY" },
	45	{ 0, NULL },
	46	};
[30]	47
[32]	48
	49	/* Returns NULL on error */
[41]	50	const char* regfio_type_val2str(unsigned int val)
[32]	51	{
	52	int i;
	53
	54	for(i=0; reg_type_names[i].val && reg_type_names[i].str; i++)
	55	if (reg_type_names[i].val == val)
	56	return reg_type_names[i].str;
	57
	58	return NULL;
	59	}
	60
	61
	62	/* Returns 0 on error */
[41]	63	int regfio_type_str2val(const char* str)
[32]	64	{
	65	int i;
	66
	67	for(i=0; reg_type_names[i].val && reg_type_names[i].str; i++)
	68	if (strcmp(reg_type_names[i].str, str) == 0)
	69	return reg_type_names[i].val;
	70
	71	return 0;
	72	}
	73
	74
[53]	75	/* Security descriptor parsing functions */
	76
	77	const char* regfio_ace_type2str(uint8 type)
	78	{
	79	static const char* map[7]
	80	= {"ALLOW", "DENY", "AUDIT", "ALARM",
	81	"ALLOW CPD", "OBJ ALLOW", "OBJ DENY"};
	82	if(type < 7)
	83	return map[type];
	84	else
	85	/* XXX: would be nice to return the unknown integer value.
	86	* However, as it is a const string, it can't be free()ed later on,
	87	* so that would need to change.
	88	*/
	89	return "UNKNOWN";
	90	}
	91
	92
	93	/* XXX: this could probably be more efficient */
	94	char* regfio_ace_flags2str(uint8 flags)
	95	{
	96	char* flg_output = malloc(21*sizeof(char));
	97	int some = 0;
	98
	99	if(flg_output == NULL)
	100	return NULL;
	101
	102	flg_output[0] = '\0';
	103	if (!flags)
	104	return flg_output;
	105
	106	if (flags & 0x01) {
	107	if (some) strcat(flg_output, " ");
	108	some = 1;
	109	strcat(flg_output, "OI");
	110	}
	111	if (flags & 0x02) {
	112	if (some) strcat(flg_output, " ");
	113	some = 1;
	114	strcat(flg_output, "CI");
	115	}
	116	if (flags & 0x04) {
	117	if (some) strcat(flg_output, " ");
	118	some = 1;
	119	strcat(flg_output, "NP");
	120	}
	121	if (flags & 0x08) {
	122	if (some) strcat(flg_output, " ");
	123	some = 1;
	124	strcat(flg_output, "IO");
	125	}
	126	if (flags & 0x10) {
	127	if (some) strcat(flg_output, " ");
	128	some = 1;
	129	strcat(flg_output, "IA");
	130	}
[59]	131	/* XXX: Is this check right? 0xF == 1\|2\|4\|8, which makes it redundant... */
[53]	132	if (flags == 0xF) {
	133	if (some) strcat(flg_output, " ");
	134	some = 1;
	135	strcat(flg_output, "VI");
	136	}
	137
	138	return flg_output;
	139	}
	140
	141
	142	char* regfio_ace_perms2str(uint32 perms)
	143	{
	144	char* ret_val = malloc(9*sizeof(char));
	145	if(ret_val == NULL)
	146	return NULL;
	147
	148	/* XXX: this should probably be parsed better */
	149	sprintf(ret_val, "%.8X", perms);
	150
	151	return ret_val;
	152	}
	153
	154
	155	char* regfio_sid2str(DOM_SID* sid)
	156	{
	157	uint32 i, size = MAXSUBAUTHS*11 + 24;
	158	uint32 left = size;
	159	uint8 comps = sid->num_auths;
	160	char* ret_val = malloc(size);
	161
	162	if(ret_val == NULL)
	163	return NULL;
	164
	165	if(comps > MAXSUBAUTHS)
	166	comps = MAXSUBAUTHS;
	167
	168	left -= sprintf(ret_val, "S-%u-%u", sid->sid_rev_num, sid->id_auth[5]);
	169
	170	for (i = 0; i < comps; i++)
	171	left -= snprintf(ret_val+(size-left), left, "-%u", sid->sub_auths[i]);
	172
	173	return ret_val;
	174	}
	175
	176
	177	char* regfio_get_acl(SEC_ACL* acl)
	178	{
	179	uint32 i, extra, size = 0;
	180	const char* type_str;
	181	char* flags_str;
	182	char* perms_str;
	183	char* sid_str;
	184	char* ret_val = NULL;
	185	char* ace_delim = "";
	186	char field_delim = ':';
	187
	188	for (i = 0; i < acl->num_aces; i++)
	189	{
	190	sid_str = regfio_sid2str(&acl->ace[i].trustee);
	191	type_str = regfio_ace_type2str(acl->ace[i].type);
	192	perms_str = regfio_ace_perms2str(acl->ace[i].info.mask);
	193	flags_str = regfio_ace_flags2str(acl->ace[i].flags);
	194
	195	if(flags_str == NULL \|\| perms_str == NULL
	196	\|\| type_str == NULL \|\| sid_str == NULL)
	197	return NULL;
	198
	199	/* XXX: this is slow */
	200	extra = strlen(sid_str) + strlen(type_str)
	201	+ strlen(perms_str) + strlen(flags_str)+5;
	202	ret_val = realloc(ret_val, size+extra);
	203	if(ret_val == NULL)
	204	return NULL;
	205	size += snprintf(ret_val+size, extra, "%s%s%c%s%c%s%c%s",
	206	ace_delim,sid_str,
	207	field_delim,type_str,
	208	field_delim,perms_str,
	209	field_delim,flags_str);
	210	ace_delim = "\|";
	211	free(sid_str);
	212	free(perms_str);
	213	free(flags_str);
	214	}
	215
	216	return ret_val;
	217	}
	218
	219
	220	char* regfio_get_sacl(SEC_DESC *sec_desc)
	221	{
	222	if (sec_desc->sacl)
	223	return regfio_get_acl(sec_desc->sacl);
	224	else
	225	return NULL;
	226	}
	227
	228
	229	char* regfio_get_dacl(SEC_DESC *sec_desc)
	230	{
	231	if (sec_desc->dacl)
	232	return regfio_get_acl(sec_desc->dacl);
	233	else
	234	return NULL;
	235	}
	236
	237
	238	char* regfio_get_owner(SEC_DESC *sec_desc)
	239	{
	240	return regfio_sid2str(sec_desc->owner_sid);
	241	}
	242
	243
	244	char* regfio_get_group(SEC_DESC *sec_desc)
	245	{
	246	return regfio_sid2str(sec_desc->grp_sid);
	247	}
	248
	249
	250
[30]	251	/*******************************************************************
[31]	252	*******************************************************************/
[30]	253	static int read_block( REGF_FILE file, prs_struct ps, uint32 file_offset,
	254	uint32 block_size )
	255	{
[31]	256	int bytes_read, returned;
	257	char *buffer;
	258	SMB_STRUCT_STAT sbuf;
[30]	259
[31]	260	/* check for end of file */
[30]	261
[31]	262	if ( fstat( file->fd, &sbuf ) ) {
	263	/DEBUG(0,("read_block: stat() failed! (%s)\n", strerror(errno)));/
	264	return -1;
	265	}
[30]	266
[31]	267	if ( (size_t)file_offset >= sbuf.st_size )
	268	return -1;
[30]	269
[31]	270	/* if block_size == 0, we are parsnig HBIN records and need
	271	to read some of the header to get the block_size from there */
[30]	272
[31]	273	if ( block_size == 0 ) {
	274	uint8 hdr[0x20];
[30]	275
[31]	276	if ( lseek( file->fd, file_offset, SEEK_SET ) == -1 ) {
	277	/DEBUG(0,("read_block: lseek() failed! (%s)\n", strerror(errno) ));/
	278	return -1;
	279	}
[30]	280
[31]	281	returned = read( file->fd, hdr, 0x20 );
	282	if ( (returned == -1) \|\| (returned < 0x20) ) {
	283	/DEBUG(0,("read_block: failed to read in HBIN header. Is the file corrupt?\n"));/
	284	return -1;
	285	}
[30]	286
[31]	287	/* make sure this is an hbin header */
[30]	288
[53]	289	if ( strncmp( (char*)hdr, "hbin", HBIN_HDR_SIZE ) != 0 ) {
[31]	290	/DEBUG(0,("read_block: invalid block header!\n"));/
	291	return -1;
	292	}
[30]	293
[31]	294	block_size = IVAL( hdr, 0x08 );
	295	}
[30]	296
[31]	297	/DEBUG(10,("read_block: block_size == 0x%x\n", block_size ));/
[30]	298
[31]	299	/* set the offset, initialize the buffer, and read the block from disk */
[30]	300
[31]	301	if ( lseek( file->fd, file_offset, SEEK_SET ) == -1 ) {
	302	/DEBUG(0,("read_block: lseek() failed! (%s)\n", strerror(errno) ));/
	303	return -1;
	304	}
[30]	305
[31]	306	prs_init( ps, block_size, file->mem_ctx, UNMARSHALL );
	307	buffer = ps->data_p;
	308	bytes_read = returned = 0;
[30]	309
[32]	310	while ( bytes_read < block_size )
	311	{
	312	if((returned =
	313	read(file->fd, buffer+bytes_read, block_size-bytes_read)) == -1)
	314	{
[31]	315	/DEBUG(0,("read_block: read() failed (%s)\n", strerror(errno) ));/
	316	return false;
	317	}
[32]	318	if ((returned == 0) && (bytes_read < block_size))
	319	{
[31]	320	/DEBUG(0,("read_block: not a vald registry file ?\n" ));/
	321	return false;
	322	}
[32]	323
[31]	324	bytes_read += returned;
	325	}
[30]	326
[31]	327	return bytes_read;
[30]	328	}
	329
	330
	331	/*******************************************************************
[31]	332	*******************************************************************/
[53]	333	static bool prs_regf_block(const char desc, prs_struct ps,
	334	int depth, REGF_FILE *file)
[30]	335	{
[31]	336	depth++;
[30]	337
[53]	338	if(!prs_uint8s(true, "header", ps, depth, file->header, sizeof(file->header)))
[31]	339	return false;
[30]	340
[31]	341	/* yes, these values are always identical so store them only once */
[30]	342
[31]	343	if ( !prs_uint32( "unknown1", ps, depth, &file->unknown1 ))
	344	return false;
	345	if ( !prs_uint32( "unknown1 (again)", ps, depth, &file->unknown1 ))
	346	return false;
[30]	347
[31]	348	/* get the modtime */
[30]	349
[31]	350	if ( !prs_set_offset( ps, 0x0c ) )
	351	return false;
	352	if ( !smb_io_time( "modtime", &file->mtime, ps, depth ) )
	353	return false;
[30]	354
[31]	355	/* constants */
[30]	356
[31]	357	if ( !prs_uint32( "unknown2", ps, depth, &file->unknown2 ))
	358	return false;
	359	if ( !prs_uint32( "unknown3", ps, depth, &file->unknown3 ))
	360	return false;
	361	if ( !prs_uint32( "unknown4", ps, depth, &file->unknown4 ))
	362	return false;
	363	if ( !prs_uint32( "unknown5", ps, depth, &file->unknown5 ))
	364	return false;
[30]	365
[31]	366	/* get file offsets */
[30]	367
[31]	368	if ( !prs_set_offset( ps, 0x24 ) )
	369	return false;
	370	if ( !prs_uint32( "data_offset", ps, depth, &file->data_offset ))
	371	return false;
	372	if ( !prs_uint32( "last_block", ps, depth, &file->last_block ))
	373	return false;
[30]	374
[31]	375	/* one more constant */
[30]	376
[31]	377	if ( !prs_uint32( "unknown6", ps, depth, &file->unknown6 ))
	378	return false;
[30]	379
[31]	380	/* get the checksum */
[30]	381
[31]	382	if ( !prs_set_offset( ps, 0x01fc ) )
	383	return false;
	384	if ( !prs_uint32( "checksum", ps, depth, &file->checksum ))
	385	return false;
[30]	386
[31]	387	return true;
[30]	388	}
	389
	390
	391	/*******************************************************************
[31]	392	*******************************************************************/
[53]	393	static bool prs_hbin_block(const char desc, prs_struct ps,
	394	int depth, REGF_HBIN *hbin)
[30]	395	{
[31]	396	uint32 block_size2;
[30]	397
[31]	398	depth++;
[30]	399
[53]	400	if(!prs_uint8s(true, "header", ps, depth, hbin->header, sizeof(hbin->header)))
[31]	401	return false;
[30]	402
[31]	403	if ( !prs_uint32( "first_hbin_off", ps, depth, &hbin->first_hbin_off ))
	404	return false;
[30]	405
[31]	406	/* The dosreg.cpp comments say that the block size is at 0x1c.
	407	According to a WINXP NTUSER.dat file, this is wrong. The block_size
	408	is at 0x08 */
[30]	409
[31]	410	if ( !prs_uint32( "block_size", ps, depth, &hbin->block_size ))
	411	return false;
[30]	412
[31]	413	block_size2 = hbin->block_size;
	414	prs_set_offset( ps, 0x1c );
	415	if ( !prs_uint32( "block_size2", ps, depth, &block_size2 ))
	416	return false;
[30]	417
[31]	418	if ( !ps->io )
	419	hbin->dirty = true;
[30]	420
	421
[31]	422	return true;
[30]	423	}
	424
	425
	426	/*******************************************************************
[31]	427	*******************************************************************/
[33]	428	static bool prs_nk_rec( const char desc, prs_struct ps,
	429	int depth, REGF_NK_REC *nk )
[30]	430	{
[31]	431	uint16 class_length, name_length;
	432	uint32 start;
	433	uint32 data_size, start_off, end_off;
	434	uint32 unknown_off = REGF_OFFSET_NONE;
[30]	435
[31]	436	nk->hbin_off = ps->data_offset;
	437	start = nk->hbin_off;
[30]	438
[31]	439	depth++;
[30]	440
[33]	441	/* back up and get the data_size */
[31]	442	if ( !prs_set_offset( ps, ps->data_offset-sizeof(uint32)) )
	443	return false;
	444	start_off = ps->data_offset;
	445	if ( !prs_uint32( "rec_size", ps, depth, &nk->rec_size ))
	446	return false;
[30]	447
[33]	448	if (!prs_uint8s(true, "header", ps, depth, nk->header, sizeof(nk->header)))
[31]	449	return false;
[30]	450
[31]	451	if ( !prs_uint16( "key_type", ps, depth, &nk->key_type ))
	452	return false;
	453	if ( !smb_io_time( "mtime", &nk->mtime, ps, depth ))
	454	return false;
[30]	455
[31]	456	if ( !prs_set_offset( ps, start+0x0010 ) )
	457	return false;
	458	if ( !prs_uint32( "parent_off", ps, depth, &nk->parent_off ))
	459	return false;
	460	if ( !prs_uint32( "num_subkeys", ps, depth, &nk->num_subkeys ))
	461	return false;
[30]	462
[31]	463	if ( !prs_set_offset( ps, start+0x001c ) )
	464	return false;
	465	if ( !prs_uint32( "subkeys_off", ps, depth, &nk->subkeys_off ))
	466	return false;
	467	if ( !prs_uint32( "unknown_off", ps, depth, &unknown_off) )
	468	return false;
[30]	469
[31]	470	if ( !prs_set_offset( ps, start+0x0024 ) )
	471	return false;
	472	if ( !prs_uint32( "num_values", ps, depth, &nk->num_values ))
	473	return false;
	474	if ( !prs_uint32( "values_off", ps, depth, &nk->values_off ))
	475	return false;
	476	if ( !prs_uint32( "sk_off", ps, depth, &nk->sk_off ))
	477	return false;
	478	if ( !prs_uint32( "classname_off", ps, depth, &nk->classname_off ))
	479	return false;
[30]	480
[33]	481	if (!prs_uint32("max_bytes_subkeyname", ps, depth, &nk->max_bytes_subkeyname))
[31]	482	return false;
[33]	483	if ( !prs_uint32( "max_bytes_subkeyclassname", ps,
	484	depth, &nk->max_bytes_subkeyclassname))
	485	{ return false; }
[31]	486	if ( !prs_uint32( "max_bytes_valuename", ps, depth, &nk->max_bytes_valuename))
	487	return false;
	488	if ( !prs_uint32( "max_bytes_value", ps, depth, &nk->max_bytes_value))
	489	return false;
	490	if ( !prs_uint32( "unknown index", ps, depth, &nk->unk_index))
	491	return false;
[30]	492
[31]	493	name_length = nk->keyname ? strlen(nk->keyname) : 0 ;
	494	class_length = nk->classname ? strlen(nk->classname) : 0 ;
	495	if ( !prs_uint16( "name_length", ps, depth, &name_length ))
	496	return false;
	497	if ( !prs_uint16( "class_length", ps, depth, &class_length ))
	498	return false;
[30]	499
[33]	500	if ( class_length )
	501	{
[31]	502	;;
	503	}
[30]	504
[33]	505	if ( name_length )
	506	{
	507	if(ps->io && !(nk->keyname = (char*)zcalloc(sizeof(char), name_length+1)))
[31]	508	return false;
[30]	509
[53]	510	if(!prs_uint8s(true, "name", ps, depth, (uint8*)nk->keyname, name_length))
[31]	511	return false;
[30]	512
[53]	513	if(ps->io)
[31]	514	nk->keyname[name_length] = '\0';
	515	}
[30]	516
[31]	517	end_off = ps->data_offset;
[30]	518
[33]	519	/* data_size must be divisible by 8 and large enough to hold
	520	the original record */
[30]	521
[31]	522	data_size = ((start_off - end_off) & 0xfffffff8 );
[33]	523	/*if ( data_size > nk->rec_size )
	524	DEBUG(10,("Encountered reused record (0x%x < 0x%x)\n", data_size, nk->rec_size));*/
[30]	525
[33]	526	if ( !ps->io )
	527	nk->hbin->dirty = true;
	528
	529	nk->subkey_index = 0;
[31]	530	return true;
[30]	531	}
	532
	533
	534	/*******************************************************************
[31]	535	*******************************************************************/
[30]	536	static uint32 regf_block_checksum( prs_struct *ps )
	537	{
[31]	538	char *buffer = ps->data_p;
	539	uint32 checksum, x;
	540	int i;
[30]	541
[31]	542	/* XOR of all bytes 0x0000 - 0x01FB */
[30]	543
[31]	544	checksum = x = 0;
[30]	545
[31]	546	for ( i=0; i<0x01FB; i+=4 ) {
	547	x = IVAL(buffer, i );
	548	checksum ^= x;
	549	}
[30]	550
[31]	551	return checksum;
[30]	552	}
	553
	554
	555	/*******************************************************************
[31]	556	*******************************************************************/
[30]	557	static bool read_regf_block( REGF_FILE *file )
	558	{
[31]	559	prs_struct ps;
	560	uint32 checksum;
[30]	561
[31]	562	/* grab the first block from the file */
[30]	563
[31]	564	if ( read_block( file, &ps, 0, REGF_BLOCKSIZE ) == -1 )
	565	return false;
[30]	566
[31]	567	/* parse the block and verify the checksum */
[30]	568
[31]	569	if ( !prs_regf_block( "regf_header", &ps, 0, file ) )
	570	return false;
[30]	571
[31]	572	checksum = regf_block_checksum( &ps );
[30]	573
[31]	574	if(ps.is_dynamic)
	575	SAFE_FREE(ps.data_p);
	576	ps.is_dynamic = false;
	577	ps.buffer_size = 0;
	578	ps.data_offset = 0;
[30]	579
[31]	580	if ( file->checksum != checksum ) {
	581	/DEBUG(0,("read_regf_block: invalid checksum\n" ));/
	582	return false;
	583	}
[30]	584
[31]	585	return true;
[30]	586	}
	587
	588
	589	/*******************************************************************
[31]	590	*******************************************************************/
[30]	591	static REGF_HBIN* read_hbin_block( REGF_FILE *file, off_t offset )
	592	{
[31]	593	REGF_HBIN *hbin;
	594	uint32 record_size, curr_off, block_size, header;
[30]	595
[31]	596	if ( !(hbin = (REGF_HBIN*)zalloc(sizeof(REGF_HBIN))) )
	597	return NULL;
	598	hbin->file_off = offset;
	599	hbin->free_off = -1;
[30]	600
[31]	601	if ( read_block( file, &hbin->ps, offset, 0 ) == -1 )
	602	return NULL;
[30]	603
[31]	604	if ( !prs_hbin_block( "hbin", &hbin->ps, 0, hbin ) )
	605	return NULL;
[30]	606
[31]	607	/* this should be the same thing as hbin->block_size but just in case */
[30]	608
[31]	609	block_size = hbin->ps.buffer_size;
[30]	610
[31]	611	/* Find the available free space offset. Always at the end,
	612	so walk the record list and stop when you get to the end.
	613	The end is defined by a record header of 0xffffffff. The
	614	previous 4 bytes contains the amount of free space remaining
	615	in the hbin block. */
[30]	616
[31]	617	/* remember that the record_size is in the 4 bytes preceeding the record itself */
[30]	618
[31]	619	if ( !prs_set_offset( &hbin->ps, file->data_offset+HBIN_HDR_SIZE-sizeof(uint32) ) )
	620	return false;
[30]	621
[31]	622	record_size = 0;
	623	curr_off = hbin->ps.data_offset;
	624	while ( header != 0xffffffff ) {
	625	/* not done yet so reset the current offset to the
	626	next record_size field */
[30]	627
[31]	628	curr_off = curr_off+record_size;
[30]	629
[31]	630	/* for some reason the record_size of the last record in
	631	an hbin block can extend past the end of the block
	632	even though the record fits within the remaining
	633	space....aaarrrgggghhhhhh */
[30]	634
[31]	635	if ( curr_off >= block_size ) {
	636	record_size = -1;
	637	curr_off = -1;
	638	break;
	639	}
[30]	640
[31]	641	if ( !prs_set_offset( &hbin->ps, curr_off) )
	642	return false;
[30]	643
[31]	644	if ( !prs_uint32( "rec_size", &hbin->ps, 0, &record_size ) )
	645	return false;
	646	if ( !prs_uint32( "header", &hbin->ps, 0, &header ) )
	647	return false;
[30]	648
[31]	649	assert( record_size != 0 );
[30]	650
[31]	651	if ( record_size & 0x80000000 ) {
	652	/* absolute_value(record_size) */
	653	record_size = (record_size ^ 0xffffffff) + 1;
	654	}
	655	}
[30]	656
[31]	657	/* save the free space offset */
[30]	658
[31]	659	if ( header == 0xffffffff ) {
[30]	660
[31]	661	/* account for the fact that the curr_off is 4 bytes behind the actual
	662	record header */
[30]	663
[31]	664	hbin->free_off = curr_off + sizeof(uint32);
	665	hbin->free_size = record_size;
	666	}
[30]	667
[31]	668	/DEBUG(10,("read_hbin_block: free space offset == 0x%x\n", hbin->free_off));/
[30]	669
[31]	670	if ( !prs_set_offset( &hbin->ps, file->data_offset+HBIN_HDR_SIZE ) )
	671	return false;
[30]	672
[31]	673	return hbin;
[30]	674	}
	675
	676
	677	/*******************************************************************
	678	Input a randon offset and receive the correpsonding HBIN
	679	block for it
	680	*******************************************************************/
	681	static bool hbin_contains_offset( REGF_HBIN *hbin, uint32 offset )
	682	{
[31]	683	if ( !hbin )
	684	return false;
[30]	685
[31]	686	if ( (offset > hbin->first_hbin_off) && (offset < (hbin->first_hbin_off+hbin->block_size)) )
	687	return true;
[30]	688
[31]	689	return false;
[30]	690	}
	691
	692
	693	/*******************************************************************
	694	Input a randon offset and receive the correpsonding HBIN
	695	block for it
	696	*******************************************************************/
	697	static REGF_HBIN* lookup_hbin_block( REGF_FILE *file, uint32 offset )
	698	{
[31]	699	REGF_HBIN *hbin = NULL;
	700	uint32 block_off;
[30]	701
[31]	702	/* start with the open list */
[30]	703
[31]	704	for ( hbin=file->block_list; hbin; hbin=hbin->next ) {
	705	/* DEBUG(10,("lookup_hbin_block: address = 0x%x [0x%x]\n", hbin->file_off, (uint32)hbin ));*/
	706	if ( hbin_contains_offset( hbin, offset ) )
	707	return hbin;
	708	}
[30]	709
[31]	710	if ( !hbin ) {
	711	/* start at the beginning */
[30]	712
[31]	713	block_off = REGF_BLOCKSIZE;
	714	do {
	715	/* cleanup before the next round */
	716	if ( hbin )
	717	{
	718	if(hbin->ps.is_dynamic)
	719	SAFE_FREE(hbin->ps.data_p);
	720	hbin->ps.is_dynamic = false;
	721	hbin->ps.buffer_size = 0;
	722	hbin->ps.data_offset = 0;
	723	}
[30]	724
[31]	725	hbin = read_hbin_block( file, block_off );
[30]	726
[31]	727	if ( hbin )
	728	block_off = hbin->file_off + hbin->block_size;
[30]	729
[31]	730	} while ( hbin && !hbin_contains_offset( hbin, offset ) );
	731	}
[30]	732
[31]	733	if ( hbin )
	734	DLIST_ADD( file->block_list, hbin );
[30]	735
[31]	736	return hbin;
[30]	737	}
	738
	739
	740	/*******************************************************************
[31]	741	*******************************************************************/
[30]	742	static bool prs_hash_rec( const char desc, prs_struct ps, int depth, REGF_HASH_REC *hash )
	743	{
[31]	744	depth++;
[30]	745
[31]	746	if ( !prs_uint32( "nk_off", ps, depth, &hash->nk_off ))
	747	return false;
	748	if ( !prs_uint8s( true, "keycheck", ps, depth, hash->keycheck, sizeof( hash->keycheck )) )
	749	return false;
[30]	750
[31]	751	return true;
[30]	752	}
	753
	754
	755	/*******************************************************************
[31]	756	*******************************************************************/
[53]	757	static bool hbin_prs_lf_records(const char desc, REGF_HBIN hbin,
	758	int depth, REGF_NK_REC *nk)
[30]	759	{
[31]	760	int i;
	761	REGF_LF_REC *lf = &nk->subkeys;
	762	uint32 data_size, start_off, end_off;
[30]	763
[31]	764	depth++;
[30]	765
[31]	766	/* check if we have anything to do first */
[30]	767
[31]	768	if ( nk->num_subkeys == 0 )
	769	return true;
[30]	770
[31]	771	/* move to the LF record */
[30]	772
[31]	773	if ( !prs_set_offset( &hbin->ps, nk->subkeys_off + HBIN_HDR_SIZE - hbin->first_hbin_off ) )
	774	return false;
[30]	775
[31]	776	/* backup and get the data_size */
[30]	777
[31]	778	if ( !prs_set_offset( &hbin->ps, hbin->ps.data_offset-sizeof(uint32)) )
	779	return false;
	780	start_off = hbin->ps.data_offset;
	781	if ( !prs_uint32( "rec_size", &hbin->ps, depth, &lf->rec_size ))
	782	return false;
[30]	783
[53]	784	if(!prs_uint8s(true, "header", &hbin->ps, depth,
	785	lf->header, sizeof(lf->header)))
[31]	786	return false;
[30]	787
[31]	788	if ( !prs_uint16( "num_keys", &hbin->ps, depth, &lf->num_keys))
	789	return false;
[30]	790
[31]	791	if ( hbin->ps.io ) {
	792	if ( !(lf->hashes = (REGF_HASH_REC*)zcalloc(sizeof(REGF_HASH_REC), lf->num_keys )) )
	793	return false;
	794	}
[30]	795
[31]	796	for ( i=0; i<lf->num_keys; i++ ) {
	797	if ( !prs_hash_rec( "hash_rec", &hbin->ps, depth, &lf->hashes[i] ) )
	798	return false;
	799	}
[30]	800
[31]	801	end_off = hbin->ps.data_offset;
[30]	802
[31]	803	/* data_size must be divisible by 8 and large enough to hold the original record */
[30]	804
[31]	805	data_size = ((start_off - end_off) & 0xfffffff8 );
[33]	806	/* if ( data_size > lf->rec_size )*/
[31]	807	/DEBUG(10,("Encountered reused record (0x%x < 0x%x)\n", data_size, lf->rec_size));/
[30]	808
[33]	809	if ( !hbin->ps.io )
	810	hbin->dirty = true;
[30]	811
[31]	812	return true;
[30]	813	}
	814
	815
	816	/*******************************************************************
[31]	817	*******************************************************************/
[30]	818	static bool hbin_prs_sk_rec( const char desc, REGF_HBIN hbin, int depth, REGF_SK_REC *sk )
	819	{
[31]	820	prs_struct *ps = &hbin->ps;
	821	uint16 tag = 0xFFFF;
	822	uint32 data_size, start_off, end_off;
[30]	823
	824
[31]	825	depth++;
[30]	826
[31]	827	if ( !prs_set_offset( &hbin->ps, sk->sk_off + HBIN_HDR_SIZE - hbin->first_hbin_off ) )
	828	return false;
[30]	829
[31]	830	/* backup and get the data_size */
[30]	831
[31]	832	if ( !prs_set_offset( &hbin->ps, hbin->ps.data_offset-sizeof(uint32)) )
	833	return false;
	834	start_off = hbin->ps.data_offset;
	835	if ( !prs_uint32( "rec_size", &hbin->ps, depth, &sk->rec_size ))
	836	return false;
[30]	837
[53]	838	if (!prs_uint8s(true, "header", ps, depth, sk->header, sizeof(sk->header)))
[31]	839	return false;
	840	if ( !prs_uint16( "tag", ps, depth, &tag))
	841	return false;
[30]	842
[31]	843	if ( !prs_uint32( "prev_sk_off", ps, depth, &sk->prev_sk_off))
	844	return false;
	845	if ( !prs_uint32( "next_sk_off", ps, depth, &sk->next_sk_off))
	846	return false;
	847	if ( !prs_uint32( "ref_count", ps, depth, &sk->ref_count))
	848	return false;
	849	if ( !prs_uint32( "size", ps, depth, &sk->size))
	850	return false;
[30]	851
[31]	852	if ( !sec_io_desc( "sec_desc", &sk->sec_desc, ps, depth ))
	853	return false;
[30]	854
[31]	855	end_off = hbin->ps.data_offset;
[30]	856
[31]	857	/* data_size must be divisible by 8 and large enough to hold the original record */
[30]	858
[31]	859	data_size = ((start_off - end_off) & 0xfffffff8 );
[33]	860	/* if ( data_size > sk->rec_size )*/
[31]	861	/DEBUG(10,("Encountered reused record (0x%x < 0x%x)\n", data_size, sk->rec_size));/
[30]	862
[33]	863	if ( !hbin->ps.io )
	864	hbin->dirty = true;
[30]	865
[31]	866	return true;
[30]	867	}
	868
	869
	870	/*******************************************************************
[31]	871	*******************************************************************/
[30]	872	static bool hbin_prs_vk_rec( const char desc, REGF_HBIN hbin, int depth,
	873	REGF_VK_REC vk, REGF_FILE file )
	874	{
[31]	875	uint32 offset;
	876	uint16 name_length;
	877	prs_struct *ps = &hbin->ps;
	878	uint32 data_size, start_off, end_off;
[30]	879
[31]	880	depth++;
[30]	881
[31]	882	/* backup and get the data_size */
[30]	883
[31]	884	if ( !prs_set_offset( &hbin->ps, hbin->ps.data_offset-sizeof(uint32)) )
	885	return false;
	886	start_off = hbin->ps.data_offset;
	887	if ( !prs_uint32( "rec_size", &hbin->ps, depth, &vk->rec_size ))
	888	return false;
[30]	889
[31]	890	if ( !prs_uint8s( true, "header", ps, depth, vk->header, sizeof( vk->header )) )
	891	return false;
[30]	892
[31]	893	if ( !hbin->ps.io )
	894	name_length = strlen(vk->valuename);
[30]	895
[31]	896	if ( !prs_uint16( "name_length", ps, depth, &name_length ))
	897	return false;
	898	if ( !prs_uint32( "data_size", ps, depth, &vk->data_size ))
	899	return false;
	900	if ( !prs_uint32( "data_off", ps, depth, &vk->data_off ))
	901	return false;
	902	if ( !prs_uint32( "type", ps, depth, &vk->type))
	903	return false;
	904	if ( !prs_uint16( "flag", ps, depth, &vk->flag))
	905	return false;
[30]	906
[31]	907	offset = ps->data_offset;
	908	offset += 2; /* skip 2 bytes */
	909	prs_set_offset( ps, offset );
[30]	910
[31]	911	/* get the name */
[30]	912
[31]	913	if ( vk->flag&VK_FLAG_NAME_PRESENT ) {
[30]	914
[31]	915	if ( hbin->ps.io ) {
	916	if ( !(vk->valuename = (char*)zcalloc(sizeof(char), name_length+1 )))
	917	return false;
	918	}
[53]	919	if ( !prs_uint8s(true, "name", ps, depth,
	920	(uint8*)vk->valuename, name_length) )
[31]	921	return false;
	922	}
[30]	923
[31]	924	end_off = hbin->ps.data_offset;
[30]	925
[31]	926	/* get the data if necessary */
[30]	927
[32]	928	if ( vk->data_size != 0 )
	929	{
[31]	930	bool charmode = false;
[30]	931
[31]	932	if ( (vk->type == REG_SZ) \|\| (vk->type == REG_MULTI_SZ) )
	933	charmode = true;
[30]	934
[31]	935	/* the data is stored in the offset if the size <= 4 */
[32]	936	if ( !(vk->data_size & VK_DATA_IN_OFFSET) )
	937	{
[31]	938	REGF_HBIN *hblock = hbin;
	939	uint32 data_rec_size;
[30]	940
[32]	941	if ( hbin->ps.io )
	942	{
[31]	943	if ( !(vk->data = (uint8*)zcalloc(sizeof(uint8), vk->data_size) ) )
	944	return false;
	945	}
[30]	946
[31]	947	/* this data can be in another hbin */
[32]	948	if ( !hbin_contains_offset( hbin, vk->data_off ) )
	949	{
[31]	950	if ( !(hblock = lookup_hbin_block( file, vk->data_off )) )
	951	return false;
	952	}
[32]	953	if (!(prs_set_offset(&hblock->ps,
	954	(vk->data_off
	955	+ HBIN_HDR_SIZE
	956	- hblock->first_hbin_off)
	957	- sizeof(uint32))))
	958	{ return false; }
[30]	959
[32]	960	if ( !hblock->ps.io )
	961	{
[31]	962	data_rec_size = ( (vk->data_size+sizeof(uint32)) & 0xfffffff8 ) + 8;
	963	data_rec_size = ( data_rec_size - 1 ) ^ 0xFFFFFFFF;
	964	}
	965	if ( !prs_uint32( "data_rec_size", &hblock->ps, depth, &data_rec_size ))
	966	return false;
[32]	967	if(!prs_uint8s(charmode, "data", &hblock->ps, depth,
	968	vk->data, vk->data_size))
[31]	969	return false;
[30]	970
[31]	971	if ( !hblock->ps.io )
	972	hblock->dirty = true;
	973	}
[32]	974	else
	975	{
	976	if(!(vk->data = zcalloc(sizeof(uint8), 4)))
[31]	977	return false;
	978	SIVAL( vk->data, 0, vk->data_off );
	979	}
[30]	980
[31]	981	}
[30]	982
[31]	983	/* data_size must be divisible by 8 and large enough to hold the original record */
[30]	984
[31]	985	data_size = ((start_off - end_off ) & 0xfffffff8 );
[32]	986	/*if ( data_size != vk->rec_size )
	987	DEBUG(10,("prs_vk_rec: data_size check failed (0x%x < 0x%x)\n", data_size, vk->rec_size));*/
[30]	988
[32]	989	if ( !hbin->ps.io )
	990	hbin->dirty = true;
[30]	991
[31]	992	return true;
[30]	993	}
	994
	995
	996	/*******************************************************************
	997	read a VK record which is contained in the HBIN block stored
	998	in the prs_struct *ps.
	999	*******************************************************************/
[32]	1000	static bool hbin_prs_vk_records(const char desc, REGF_HBIN hbin,
	1001	int depth, REGF_NK_REC nk, REGF_FILE file)
[30]	1002	{
[31]	1003	int i;
	1004	uint32 record_size;
[30]	1005
[31]	1006	depth++;
[30]	1007
[31]	1008	/* check if we have anything to do first */
[32]	1009	if(nk->num_values == 0)
[31]	1010	return true;
[30]	1011
[32]	1012	if(hbin->ps.io)
	1013	{
	1014	if (!(nk->values = (REGF_VK_REC*)zcalloc(sizeof(REGF_VK_REC),
	1015	nk->num_values )))
[31]	1016	return false;
	1017	}
[30]	1018
[31]	1019	/* convert the offset to something relative to this HBIN block */
[32]	1020	if (!prs_set_offset(&hbin->ps,
	1021	nk->values_off
	1022	+ HBIN_HDR_SIZE
	1023	- hbin->first_hbin_off
	1024	- sizeof(uint32)))
	1025	{ return false; }
[30]	1026
[32]	1027	if ( !hbin->ps.io )
	1028	{
[31]	1029	record_size = ( ( nk->num_values * sizeof(uint32) ) & 0xfffffff8 ) + 8;
	1030	record_size = (record_size - 1) ^ 0xFFFFFFFF;
	1031	}
[30]	1032
[31]	1033	if ( !prs_uint32( "record_size", &hbin->ps, depth, &record_size ) )
	1034	return false;
[30]	1035
[32]	1036	for ( i=0; i<nk->num_values; i++ )
	1037	{
[31]	1038	if ( !prs_uint32( "vk_off", &hbin->ps, depth, &nk->values[i].rec_off ) )
	1039	return false;
	1040	}
[30]	1041
[32]	1042	for ( i=0; i<nk->num_values; i++ )
	1043	{
[31]	1044	REGF_HBIN *sub_hbin = hbin;
	1045	uint32 new_offset;
[30]	1046
[32]	1047	if ( !hbin_contains_offset( hbin, nk->values[i].rec_off ) )
	1048	{
[31]	1049	sub_hbin = lookup_hbin_block( file, nk->values[i].rec_off );
[32]	1050	if ( !sub_hbin )
	1051	{
[31]	1052	/*DEBUG(0,("hbin_prs_vk_records: Failed to find HBIN block containing offset [0x%x]\n",
	1053	nk->values[i].hbin_off));*/
	1054	return false;
	1055	}
	1056	}
[30]	1057
[32]	1058	new_offset = nk->values[i].rec_off
	1059	+ HBIN_HDR_SIZE
	1060	- sub_hbin->first_hbin_off;
	1061
	1062	if (!prs_set_offset(&sub_hbin->ps, new_offset))
[31]	1063	return false;
[32]	1064	if (!hbin_prs_vk_rec("vk_rec", sub_hbin, depth, &nk->values[i], file))
[31]	1065	return false;
	1066	}
[30]	1067
[31]	1068	if ( !hbin->ps.io )
	1069	hbin->dirty = true;
[30]	1070
[31]	1071	return true;
[30]	1072	}
	1073
	1074
	1075	/*******************************************************************
[31]	1076	*******************************************************************/
[30]	1077	static REGF_SK_REC* find_sk_record_by_offset( REGF_FILE *file, uint32 offset )
	1078	{
[31]	1079	REGF_SK_REC *p_sk;
[30]	1080
[31]	1081	for ( p_sk=file->sec_desc_list; p_sk; p_sk=p_sk->next ) {
	1082	if ( p_sk->sk_off == offset )
	1083	return p_sk;
	1084	}
[30]	1085
[31]	1086	return NULL;
[30]	1087	}
	1088
[32]	1089
[30]	1090	/*******************************************************************
[31]	1091	*******************************************************************/
[30]	1092	static REGF_SK_REC* find_sk_record_by_sec_desc( REGF_FILE file, SEC_DESC sd )
	1093	{
[31]	1094	REGF_SK_REC *p;
[30]	1095
[31]	1096	for ( p=file->sec_desc_list; p; p=p->next ) {
	1097	if ( sec_desc_equal( p->sec_desc, sd ) )
	1098	return p;
	1099	}
[30]	1100
[31]	1101	/* failure */
[30]	1102
[31]	1103	return NULL;
[30]	1104	}
	1105
[32]	1106
[30]	1107	/*******************************************************************
[31]	1108	*******************************************************************/
[30]	1109	static bool hbin_prs_key( REGF_FILE file, REGF_HBIN hbin, REGF_NK_REC *nk )
	1110	{
[31]	1111	int depth = 0;
	1112	REGF_HBIN *sub_hbin;
[30]	1113
[31]	1114	depth++;
[30]	1115
[31]	1116	/* get the initial nk record */
[33]	1117	if (!prs_nk_rec("nk_rec", &hbin->ps, depth, nk))
[31]	1118	return false;
[30]	1119
[31]	1120	/* fill in values */
[32]	1121	if ( nk->num_values && (nk->values_off!=REGF_OFFSET_NONE) )
	1122	{
[31]	1123	sub_hbin = hbin;
[32]	1124	if ( !hbin_contains_offset( hbin, nk->values_off ) )
	1125	{
[31]	1126	sub_hbin = lookup_hbin_block( file, nk->values_off );
[32]	1127	if ( !sub_hbin )
	1128	{
[31]	1129	/*DEBUG(0,("hbin_prs_key: Failed to find HBIN block containing value_list_offset [0x%x]\n",
	1130	nk->values_off));*/
	1131	return false;
	1132	}
	1133	}
[30]	1134
[32]	1135	if(!hbin_prs_vk_records("vk_rec", sub_hbin, depth, nk, file))
[31]	1136	return false;
	1137	}
[30]	1138
[31]	1139	/* now get subkeys */
[32]	1140	if ( nk->num_subkeys && (nk->subkeys_off!=REGF_OFFSET_NONE) )
	1141	{
[31]	1142	sub_hbin = hbin;
[32]	1143	if ( !hbin_contains_offset( hbin, nk->subkeys_off ) )
	1144	{
[31]	1145	sub_hbin = lookup_hbin_block( file, nk->subkeys_off );
[32]	1146	if ( !sub_hbin )
	1147	{
[31]	1148	/*DEBUG(0,("hbin_prs_key: Failed to find HBIN block containing subkey_offset [0x%x]\n",
	1149	nk->subkeys_off));*/
	1150	return false;
	1151	}
	1152	}
[30]	1153
[32]	1154	if (!hbin_prs_lf_records("lf_rec", sub_hbin, depth, nk))
[31]	1155	return false;
	1156	}
[30]	1157
[31]	1158	/* get the to the security descriptor. First look if we have already parsed it */
[30]	1159
[32]	1160	if ((nk->sk_off!=REGF_OFFSET_NONE)
	1161	&& !(nk->sec_desc = find_sk_record_by_offset( file, nk->sk_off )))
	1162	{
[31]	1163	sub_hbin = hbin;
[32]	1164	if (!hbin_contains_offset(hbin, nk->sk_off))
	1165	{
[31]	1166	sub_hbin = lookup_hbin_block( file, nk->sk_off );
	1167	if ( !sub_hbin ) {
	1168	/*DEBUG(0,("hbin_prs_key: Failed to find HBIN block containing sk_offset [0x%x]\n",
	1169	nk->subkeys_off));*/
	1170	return false;
	1171	}
	1172	}
[30]	1173
[31]	1174	if ( !(nk->sec_desc = (REGF_SK_REC*)zalloc(sizeof(REGF_SK_REC) )) )
	1175	return false;
	1176	nk->sec_desc->sk_off = nk->sk_off;
	1177	if ( !hbin_prs_sk_rec( "sk_rec", sub_hbin, depth, nk->sec_desc ))
	1178	return false;
[30]	1179
[31]	1180	/* add to the list of security descriptors (ref_count has been read from the files) */
[30]	1181
[31]	1182	nk->sec_desc->sk_off = nk->sk_off;
	1183	DLIST_ADD( file->sec_desc_list, nk->sec_desc );
	1184	}
[30]	1185
[31]	1186	return true;
[30]	1187	}
	1188
[32]	1189
[30]	1190	/*******************************************************************
[31]	1191	*******************************************************************/
[30]	1192	static bool next_record( REGF_HBIN hbin, const char hdr, bool *eob )
	1193	{
[53]	1194	uint8 header[REC_HDR_SIZE] = "";
[31]	1195	uint32 record_size;
	1196	uint32 curr_off, block_size;
	1197	bool found = false;
	1198	prs_struct *ps = &hbin->ps;
[30]	1199
[31]	1200	curr_off = ps->data_offset;
	1201	if ( curr_off == 0 )
	1202	prs_set_offset( ps, HBIN_HEADER_REC_SIZE );
[30]	1203
[31]	1204	/* assume that the current offset is at the reacord header
	1205	and we need to backup to read the record size */
	1206	curr_off -= sizeof(uint32);
[30]	1207
[31]	1208	block_size = ps->buffer_size;
	1209	record_size = 0;
[32]	1210	while ( !found )
	1211	{
[31]	1212	curr_off = curr_off+record_size;
	1213	if ( curr_off >= block_size )
	1214	break;
[30]	1215
[31]	1216	if ( !prs_set_offset( &hbin->ps, curr_off) )
	1217	return false;
[30]	1218
[31]	1219	if ( !prs_uint32( "record_size", ps, 0, &record_size ) )
	1220	return false;
	1221	if ( !prs_uint8s( true, "header", ps, 0, header, REC_HDR_SIZE ) )
	1222	return false;
[30]	1223
[31]	1224	if ( record_size & 0x80000000 ) {
	1225	/* absolute_value(record_size) */
	1226	record_size = (record_size ^ 0xffffffff) + 1;
	1227	}
[30]	1228
[31]	1229	if ( memcmp( header, hdr, REC_HDR_SIZE ) == 0 ) {
	1230	found = true;
	1231	curr_off += sizeof(uint32);
	1232	}
	1233	}
[30]	1234
[31]	1235	/* mark prs_struct as done ( at end ) if no more SK records */
[32]	1236	/* mark end-of-block as true */
	1237	if ( !found )
[31]	1238	{
	1239	prs_set_offset( &hbin->ps, hbin->ps.buffer_size );
	1240	*eob = true;
	1241	return false;
	1242	}
[32]	1243
	1244	if (!prs_set_offset(ps, curr_off))
[31]	1245	return false;
[30]	1246
[31]	1247	return true;
[30]	1248	}
	1249
	1250
	1251	/*******************************************************************
[31]	1252	*******************************************************************/
[32]	1253	static bool next_nk_record(REGF_FILE file, REGF_HBIN hbin,
	1254	REGF_NK_REC nk, bool eob)
[30]	1255	{
[32]	1256	if (next_record(hbin, "nk", eob)
	1257	&& hbin_prs_key(file, hbin, nk))
[31]	1258	return true;
[30]	1259
[31]	1260	return false;
[30]	1261	}
	1262
	1263
	1264	/*******************************************************************
	1265	Open the registry file and then read in the REGF block to get the
	1266	first hbin offset.
	1267	*******************************************************************/
	1268	REGF_FILE* regfio_open( const char *filename )
	1269	{
[31]	1270	REGF_FILE *rb;
	1271	int flags = O_RDONLY;
[30]	1272
[31]	1273	if ( !(rb = (REGF_FILE*)malloc(sizeof(REGF_FILE))) ) {
	1274	/* DEBUG(0,("ERROR allocating memory\n")); */
	1275	return NULL;
	1276	}
	1277	memset(rb, 0, sizeof(REGF_FILE));
	1278	rb->fd = -1;
[30]	1279
[31]	1280	/* if ( !(rb->mem_ctx = talloc_init( "read_regf_block" )) )
	1281	{
	1282	regfio_close( rb );
	1283	return NULL;
	1284	}
	1285	*/
	1286	rb->open_flags = flags;
[30]	1287
[31]	1288	/* open and existing file */
[30]	1289
[31]	1290	if ( (rb->fd = open(filename, flags)) == -1 ) {
	1291	/* DEBUG(0,("regfio_open: failure to open %s (%s)\n", filename, strerror(errno)));*/
	1292	regfio_close( rb );
	1293	return NULL;
	1294	}
[30]	1295
[31]	1296	/* read in an existing file */
[30]	1297
[31]	1298	if ( !read_regf_block( rb ) ) {
	1299	/* DEBUG(0,("regfio_open: Failed to read initial REGF block\n"));*/
	1300	regfio_close( rb );
	1301	return NULL;
	1302	}
[30]	1303
[31]	1304	/* success */
[30]	1305
[31]	1306	return rb;
[30]	1307	}
	1308
	1309
	1310	/*******************************************************************
[31]	1311	*******************************************************************/
[30]	1312	static void regfio_mem_free( REGF_FILE *file )
	1313	{
[31]	1314	/* free any zalloc()'d memory */
[30]	1315
	1316	/* if ( file && file->mem_ctx )
[31]	1317	free(file->mem_ctx);
[30]	1318	*/
	1319	}
	1320
	1321
	1322	/*******************************************************************
[31]	1323	*******************************************************************/
[30]	1324	int regfio_close( REGF_FILE *file )
	1325	{
[31]	1326	int fd;
[30]	1327
[31]	1328	regfio_mem_free( file );
[30]	1329
[31]	1330	/* nothing to do if there is no open file */
[30]	1331
[31]	1332	if ( !file \|\| (file->fd == -1) )
	1333	return 0;
[30]	1334
[31]	1335	fd = file->fd;
	1336	file->fd = -1;
	1337	SAFE_FREE( file );
[30]	1338
[31]	1339	return close( fd );
[30]	1340	}
	1341
	1342
	1343	/*******************************************************************
	1344	There should be only one root key in the registry file based
	1345	on my experience. --jerry
	1346	*******************************************************************/
	1347	REGF_NK_REC* regfio_rootkey( REGF_FILE *file )
	1348	{
[31]	1349	REGF_NK_REC *nk;
	1350	REGF_HBIN *hbin;
	1351	uint32 offset = REGF_BLOCKSIZE;
	1352	bool found = false;
	1353	bool eob;
[30]	1354
[31]	1355	if ( !file )
	1356	return NULL;
[30]	1357
[31]	1358	if ( !(nk = (REGF_NK_REC*)zalloc(sizeof(REGF_NK_REC) )) ) {
	1359	/DEBUG(0,("regfio_rootkey: zalloc() failed!\n"));/
	1360	return NULL;
	1361	}
[30]	1362
[31]	1363	/* scan through the file on HBIN block at a time looking
	1364	for an NK record with a type == 0x002c.
	1365	Normally this is the first nk record in the first hbin
	1366	block (but I'm not assuming that for now) */
[30]	1367
[31]	1368	while ( (hbin = read_hbin_block( file, offset )) ) {
	1369	eob = false;
[30]	1370
[31]	1371	while ( !eob) {
	1372	if ( next_nk_record( file, hbin, nk, &eob ) ) {
	1373	if ( nk->key_type == NK_TYPE_ROOTKEY ) {
	1374	found = true;
	1375	break;
	1376	}
	1377	}
	1378	if(hbin->ps.is_dynamic)
	1379	SAFE_FREE(hbin->ps.data_p);
	1380	hbin->ps.is_dynamic = false;
	1381	hbin->ps.buffer_size = 0;
	1382	hbin->ps.data_offset = 0;
	1383	}
[30]	1384
[31]	1385	if ( found )
	1386	break;
[30]	1387
[31]	1388	offset += hbin->block_size;
	1389	}
[30]	1390
[31]	1391	if ( !found ) {
	1392	/DEBUG(0,("regfio_rootkey: corrupt registry file ? No root key record located\n"));/
	1393	return NULL;
	1394	}
[30]	1395
[31]	1396	DLIST_ADD( file->block_list, hbin );
[30]	1397
[31]	1398	return nk;
[30]	1399	}
	1400
	1401
[33]	1402	/* XXX: An interator struct should be used instead, and this function
	1403	* should operate on it, so the state of iteration isn't stored in the
	1404	* REGF_NK_REC struct itself.
	1405	*/
[30]	1406	/*******************************************************************
	1407	This acts as an interator over the subkeys defined for a given
	1408	NK record. Remember that offsets are from the first HBIN block.
	1409	*******************************************************************/
	1410	REGF_NK_REC* regfio_fetch_subkey( REGF_FILE file, REGF_NK_REC nk )
	1411	{
[31]	1412	REGF_NK_REC *subkey;
	1413	REGF_HBIN *hbin;
	1414	uint32 nk_offset;
[30]	1415
[31]	1416	/* see if there is anything left to report */
[32]	1417	if (!nk \|\| (nk->subkeys_off==REGF_OFFSET_NONE)
	1418	\|\| (nk->subkey_index >= nk->num_subkeys))
[31]	1419	return NULL;
[30]	1420
[31]	1421	/* find the HBIN block which should contain the nk record */
	1422	if(!(hbin
	1423	= lookup_hbin_block(file, nk->subkeys.hashes[nk->subkey_index].nk_off )))
	1424	{
	1425	/*DEBUG(0,("hbin_prs_key: Failed to find HBIN block containing offset [0x%x]\n",
	1426	nk->subkeys.hashes[nk->subkey_index].nk_off));*/
	1427	return NULL;
	1428	}
[30]	1429
[31]	1430	nk_offset = nk->subkeys.hashes[nk->subkey_index].nk_off;
[32]	1431	if(!prs_set_offset(&hbin->ps,
	1432	(HBIN_HDR_SIZE + nk_offset - hbin->first_hbin_off)))
[31]	1433	return NULL;
[30]	1434
[31]	1435	nk->subkey_index++;
[32]	1436	if(!(subkey = (REGF_NK_REC*)zalloc(sizeof(REGF_NK_REC))))
[31]	1437	return NULL;
[30]	1438
[32]	1439	if(!hbin_prs_key(file, hbin, subkey))
[31]	1440	return NULL;
[32]	1441
[31]	1442	return subkey;
[30]	1443	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: