Context Navigation

source: trunk/src/reglookup.c @ 45

Last change on this file since 45 was 44, checked in by tim, 19 years ago

minor changes to command line option parsing

fixed some warnings with quote_string

Property svn:keywords set to Id

File size: 20.9 KB

Rev	Line
[30]	1	/*
[42]	2	* A utility to read a Windows NT/2K/XP/2K3 registry file, using
	3	* Gerald Carter''s regfio interface.
[30]	4	*
	5	* Copyright (C) 2005 Timothy D. Morgan
[42]	6	* Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com
[30]	7	*
	8	* This program is free software; you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License as published by
	10	* the Free Software Foundation; version 2 of the License.
	11	*
	12	* This program is distributed in the hope that it will be useful,
	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	* GNU General Public License for more details.
	16	*
	17	* You should have received a copy of the GNU General Public License
	18	* along with this program; if not, write to the Free Software
	19	* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	20	*
	21	* $Id: reglookup.c 44 2005-08-06 13:47:07Z tim $
	22	*/
	23
	24
	25	#include <stdlib.h>
	26	#include <stdio.h>
	27	#include <string.h>
[33]	28	#include <strings.h>
[42]	29	#include <time.h>
[30]	30	#include "../include/regfio.h"
[31]	31	#include "../include/void_stack.h"
[30]	32
[40]	33	/* Globals, influenced by command line parameters */
	34	bool print_verbose = false;
	35	bool print_security = false;
[42]	36	bool print_header = true;
[40]	37	bool path_filter_enabled = false;
	38	bool type_filter_enabled = false;
	39	char* path_filter = NULL;
	40	int type_filter;
	41	char* registry_file = NULL;
	42
[42]	43	/* Other globals */
	44	const char* special_chars = ",\"\\";
[40]	45
[38]	46	void bailOut(int code, char* message)
	47	{
	48	fprintf(stderr, message);
	49	exit(code);
	50	}
	51
	52
[41]	53	/* Returns a newly malloc()ed string which contains original buffer,
	54	* except for non-printable or special characters are quoted in hex
	55	* with the syntax '\xQQ' where QQ is the hex ascii value of the quoted
	56	* character. A null terminator is added, as only ascii, not binary,
	57	* is returned.
	58	*/
	59	static char* quote_buffer(const unsigned char* str,
[44]	60	unsigned int len, const char* special)
[41]	61	{
	62	unsigned int i;
	63	unsigned int num_written=0;
	64	unsigned int out_len = sizeof(char)*len+1;
	65	char* ret_val = malloc(out_len);
	66
	67	if(ret_val == NULL)
	68	return NULL;
	69
	70	for(i=0; i<len; i++)
	71	{
	72	if(str[i] < 32 \|\| str[i] > 126 \|\| strchr(special, str[i]) != NULL)
	73	{
	74	out_len += 3;
	75	/* XXX: may not be the most efficient way of getting enough memory. */
	76	ret_val = realloc(ret_val, out_len);
	77	if(ret_val == NULL)
	78	break;
	79	num_written += snprintf(ret_val+num_written, (out_len)-num_written,
	80	"\\x%.2X", str[i]);
	81	}
	82	else
	83	ret_val[num_written++] = str[i];
	84	}
	85	ret_val[num_written] = '\0';
	86
	87	return ret_val;
	88	}
	89
	90
	91	/* Returns a newly malloc()ed string which contains original string,
	92	* except for non-printable or special characters are quoted in hex
	93	* with the syntax '\xQQ' where QQ is the hex ascii value of the quoted
	94	* character.
	95	*/
[44]	96	static char* quote_string(const char* str, const char* special)
[41]	97	{
[42]	98	unsigned int len;
[41]	99
[42]	100	if(str == NULL)
	101	return NULL;
	102
	103	len = strlen(str);
	104	return quote_buffer((const unsigned char*)str, len, special);
[41]	105	}
	106
	107
	108	/*
	109	* Convert from UniCode to Ascii ... Does not take into account other lang
	110	* Restrict by ascii_max if > 0
	111	*/
	112	static int uni_to_ascii(unsigned char uni, unsigned char ascii,
	113	int ascii_max, int uni_max)
	114	{
	115	int i = 0;
	116
	117	while (i < ascii_max && (uni[i2] \|\| uni[i2+1]))
	118	{
	119	if (uni_max > 0 && (i*2) >= uni_max) break;
	120	ascii[i] = uni[i*2];
	121	i++;
	122	}
	123	ascii[i] = '\0';
	124
	125	return i;
	126	}
	127
	128
	129	/*
	130	* Convert a data value to a string for display
	131	*/
	132	static unsigned char* data_to_ascii(unsigned char *datap, int len, int type)
	133	{
	134	unsigned char *asciip;
	135	unsigned int i;
	136	unsigned short num_nulls;
	137	unsigned char* ascii;
	138	unsigned char* cur_str;
	139	unsigned char* cur_ascii;
	140	char* cur_quoted;
	141	unsigned int cur_str_len;
	142	unsigned int ascii_max, cur_str_max;
	143	unsigned int str_rem, cur_str_rem, alen;
	144
	145	switch (type)
	146	{
	147	case REG_SZ:
	148	if (print_verbose)
	149	fprintf(stderr, "Len: %d\n", len);
	150
	151	ascii_max = sizeof(char)*len;
	152	ascii = malloc(ascii_max+4);
	153	if(ascii == NULL)
	154	return NULL;
	155
	156	/* XXX: This has to be fixed. It has to be UNICODE */
	157	uni_to_ascii(datap, ascii, len, ascii_max);
[42]	158	cur_quoted = quote_string((char*)ascii, special_chars);
	159	free(ascii);
	160	return (unsigned char*)cur_quoted;
[41]	161	break;
	162
	163	case REG_EXPAND_SZ:
	164	ascii_max = sizeof(char)*len;
	165	ascii = malloc(ascii_max+2);
	166	if(ascii == NULL)
	167	return NULL;
	168
	169	uni_to_ascii(datap, ascii, len, ascii_max);
[42]	170	cur_quoted = quote_string((char*)ascii, special_chars);
	171	free(ascii);
	172	return (unsigned char*)cur_quoted;
[41]	173	break;
	174
	175	case REG_DWORD:
	176	ascii_max = sizeof(char)*10;
	177	ascii = malloc(ascii_max+1);
	178	if(ascii == NULL)
	179	return NULL;
	180
	181	if ((int )datap == 0)
	182	snprintf((char*)ascii, ascii_max, "0");
	183	else
	184	snprintf((char)ascii, ascii_max, "0x%x", (int *)datap);
	185	return ascii;
	186	break;
	187
[42]	188	/* XXX: this MULTI_SZ parser is pretty inefficient. Should be
	189	* redone with fewer malloc and better string concatenation.
	190	*/
[41]	191	case REG_MULTI_SZ:
	192	ascii_max = sizeof(char)len4;
	193	cur_str_max = sizeof(char)*len+1;
	194	cur_str = malloc(cur_str_max);
	195	cur_ascii = malloc(cur_str_max);
	196	ascii = malloc(ascii_max+4);
[42]	197	if(ascii == NULL \|\| cur_str == NULL \|\| cur_ascii == NULL)
[41]	198	return NULL;
	199
	200	/* Reads until it reaches 4 consecutive NULLs,
	201	* which is two nulls in unicode, or until it reaches len, or until we
	202	* run out of buffer. The latter should never happen, but we shouldn't
	203	* trust our file to have the right lengths/delimiters.
	204	*/
	205	asciip = ascii;
	206	num_nulls = 0;
	207	str_rem = ascii_max;
	208	cur_str_rem = cur_str_max;
	209	cur_str_len = 0;
	210
	211	for(i=0; (i < len) && str_rem > 0; i++)
	212	{
	213	(cur_str+cur_str_len) = (datap+i);
	214	if(*(cur_str+cur_str_len) == 0)
	215	num_nulls++;
	216	else
	217	num_nulls = 0;
	218	cur_str_len++;
	219
	220	if(num_nulls == 2)
	221	{
	222	uni_to_ascii(cur_str, cur_ascii, cur_str_max, 0);
[42]	223	cur_quoted = quote_string((char*)cur_ascii, ",\|\"\\");
[41]	224	alen = snprintf((char*)asciip, str_rem, "%s", cur_quoted);
	225	asciip += alen;
	226	str_rem -= alen;
	227	free(cur_quoted);
	228
	229	if((datap+i+1) == 0 && (datap+i+2) == 0)
	230	break;
	231	else
	232	{
	233	alen = snprintf((char*)asciip, str_rem, "%c", '\|');
	234	asciip += alen;
	235	str_rem -= alen;
	236	memset(cur_str, 0, cur_str_max);
	237	cur_str_len = 0;
	238	num_nulls = 0;
	239	/* To eliminate leading nulls in subsequent strings. */
	240	i++;
	241	}
	242	}
	243	}
	244	*asciip = 0;
[42]	245	free(cur_str);
	246	free(cur_ascii);
[41]	247	return ascii;
	248	break;
	249
[42]	250	/* XXX: Dont know what to do with these yet, just print as binary... */
	251	case REG_RESOURCE_LIST:
	252	case REG_FULL_RESOURCE_DESCRIPTOR:
	253	case REG_RESOURCE_REQUIREMENTS_LIST:
	254
	255	case REG_BINARY:
	256	return (unsigned char*)quote_buffer(datap, len, special_chars);
	257	break;
	258
[41]	259	default:
	260	return NULL;
	261	break;
	262	}
	263
	264	return NULL;
	265	}
	266
	267
[42]	268	/* Security descriptor print functions */
[43]	269	/* XXX: these functions should be moved out into regfio library */
[42]	270	const char* ace_type2str(uint8 type)
	271	{
	272	static const char* map[7]
	273	= {"ALLOW", "DENY", "AUDIT", "ALARM",
	274	"ALLOW CPD", "OBJ ALLOW", "OBJ DENY"};
	275	if(type < 7)
	276	return map[type];
	277	else
	278	return "UNKNOWN";
	279	}
	280
	281
	282	char* ace_flags2str(uint8 flags)
	283	{
	284	char* flg_output = malloc(21*sizeof(char));
	285	int some = 0;
	286
	287	if(flg_output == NULL)
	288	return NULL;
	289
	290	flg_output[0] = '\0';
	291	if (!flags)
	292	return flg_output;
	293
	294	if (flags & 0x01) {
	295	if (some) strcat(flg_output, " ");
	296	some = 1;
	297	strcat(flg_output, "OI");
	298	}
	299	if (flags & 0x02) {
	300	if (some) strcat(flg_output, " ");
	301	some = 1;
	302	strcat(flg_output, "CI");
	303	}
	304	if (flags & 0x04) {
	305	if (some) strcat(flg_output, " ");
	306	some = 1;
	307	strcat(flg_output, "NP");
	308	}
	309	if (flags & 0x08) {
	310	if (some) strcat(flg_output, " ");
	311	some = 1;
	312	strcat(flg_output, "IO");
	313	}
	314	if (flags & 0x10) {
	315	if (some) strcat(flg_output, " ");
	316	some = 1;
	317	strcat(flg_output, "IA");
	318	}
	319	if (flags == 0xF) {
	320	if (some) strcat(flg_output, " ");
	321	some = 1;
	322	strcat(flg_output, "VI");
	323	}
	324
	325	return flg_output;
	326	}
	327
	328
	329	char* ace_perms2str(uint32 perms)
	330	{
	331	char* ret_val = malloc(9*sizeof(char));
[43]	332	sprintf(ret_val, "%.8X", perms);
[42]	333
	334	return ret_val;
	335	}
	336
	337
	338	char* sid2str(DOM_SID* sid)
	339	{
	340	uint32 i, size = MAXSUBAUTHS*11 + 24;
	341	uint32 left = size;
	342	uint8 comps = sid->num_auths;
	343	char* ret_val = malloc(size);
	344
	345	if(ret_val == NULL)
	346	return NULL;
	347
	348	if(comps > MAXSUBAUTHS)
	349	comps = MAXSUBAUTHS;
	350
	351	left -= sprintf(ret_val, "S-%u-%u", sid->sid_rev_num, sid->id_auth[5]);
	352
	353	for (i = 0; i < comps; i++)
	354	left -= snprintf(ret_val+(size-left), left, "-%u", sid->sub_auths[i]);
	355
	356	return ret_val;
	357	}
	358
	359
	360	char* get_acl(SEC_ACL* acl)
	361	{
	362	uint32 i, extra, size = 0;
	363	const char* type_str;
	364	char* flags_str;
	365	char* perms_str;
	366	char* sid_str;
	367	char* ret_val = NULL;
	368	char* ace_delim = "";
	369	char field_delim = ':';
	370
[43]	371	printf("acl: %.8X\n", (uint32)acl);
	372
[42]	373	for (i = 0; i < acl->num_aces; i++)
	374	{
	375	/* XXX: check for NULL */
	376	sid_str = sid2str(&acl->ace[i].trustee);
	377	type_str = ace_type2str(acl->ace[i].type);
	378	perms_str = ace_perms2str(acl->ace[i].info.mask);
	379	flags_str = ace_flags2str(acl->ace[i].flags);
	380
	381	/* XXX: this is slow */
	382	extra = strlen(sid_str) + strlen(type_str)
[43]	383	+ strlen(perms_str) + strlen(flags_str)+5;
	384	ret_val = realloc(ret_val, size+extra);
[42]	385	if(ret_val == NULL)
	386	return NULL;
[43]	387	size += snprintf(ret_val+size, extra, "%s%s%c%s%c%s%c%s",
	388	ace_delim,sid_str,
	389	field_delim,type_str,
	390	field_delim,perms_str,
	391	field_delim,flags_str);
[42]	392	ace_delim = "\|";
	393	free(sid_str);
	394	free(perms_str);
	395	free(flags_str);
	396	}
	397
	398	return ret_val;
	399	}
	400
	401
	402	char* get_sacl(SEC_DESC *sec_desc)
	403	{
	404	if (sec_desc->sacl)
	405	return get_acl(sec_desc->sacl);
	406	else
[43]	407	return NULL;
[42]	408	}
	409
	410
	411	char* get_dacl(SEC_DESC *sec_desc)
	412	{
	413	if (sec_desc->dacl)
	414	return get_acl(sec_desc->dacl);
	415	else
[43]	416	return NULL;
[42]	417	}
	418
	419
	420	char* get_owner(SEC_DESC *sec_desc)
	421	{
	422	return sid2str(sec_desc->owner_sid);
	423	}
	424
	425
	426	char* get_group(SEC_DESC *sec_desc)
	427	{
	428	return sid2str(sec_desc->grp_sid);
	429	}
	430
	431
[33]	432	void_stack* path2Stack(const char* s)
[30]	433	{
[38]	434	void_stack* ret_val;
	435	void_stack* rev_ret = void_stack_new(1024);
	436	const char* cur = s;
[33]	437	char* next = NULL;
[38]	438	char* copy;
	439
	440	if (rev_ret == NULL)
	441	return NULL;
[37]	442	if (s == NULL)
[38]	443	return rev_ret;
	444
	445	while((next = strchr(cur, '/')) != NULL)
[33]	446	{
[38]	447	if ((next-cur) > 0)
	448	{
	449	copy = (char)malloc((next-cur+1)sizeof(char));
	450	if(copy == NULL)
	451	bailOut(2, "ERROR: Memory allocation problem.\n");
	452
	453	memcpy(copy, cur, next-cur);
	454	copy[next-cur] = '\0';
	455	void_stack_push(rev_ret, copy);
	456	}
	457	cur = next+1;
[33]	458	}
	459	if(strlen(cur) > 0)
[38]	460	{
	461	copy = strdup(cur);
	462	void_stack_push(rev_ret, copy);
	463	}
[33]	464
[38]	465	ret_val = void_stack_copy_reverse(rev_ret);
	466	void_stack_destroy(rev_ret);
	467
[33]	468	return ret_val;
	469	}
	470
	471
	472	char* stack2Path(void_stack* nk_stack)
	473	{
	474	const REGF_NK_REC* cur;
[37]	475	uint32 buf_left = 127;
	476	uint32 buf_len = buf_left+1;
	477	uint32 name_len = 0;
	478	uint32 grow_amt;
[31]	479	char* buf;
	480	char* new_buf;
	481	void_stack_iterator* iter;
	482
	483	buf = (char)malloc((buf_len)sizeof(char));
	484	if (buf == NULL)
	485	return NULL;
[43]	486	buf[0] = '/';
	487	buf[1] = '\0';
[30]	488
[31]	489	iter = void_stack_iterator_new(nk_stack);
	490	if (iter == NULL)
[30]	491	{
[31]	492	free(buf);
	493	return NULL;
[30]	494	}
	495
[33]	496	/* skip root element */
	497	cur = void_stack_iterator_next(iter);
	498
[31]	499	while((cur = void_stack_iterator_next(iter)) != NULL)
	500	{
[33]	501	buf[buf_len-buf_left-1] = '/';
	502	buf_left -= 1;
[31]	503	name_len = strlen(cur->keyname);
	504	if(name_len+1 > buf_left)
	505	{
[37]	506	grow_amt = (uint32)(buf_len/2);
[31]	507	buf_len += name_len+1+grow_amt-buf_left;
	508	if((new_buf = realloc(buf, buf_len)) == NULL)
	509	{
	510	free(buf);
	511	free(iter);
	512	return NULL;
	513	}
	514	buf = new_buf;
	515	buf_left = grow_amt + name_len + 1;
	516	}
	517	strncpy(buf+(buf_len-buf_left-1), cur->keyname, name_len);
	518	buf_left -= name_len;
	519	buf[buf_len-buf_left-1] = '\0';
	520	}
[30]	521
[31]	522	return buf;
	523	}
[30]	524
[31]	525
[33]	526	void printValue(REGF_VK_REC* vk, char* prefix)
[31]	527	{
[41]	528	uint32 size;
	529	uint8 tmp_buf[4];
[42]	530	unsigned char* quoted_value;
	531	char* quoted_prefix;
	532	char* quoted_name;
[41]	533
[43]	534	/* Thanks Microsoft for making this process so straight-forward!!! */
	535	size = (vk->data_size & ~VK_DATA_IN_OFFSET);
	536	if(vk->data_size & VK_DATA_IN_OFFSET)
[41]	537	{
[43]	538	tmp_buf[0] = (uint8)((vk->data_off >> 3) & 0xFF);
	539	tmp_buf[1] = (uint8)((vk->data_off >> 2) & 0xFF);
	540	tmp_buf[2] = (uint8)((vk->data_off >> 1) & 0xFF);
	541	tmp_buf[3] = (uint8)(vk->data_off & 0xFF);
	542	if(size > 4)
	543	size = 4;
	544	quoted_value = data_to_ascii(tmp_buf, 4, vk->type);
	545	}
	546	else
	547	{
	548	/* XXX: This is a safety hack. No data fields have yet been found
	549	* larger, but length limits are probably better got from fields
	550	* in the registry itself, within reason.
	551	*/
	552	if(size > 16384)
[41]	553	{
[43]	554	fprintf(stderr, "WARNING: key size %d larger than "
	555	"16384, truncating...\n", size);
	556	size = 16384;
[41]	557	}
[43]	558	quoted_value = data_to_ascii(vk->data, vk->data_size, vk->type);
	559	}
	560
	561	/* XXX: Sometimes value names can be NULL in registry. Need to
	562	* figure out why and when, and generate the appropriate output
	563	* for that condition.
	564	*/
	565	quoted_prefix = quote_string(prefix, special_chars);
	566	quoted_name = quote_string(vk->valuename, special_chars);
	567
	568	if(print_security)
[42]	569	printf("%s/%s,%s,%s,,,,,\n", quoted_prefix, quoted_name,
[41]	570	regfio_type_val2str(vk->type), quoted_value);
[43]	571	else
	572	printf("%s/%s,%s,%s,\n", quoted_prefix, quoted_name,
	573	regfio_type_val2str(vk->type), quoted_value);
	574
	575	if(quoted_value != NULL)
	576	free(quoted_value);
	577	if(quoted_prefix != NULL)
	578	free(quoted_prefix);
	579	if(quoted_name != NULL)
	580	free(quoted_name);
[32]	581	}
	582
	583
[33]	584	void printValueList(REGF_NK_REC* nk, char* prefix)
[32]	585	{
[37]	586	uint32 i;
[33]	587
	588	for(i=0; i < nk->num_values; i++)
[43]	589	if(!type_filter_enabled \|\| (nk->values[i].type == type_filter))
	590	printValue(&nk->values[i], prefix);
[33]	591	}
	592
[37]	593
[43]	594	void printKey(REGF_NK_REC* k, char* full_path)
[33]	595	{
[43]	596	static char empty_str[1] = "";
[42]	597	char* owner = NULL;
	598	char* group = NULL;
	599	char* sacl = NULL;
	600	char* dacl = NULL;
	601	char mtime[20];
	602	time_t tmp_time[1];
	603	struct tm* tmp_time_s = NULL;
	604
[43]	605	*tmp_time = nt_time_to_unix(&k->mtime);
	606	tmp_time_s = gmtime(tmp_time);
	607	strftime(mtime, sizeof(mtime), "%Y-%m-%d %H:%M:%S", tmp_time_s);
	608
	609	if(print_security)
	610	{
	611	owner = get_owner(k->sec_desc->sec_desc);
	612	group = get_group(k->sec_desc->sec_desc);
	613	sacl = get_sacl(k->sec_desc->sec_desc);
	614	dacl = get_dacl(k->sec_desc->sec_desc);
	615	if(owner == NULL)
	616	owner = empty_str;
	617	if(group == NULL)
	618	group = empty_str;
	619	if(sacl == NULL)
	620	sacl = empty_str;
	621	if(dacl == NULL)
	622	dacl = empty_str;
	623
	624	printf("%s,KEY,,%s,%s,%s,%s,%s\n", full_path, mtime,
	625	owner, group, sacl, dacl);
	626
	627	if(owner != empty_str)
	628	free(owner);
	629	if(group != empty_str)
	630	free(group);
	631	if(sacl != empty_str)
	632	free(sacl);
	633	if(dacl != empty_str)
	634	free(dacl);
	635	}
	636	else
	637	printf("%s,KEY,,%s\n", full_path, mtime);
	638	}
	639
	640
	641	/* XXX: this function is god-awful. Needs to be re-designed. */
	642	void printKeyTree(REGF_FILE* f, void_stack* nk_stack, char* prefix)
	643	{
	644	REGF_NK_REC* cur;
	645	REGF_NK_REC* sub;
	646	char* path = NULL;
	647	char* val_path = NULL;
	648
[41]	649	int key_type = regfio_type_str2val("KEY");
[43]	650
[32]	651	if((cur = (REGF_NK_REC*)void_stack_cur(nk_stack)) != NULL)
[31]	652	{
[33]	653	cur->subkey_index = 0;
	654	path = stack2Path(nk_stack);
	655
[43]	656
	657	val_path = (char*)malloc(strlen(prefix)+strlen(path)+1);
	658	sprintf(val_path, "%s%s", prefix, path);
	659	if(!type_filter_enabled \|\| (key_type == type_filter))
	660	printKey(cur, val_path);
	661
[40]	662	if(!type_filter_enabled \|\| (key_type != type_filter))
[43]	663	printValueList(cur, val_path);
	664	if(val_path != NULL)
	665	free(val_path);
[32]	666	while((cur = (REGF_NK_REC*)void_stack_cur(nk_stack)) != NULL)
[31]	667	{
[32]	668	if((sub = regfio_fetch_subkey(f, cur)) != NULL)
[31]	669	{
[33]	670	sub->subkey_index = 0;
[32]	671	void_stack_push(nk_stack, sub);
[33]	672	path = stack2Path(nk_stack);
[32]	673	if(path != NULL)
	674	{
[33]	675	val_path = (char*)malloc(strlen(prefix)+strlen(path)+1);
	676	sprintf(val_path, "%s%s", prefix, path);
[40]	677	if(!type_filter_enabled \|\| (key_type == type_filter))
[43]	678	printKey(sub, val_path);
[40]	679	if(!type_filter_enabled \|\| (key_type != type_filter))
	680	printValueList(sub, val_path);
[42]	681	if(val_path != NULL)
	682	free(val_path);
[32]	683	}
[31]	684	}
[32]	685	else
	686	{
	687	cur = void_stack_pop(nk_stack);
	688	/* XXX: This is just a shallow free. Need to write deep free
	689	* routines to replace the Samba code for this.
	690	*/
[39]	691	if(cur != NULL)
	692	free(cur);
[32]	693	}
[31]	694	}
	695	}
[30]	696	}
	697
	698
[33]	699	/*
	700	* Returns 0 if path was found.
	701	* Returns 1 if path was not found.
	702	* Returns less than 0 on other error.
	703	*/
	704	int retrievePath(REGF_FILE* f, void_stack* nk_stack,
	705	void_stack* path_stack)
	706	{
	707	REGF_NK_REC* sub;
	708	REGF_NK_REC* cur;
	709	void_stack* sub_nk_stack;
	710	char* prefix;
	711	char* cur_str = NULL;
	712	bool found_cur = true;
[37]	713	uint32 i;
	714	uint16 path_depth;
[33]	715	if(path_stack == NULL)
	716	return -1;
	717
	718	path_depth = void_stack_size(path_stack);
	719	if(path_depth < 1)
	720	return -2;
	721
	722	if(void_stack_size(nk_stack) < 1)
	723	return -3;
	724	cur = (REGF_NK_REC*)void_stack_cur(nk_stack);
	725
	726	while(void_stack_size(path_stack) > 1)
	727	{
	728	/* Search key records only */
	729	cur_str = (char*)void_stack_pop(path_stack);
	730
	731	found_cur = false;
	732	while(!found_cur &&
	733	(sub = regfio_fetch_subkey(f, cur)) != NULL)
	734	{
	735	if(strcasecmp(sub->keyname, cur_str) == 0)
	736	{
	737	cur = sub;
	738	void_stack_push(nk_stack, sub);
	739	found_cur = true;
	740	}
	741	}
[39]	742	free(cur_str);
[33]	743
	744	if(!found_cur)
[37]	745	return 1;
[33]	746	}
	747
	748	/* Last round, search value and key records */
	749	cur_str = (char*)void_stack_pop(path_stack);
	750
	751	for(i=0; (i < cur->num_values); i++)
	752	{
	753	if(strcasecmp(sub->values[i].valuename, cur_str) == 0)
	754	{
[43]	755	/* XXX: fix mem leak with stack2Path return value */
[33]	756	printValue(&sub->values[i], stack2Path(nk_stack));
	757	return 0;
	758	}
	759	}
	760
	761	while((sub = regfio_fetch_subkey(f, cur)) != NULL)
	762	{
	763	if(strcasecmp(sub->keyname, cur_str) == 0)
	764	{
	765	sub_nk_stack = void_stack_new(1024);
	766	void_stack_push(sub_nk_stack, sub);
	767	void_stack_push(nk_stack, sub);
	768	prefix = stack2Path(nk_stack);
	769	printKeyTree(f, sub_nk_stack, prefix);
	770	return 0;
	771	}
	772	}
	773
	774	return 1;
	775	}
	776
	777
[37]	778	static void usage(void)
	779	{
[39]	780	fprintf(stderr, "Usage: readreg [-v] [-s]"
[40]	781	" [-p <PATH_FILTER>] [-t <TYPE_FILTER>]"
[39]	782	" <REGISTRY_FILE>\n");
[37]	783	/* XXX: replace version string with Subversion property? */
	784	fprintf(stderr, "Version: 0.2\n");
[39]	785	fprintf(stderr, "Options:\n");
	786	fprintf(stderr, "\t-v\t sets verbose mode.\n");
[44]	787	fprintf(stderr, "\t-s\t enables security descriptor output.\n");
	788	fprintf(stderr, "\t-S\t disables security descriptor output. (default)\n");
[40]	789	fprintf(stderr, "\t-p\t restrict output to elements below this path.\n");
	790	fprintf(stderr, "\t-t\t restrict results to this specific data type.\n");
[37]	791	fprintf(stderr, "\n");
	792	}
	793
	794
[30]	795	int main(int argc, char** argv)
	796	{
[31]	797	void_stack* nk_stack;
[33]	798	void_stack* path_stack;
[31]	799	REGF_FILE* f;
	800	REGF_NK_REC* root;
[33]	801	int retr_path_ret;
[44]	802	uint32 argi, arge;
[31]	803
[37]	804	/* Process command line arguments */
[30]	805	if(argc < 2)
	806	{
[37]	807	usage();
[44]	808	bailOut(1, "ERROR: Requires at least one argument.\n");
[30]	809	}
[37]	810
[44]	811	arge = argc-1;
	812	for(argi = 1; argi < arge; argi++)
[37]	813	{
[40]	814	if (strcmp("-p", argv[argi]) == 0)
[37]	815	{
[44]	816	if(++argi >= arge)
[37]	817	{
	818	usage();
[40]	819	bailOut(1, "ERROR: '-p' option requires parameter.\n");
[37]	820	}
[40]	821	if((path_filter = strdup(argv[argi])) == NULL)
[38]	822	bailOut(2, "ERROR: Memory allocation problem.\n");
	823
[40]	824	path_filter_enabled = true;
[37]	825	}
	826	else if (strcmp("-t", argv[argi]) == 0)
	827	{
[44]	828	if(++argi >= arge)
[37]	829	{
	830	usage();
[38]	831	bailOut(1, "ERROR: '-t' option requires parameter.\n");
[37]	832	}
[41]	833	if((type_filter = regfio_type_str2val(argv[argi])) == 0)
[40]	834	{
	835	fprintf(stderr, "ERROR: Invalid type specified: %s.\n", argv[argi]);
	836	bailOut(1, "");
	837	}
[38]	838
[37]	839	type_filter_enabled = true;
	840	}
	841	else if (strcmp("-s", argv[argi]) == 0)
	842	print_security = true;
[44]	843	else if (strcmp("-S", argv[argi]) == 0)
	844	print_security = false;
[37]	845	else if (strcmp("-v", argv[argi]) == 0)
	846	print_verbose = true;
[44]	847	else
[37]	848	{
[38]	849	usage();
[37]	850	fprintf(stderr, "ERROR: Unrecognized option: %s\n", argv[argi]);
[38]	851	bailOut(1, "");
[37]	852	}
	853	}
[44]	854	if((registry_file = strdup(argv[argi])) == NULL)
	855	bailOut(2, "ERROR: Memory allocation problem.\n");
[30]	856
[37]	857	f = regfio_open(registry_file);
	858	if(f == NULL)
	859	{
	860	fprintf(stderr, "ERROR: Couldn't open registry file: %s\n", registry_file);
[38]	861	bailOut(3, "");
[37]	862	}
[38]	863
[31]	864	root = regfio_rootkey(f);
[37]	865	nk_stack = void_stack_new(1024);
[30]	866
[31]	867	if(void_stack_push(nk_stack, root))
[33]	868	{
[42]	869	if(print_header)
[43]	870	{
	871	if(print_security)
	872	printf("PATH,TYPE,VALUE,MTIME,OWNER,GROUP,SACL,DACL\n");
	873	else
	874	printf("PATH,TYPE,VALUE,MTIME\n");
	875	}
[42]	876
[40]	877	path_stack = path2Stack(path_filter);
[33]	878	if(void_stack_size(path_stack) < 1)
	879	printKeyTree(f, nk_stack, "");
	880	else
	881	{
[37]	882	retr_path_ret = retrievePath(f, nk_stack, path_stack);
[33]	883	if(retr_path_ret == 1)
[37]	884	fprintf(stderr, "WARNING: specified path not found.\n");
[33]	885	else if(retr_path_ret != 0)
[38]	886	bailOut(4, "ERROR:\n");
[33]	887	}
	888	}
[37]	889	else
[38]	890	bailOut(2, "ERROR: Memory allocation problem.\n");
[31]	891
[38]	892	void_stack_destroy_deep(nk_stack);
[30]	893	regfio_close(f);
	894
	895	return 0;
	896	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: