source: trunk/src/reglookup.c @ 50

Last change on this file since 50 was 48, checked in by tim, 19 years ago

fixed segfault when valuenames are NULL

  • Property svn:keywords set to Id
File size: 21.2 KB
Line 
1/*
2 * A utility to read a Windows NT/2K/XP/2K3 registry file, using
3 * Gerald Carter''s regfio interface.
4 *
5 * Copyright (C) 2005 Timothy D. Morgan
6 * Copyright (C) 2002 Richard Sharpe, rsharpe@richardsharpe.com
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; version 2 of the License.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 
20 *
21 * $Id: reglookup.c 48 2005-08-06 22:05:18Z tim $
22 */
23
24
25#include <stdlib.h>
26#include <stdio.h>
27#include <string.h>
28#include <strings.h>
29#include <time.h>
30#include "../include/regfio.h"
31#include "../include/void_stack.h"
32
33/* Globals, influenced by command line parameters */
34bool print_verbose = false;
35bool print_security = false;
36bool print_header = true;
37bool path_filter_enabled = false;
38bool type_filter_enabled = false;
39char* path_filter = NULL;
40int type_filter;
41char* registry_file = NULL;
42
43/* Other globals */
44const char* special_chars = ",\"\\";
45
46void bailOut(int code, char* message)
47{
48  fprintf(stderr, message);
49  exit(code);
50}
51
52
53/* Returns a newly malloc()ed string which contains original buffer,
54 * except for non-printable or special characters are quoted in hex
55 * with the syntax '\xQQ' where QQ is the hex ascii value of the quoted
56 * character.  A null terminator is added, as only ascii, not binary,
57 * is returned.
58 */
59static char* quote_buffer(const unsigned char* str, 
60                          unsigned int len, const char* special)
61{
62  unsigned int i;
63  unsigned int num_written=0;
64  unsigned int out_len = sizeof(char)*len+1;
65  char* ret_val = malloc(out_len);
66
67  if(ret_val == NULL)
68    return NULL;
69
70  for(i=0; i<len; i++)
71  {
72    if(str[i] < 32 || str[i] > 126 || strchr(special, str[i]) != NULL)
73    {
74      out_len += 3;
75      /* XXX: may not be the most efficient way of getting enough memory. */
76      ret_val = realloc(ret_val, out_len);
77      if(ret_val == NULL)
78        break;
79      num_written += snprintf(ret_val+num_written, (out_len)-num_written,
80                              "\\x%.2X", str[i]);
81    }
82    else
83      ret_val[num_written++] = str[i];
84  }
85  ret_val[num_written] = '\0';
86
87  return ret_val;
88}
89
90
91/* Returns a newly malloc()ed string which contains original string,
92 * except for non-printable or special characters are quoted in hex
93 * with the syntax '\xQQ' where QQ is the hex ascii value of the quoted
94 * character.
95 */
96static char* quote_string(const char* str, const char* special)
97{
98  unsigned int len;
99
100  if(str == NULL)
101    return NULL;
102
103  len = strlen(str);
104  return quote_buffer((const unsigned char*)str, len, special);
105}
106
107
108/*
109 * Convert from UniCode to Ascii ... Does not take into account other lang
110 * Restrict by ascii_max if > 0
111 */
112static int uni_to_ascii(unsigned char *uni, unsigned char *ascii, 
113                        int ascii_max, int uni_max)
114{
115  int i = 0; 
116
117  while (i < ascii_max && (uni[i*2] || uni[i*2+1]))
118  {
119    if (uni_max > 0 && (i*2) >= uni_max) break;
120    ascii[i] = uni[i*2];
121    i++;
122  }
123  ascii[i] = '\0';
124
125  return i;
126}
127
128
129/*
130 * Convert a data value to a string for display
131 */
132static unsigned char* data_to_ascii(unsigned char *datap, int len, int type)
133{
134  unsigned char *asciip;
135  unsigned int i;
136  unsigned short num_nulls;
137  unsigned char* ascii;
138  unsigned char* cur_str;
139  unsigned char* cur_ascii;
140  char* cur_quoted;
141  unsigned int cur_str_len;
142  unsigned int ascii_max, cur_str_max;
143  unsigned int str_rem, cur_str_rem, alen;
144
145  switch (type) 
146  {
147  case REG_SZ:
148    if (print_verbose)
149      fprintf(stderr, "Len: %d\n", len);
150   
151    ascii_max = sizeof(char)*len;
152    ascii = malloc(ascii_max+4);
153    if(ascii == NULL)
154      return NULL;
155   
156    /* XXX: This has to be fixed. It has to be UNICODE */
157    uni_to_ascii(datap, ascii, len, ascii_max);
158    cur_quoted = quote_string((char*)ascii, special_chars);
159    free(ascii);
160    return (unsigned char*)cur_quoted;
161    break;
162
163  case REG_EXPAND_SZ:
164    ascii_max = sizeof(char)*len;
165    ascii = malloc(ascii_max+2);
166    if(ascii == NULL)
167      return NULL;
168
169    uni_to_ascii(datap, ascii, len, ascii_max);
170    cur_quoted = quote_string((char*)ascii, special_chars);
171    free(ascii);
172    return (unsigned char*)cur_quoted;
173    break;
174
175  case REG_DWORD:
176    ascii_max = sizeof(char)*10;
177    ascii = malloc(ascii_max+1);
178    if(ascii == NULL)
179      return NULL;
180
181    if (*(int *)datap == 0)
182      snprintf((char*)ascii, ascii_max, "0");
183    else
184      snprintf((char*)ascii, ascii_max, "0x%x", *(int *)datap);
185    return ascii;
186    break;
187
188  /* XXX: this MULTI_SZ parser is pretty inefficient.  Should be
189   *      redone with fewer malloc and better string concatenation.
190   */
191  case REG_MULTI_SZ:
192    ascii_max = sizeof(char)*len*4;
193    cur_str_max = sizeof(char)*len+1;
194    cur_str = malloc(cur_str_max);
195    cur_ascii = malloc(cur_str_max);
196    ascii = malloc(ascii_max+4);
197    if(ascii == NULL || cur_str == NULL || cur_ascii == NULL)
198      return NULL;
199
200    /* Reads until it reaches 4 consecutive NULLs,
201     * which is two nulls in unicode, or until it reaches len, or until we
202     * run out of buffer.  The latter should never happen, but we shouldn't
203     * trust our file to have the right lengths/delimiters.
204     */
205    asciip = ascii;
206    num_nulls = 0;
207    str_rem = ascii_max;
208    cur_str_rem = cur_str_max;
209    cur_str_len = 0;
210
211    for(i=0; (i < len) && str_rem > 0; i++)
212    {
213      *(cur_str+cur_str_len) = *(datap+i);
214      if(*(cur_str+cur_str_len) == 0)
215        num_nulls++;
216      else
217        num_nulls = 0;
218      cur_str_len++;
219
220      if(num_nulls == 2)
221      {
222        uni_to_ascii(cur_str, cur_ascii, cur_str_max, 0);
223        cur_quoted = quote_string((char*)cur_ascii, ",|\"\\");
224        alen = snprintf((char*)asciip, str_rem, "%s", cur_quoted);
225        asciip += alen;
226        str_rem -= alen;
227        free(cur_quoted);
228
229        if(*(datap+i+1) == 0 && *(datap+i+2) == 0)
230          break;
231        else
232        {
233          alen = snprintf((char*)asciip, str_rem, "%c", '|');
234          asciip += alen;
235          str_rem -= alen;
236          memset(cur_str, 0, cur_str_max);
237          cur_str_len = 0;
238          num_nulls = 0;
239          /* To eliminate leading nulls in subsequent strings. */
240          i++;
241        }
242      }
243    }
244    *asciip = 0;
245    free(cur_str);
246    free(cur_ascii);
247    return ascii;
248    break;
249
250  /* XXX: Dont know what to do with these yet, just print as binary... */
251  case REG_RESOURCE_LIST:
252  case REG_FULL_RESOURCE_DESCRIPTOR:
253  case REG_RESOURCE_REQUIREMENTS_LIST:
254
255  case REG_BINARY:
256    return (unsigned char*)quote_buffer(datap, len, special_chars);
257    break;
258
259  default:
260    return NULL;
261    break;
262  } 
263
264  return NULL;
265}
266
267
268/* Security descriptor print functions  */
269/* XXX: these functions should be moved out into regfio library */
270const char* ace_type2str(uint8 type)
271{
272  static const char* map[7] 
273    = {"ALLOW", "DENY", "AUDIT", "ALARM", 
274       "ALLOW CPD", "OBJ ALLOW", "OBJ DENY"};
275  if(type < 7)
276    return map[type];
277  else
278    return "UNKNOWN";
279}
280
281
282char* ace_flags2str(uint8 flags)
283{
284  char* flg_output = malloc(21*sizeof(char));
285  int some = 0;
286
287  if(flg_output == NULL)
288    return NULL;
289
290  flg_output[0] = '\0';
291  if (!flags)
292    return flg_output;
293
294  if (flags & 0x01) {
295    if (some) strcat(flg_output, " ");
296    some = 1;
297    strcat(flg_output, "OI");
298  }
299  if (flags & 0x02) {
300    if (some) strcat(flg_output, " ");
301    some = 1;
302    strcat(flg_output, "CI");
303  }
304  if (flags & 0x04) {
305    if (some) strcat(flg_output, " ");
306    some = 1;
307    strcat(flg_output, "NP");
308  }
309  if (flags & 0x08) {
310    if (some) strcat(flg_output, " ");
311    some = 1;
312    strcat(flg_output, "IO");
313  }
314  if (flags & 0x10) {
315    if (some) strcat(flg_output, " ");
316    some = 1;
317    strcat(flg_output, "IA");
318  }
319  if (flags == 0xF) {
320    if (some) strcat(flg_output, " ");
321    some = 1;
322    strcat(flg_output, "VI");
323  }
324
325  return flg_output;
326}
327
328
329char* ace_perms2str(uint32 perms)
330{
331  char* ret_val = malloc(9*sizeof(char));
332  sprintf(ret_val, "%.8X", perms);
333
334  return ret_val;
335}
336
337
338char* sid2str(DOM_SID* sid)
339{
340  uint32 i, size = MAXSUBAUTHS*11 + 24;
341  uint32 left = size;
342  uint8 comps = sid->num_auths;
343  char* ret_val = malloc(size);
344 
345  if(ret_val == NULL)
346    return NULL;
347
348  if(comps > MAXSUBAUTHS)
349    comps = MAXSUBAUTHS;
350
351  left -= sprintf(ret_val, "S-%u-%u", sid->sid_rev_num, sid->id_auth[5]);
352
353  for (i = 0; i < comps; i++) 
354    left -= snprintf(ret_val+(size-left), left, "-%u", sid->sub_auths[i]);
355
356  return ret_val;
357}
358
359
360char* get_acl(SEC_ACL* acl)
361{
362  uint32 i, extra, size = 0;
363  const char* type_str;
364  char* flags_str;
365  char* perms_str;
366  char* sid_str;
367  char* ret_val = NULL;
368  char* ace_delim = "";
369  char field_delim = ':';
370
371  for (i = 0; i < acl->num_aces; i++)
372  {
373    /* XXX: check for NULL */
374    sid_str = sid2str(&acl->ace[i].trustee);
375    type_str = ace_type2str(acl->ace[i].type);
376    perms_str = ace_perms2str(acl->ace[i].info.mask);
377    flags_str = ace_flags2str(acl->ace[i].flags);
378
379    /* XXX: this is slow */
380    extra = strlen(sid_str) + strlen(type_str) 
381          + strlen(perms_str) + strlen(flags_str)+5;
382    ret_val = realloc(ret_val, size+extra);
383    if(ret_val == NULL)
384      return NULL;
385    size += snprintf(ret_val+size, extra, "%s%s%c%s%c%s%c%s",
386                     ace_delim,sid_str,
387                     field_delim,type_str,
388                     field_delim,perms_str,
389                     field_delim,flags_str);
390    ace_delim = "|";
391    free(sid_str);
392    free(perms_str);
393    free(flags_str);
394  }
395
396  return ret_val;
397}
398
399
400char* get_sacl(SEC_DESC *sec_desc)
401{
402  if (sec_desc->sacl)
403    return get_acl(sec_desc->sacl);
404  else
405    return NULL;
406}
407
408
409char* get_dacl(SEC_DESC *sec_desc)
410{
411  if (sec_desc->dacl)
412    return get_acl(sec_desc->dacl);
413  else
414    return NULL;
415}
416
417
418char* get_owner(SEC_DESC *sec_desc)
419{
420  return sid2str(sec_desc->owner_sid);
421}
422
423
424char* get_group(SEC_DESC *sec_desc)
425{
426  return sid2str(sec_desc->grp_sid);
427}
428
429
430void_stack* path2Stack(const char* s)
431{
432  void_stack* ret_val;
433  void_stack* rev_ret = void_stack_new(1024);
434  const char* cur = s;
435  char* next = NULL;
436  char* copy;
437
438  if (rev_ret == NULL)
439    return NULL;
440  if (s == NULL)
441    return rev_ret;
442 
443  while((next = strchr(cur, '/')) != NULL)
444  {
445    if ((next-cur) > 0)
446    {
447      copy = (char*)malloc((next-cur+1)*sizeof(char));
448      if(copy == NULL)
449        bailOut(2, "ERROR: Memory allocation problem.\n");
450         
451      memcpy(copy, cur, next-cur);
452      copy[next-cur] = '\0';
453      void_stack_push(rev_ret, copy);
454    }
455    cur = next+1;
456  }
457  if(strlen(cur) > 0)
458  {
459    copy = strdup(cur);
460    void_stack_push(rev_ret, copy);
461  }
462
463  ret_val = void_stack_copy_reverse(rev_ret);
464  void_stack_destroy(rev_ret);
465
466  return ret_val;
467}
468
469
470char* stack2Path(void_stack* nk_stack)
471{
472  const REGF_NK_REC* cur;
473  uint32 buf_left = 127;
474  uint32 buf_len = buf_left+1;
475  uint32 name_len = 0;
476  uint32 grow_amt;
477  char* buf; 
478  char* new_buf;
479  void_stack_iterator* iter;
480 
481  buf = (char*)malloc((buf_len)*sizeof(char));
482  if (buf == NULL)
483    return NULL;
484  buf[0] = '/';
485  buf[1] = '\0';
486
487  iter = void_stack_iterator_new(nk_stack);
488  if (iter == NULL)
489  {
490    free(buf);
491    return NULL;
492  }
493
494  /* skip root element */
495  cur = void_stack_iterator_next(iter);
496
497  while((cur = void_stack_iterator_next(iter)) != NULL)
498  {
499    buf[buf_len-buf_left-1] = '/';
500    buf_left -= 1;
501    name_len = strlen(cur->keyname);
502    if(name_len+1 > buf_left)
503    {
504      grow_amt = (uint32)(buf_len/2);
505      buf_len += name_len+1+grow_amt-buf_left;
506      if((new_buf = realloc(buf, buf_len)) == NULL)
507      {
508        free(buf);
509        free(iter);
510        return NULL;
511      }
512      buf = new_buf;
513      buf_left = grow_amt + name_len + 1;
514    }
515    strncpy(buf+(buf_len-buf_left-1), cur->keyname, name_len);
516    buf_left -= name_len;
517    buf[buf_len-buf_left-1] = '\0';
518  }
519
520  return buf;
521}
522
523
524void printValue(REGF_VK_REC* vk, char* prefix)
525{
526  uint32 size;
527  uint8 tmp_buf[4];
528  unsigned char* quoted_value;
529  char* quoted_prefix;
530  char* quoted_name;
531
532  /* Thanks Microsoft for making this process so straight-forward!!! */
533  size = (vk->data_size & ~VK_DATA_IN_OFFSET);
534  if(vk->data_size & VK_DATA_IN_OFFSET)
535  {
536    tmp_buf[0] = (uint8)((vk->data_off >> 3) & 0xFF);
537    tmp_buf[1] = (uint8)((vk->data_off >> 2) & 0xFF);
538    tmp_buf[2] = (uint8)((vk->data_off >> 1) & 0xFF);
539    tmp_buf[3] = (uint8)(vk->data_off & 0xFF);
540    if(size > 4)
541      size = 4;
542    quoted_value = data_to_ascii(tmp_buf, 4, vk->type);
543  }
544  else
545  {
546    /* XXX: This is a safety hack.  No data fields have yet been found
547     * larger, but length limits are probably better got from fields
548     * in the registry itself, within reason.
549     */
550    if(size > 16384)
551    {
552      fprintf(stderr, "WARNING: key size %d larger than "
553              "16384, truncating...\n", size);
554      size = 16384;
555    }
556    quoted_value = data_to_ascii(vk->data, vk->data_size, vk->type);
557  }
558 
559  /* XXX: Sometimes value names can be NULL in registry.  Need to
560   *      figure out why and when, and generate the appropriate output
561   *      for that condition.
562   */
563  quoted_prefix = quote_string(prefix, special_chars);
564  quoted_name = quote_string(vk->valuename, special_chars);
565 
566  if(print_security)
567    printf("%s/%s,%s,%s,,,,,\n", quoted_prefix, quoted_name,
568           regfio_type_val2str(vk->type), quoted_value);
569  else
570    printf("%s/%s,%s,%s,\n", quoted_prefix, quoted_name,
571           regfio_type_val2str(vk->type), quoted_value);
572 
573  if(quoted_value != NULL)
574    free(quoted_value);
575  if(quoted_prefix != NULL)
576    free(quoted_prefix);
577  if(quoted_name != NULL)
578    free(quoted_name);
579}
580
581
582void printValueList(REGF_NK_REC* nk, char* prefix)
583{
584  uint32 i;
585 
586  for(i=0; i < nk->num_values; i++)
587    if(!type_filter_enabled || (nk->values[i].type == type_filter))
588      printValue(&nk->values[i], prefix);
589}
590
591
592void printKey(REGF_NK_REC* k, char* full_path)
593{
594  static char empty_str[1] = "";
595  char* owner = NULL;
596  char* group = NULL;
597  char* sacl = NULL;
598  char* dacl = NULL;
599  char mtime[20];
600  time_t tmp_time[1];
601  struct tm* tmp_time_s = NULL;
602
603  *tmp_time = nt_time_to_unix(&k->mtime);
604  tmp_time_s = gmtime(tmp_time);
605  strftime(mtime, sizeof(mtime), "%Y-%m-%d %H:%M:%S", tmp_time_s);
606
607  if(print_security)
608  {
609    owner = get_owner(k->sec_desc->sec_desc);
610    group = get_group(k->sec_desc->sec_desc);
611    sacl = get_sacl(k->sec_desc->sec_desc);
612    dacl = get_dacl(k->sec_desc->sec_desc);
613    if(owner == NULL)
614      owner = empty_str;
615    if(group == NULL)
616      group = empty_str;
617    if(sacl == NULL)
618      sacl = empty_str;
619    if(dacl == NULL)
620      dacl = empty_str;
621
622    printf("%s,KEY,,%s,%s,%s,%s,%s\n", full_path, mtime, 
623           owner, group, sacl, dacl);
624
625    if(owner != empty_str)
626      free(owner);
627    if(group != empty_str)
628      free(group);
629    if(sacl != empty_str)
630      free(sacl);
631    if(dacl != empty_str)
632      free(dacl);
633  }
634  else
635    printf("%s,KEY,,%s\n", full_path, mtime);
636}
637
638
639/* XXX: this function is god-awful.  Needs to be re-designed. */
640void printKeyTree(REGF_FILE* f, void_stack* nk_stack, char* prefix)
641{
642  REGF_NK_REC* cur;
643  REGF_NK_REC* sub;
644  char* path = NULL;
645  char* val_path = NULL;
646
647  int key_type = regfio_type_str2val("KEY");
648 
649  if((cur = (REGF_NK_REC*)void_stack_cur(nk_stack)) != NULL)
650  {
651    cur->subkey_index = 0;
652    path = stack2Path(nk_stack);
653   
654
655    val_path = (char*)malloc(strlen(prefix)+strlen(path)+1);
656    sprintf(val_path, "%s%s", prefix, path);
657    if(!type_filter_enabled || (key_type == type_filter))
658      printKey(cur, val_path);
659
660    if(!type_filter_enabled || (key_type != type_filter))
661      printValueList(cur, val_path);
662    if(val_path != NULL)
663      free(val_path);
664    while((cur = (REGF_NK_REC*)void_stack_cur(nk_stack)) != NULL)
665    {
666      if((sub = regfio_fetch_subkey(f, cur)) != NULL)
667      {
668        sub->subkey_index = 0;
669        void_stack_push(nk_stack, sub);
670        path = stack2Path(nk_stack);
671        if(path != NULL)
672        {
673          val_path = (char*)malloc(strlen(prefix)+strlen(path)+1);
674          sprintf(val_path, "%s%s", prefix, path);
675          if(!type_filter_enabled || (key_type == type_filter))
676            printKey(sub, val_path);
677          if(!type_filter_enabled || (key_type != type_filter))
678            printValueList(sub, val_path);
679          if(val_path != NULL)
680            free(val_path);
681        }
682      }
683      else
684      {
685        cur = void_stack_pop(nk_stack);
686        /* XXX: This is just a shallow free.  Need to write deep free
687         * routines to replace the Samba code for this.
688         */ 
689        if(cur != NULL)
690          free(cur);
691      }
692    }
693  }
694}
695
696
697/*
698 * Returns 0 if path was found.
699 * Returns 1 if path was not found.
700 * Returns less than 0 on other error.
701 */
702int retrievePath(REGF_FILE* f, void_stack* nk_stack,
703                 void_stack* path_stack)
704{
705  REGF_NK_REC* sub; 
706  REGF_NK_REC* cur;
707  void_stack* sub_nk_stack;
708  char* prefix;
709  char* cur_str = NULL;
710  bool found_cur = true;
711  uint32 i;
712  uint16 path_depth;
713  if(path_stack == NULL)
714    return -1;
715
716  path_depth = void_stack_size(path_stack);
717  if(path_depth < 1)
718    return -2;
719
720  if(void_stack_size(nk_stack) < 1)
721    return -3;
722  cur = (REGF_NK_REC*)void_stack_cur(nk_stack);
723
724  while(void_stack_size(path_stack) > 1)
725  {
726    /* Search key records only */
727    cur_str = (char*)void_stack_pop(path_stack);
728
729    found_cur = false;
730    while(!found_cur &&
731          (sub = regfio_fetch_subkey(f, cur)) != NULL)
732    {
733      if(strcasecmp(sub->keyname, cur_str) == 0)
734      {
735        cur = sub;
736        void_stack_push(nk_stack, sub);
737        found_cur = true;
738      }
739    }
740    free(cur_str);
741
742    if(!found_cur)
743      return 1;
744  }
745
746  /* Last round, search value and key records */
747  cur_str = (char*)void_stack_pop(path_stack);
748
749  for(i=0; (i < cur->num_values); i++)
750  {
751    /* XXX: Not sure when/why this can be NULL, but it's happened. */
752    if(sub->values[i].valuename != NULL 
753       && strcasecmp(sub->values[i].valuename, cur_str) == 0)
754    {
755      /* XXX: fix mem leak with stack2Path return value */
756      printValue(&sub->values[i], stack2Path(nk_stack));
757      return 0;
758    }
759  }
760
761  while((sub = regfio_fetch_subkey(f, cur)) != NULL)
762  {
763    if(strcasecmp(sub->keyname, cur_str) == 0)
764    {
765      sub_nk_stack = void_stack_new(1024);
766      void_stack_push(sub_nk_stack, sub);
767      void_stack_push(nk_stack, sub);
768      prefix = stack2Path(nk_stack);
769      printKeyTree(f, sub_nk_stack, prefix);
770      return 0;
771    }
772  }
773
774  return 1;
775}
776
777
778static void usage(void)
779{
780  fprintf(stderr, "Usage: readreg [-v] [-s]"
781          " [-p <PATH_FILTER>] [-t <TYPE_FILTER>]"
782          " <REGISTRY_FILE>\n");
783  /* XXX: replace version string with Subversion property? */
784  fprintf(stderr, "Version: 0.2\n");
785  fprintf(stderr, "Options:\n");
786  fprintf(stderr, "\t-v\t sets verbose mode.\n");
787  fprintf(stderr, "\t-h\t enables header row. (default)\n");
788  fprintf(stderr, "\t-H\t disables header row.\n");
789  fprintf(stderr, "\t-s\t enables security descriptor output.\n");
790  fprintf(stderr, "\t-S\t disables security descriptor output. (default)\n");
791  fprintf(stderr, "\t-p\t restrict output to elements below this path.\n");
792  fprintf(stderr, "\t-t\t restrict results to this specific data type.\n");
793  fprintf(stderr, "\n");
794}
795
796
797int main(int argc, char** argv)
798{
799  void_stack* nk_stack;
800  void_stack* path_stack;
801  REGF_FILE* f;
802  REGF_NK_REC* root;
803  int retr_path_ret;
804  uint32 argi, arge;
805
806  /* Process command line arguments */
807  if(argc < 2)
808  {
809    usage();
810    bailOut(1, "ERROR: Requires at least one argument.\n");
811  }
812 
813  arge = argc-1;
814  for(argi = 1; argi < arge; argi++)
815  {
816    if (strcmp("-p", argv[argi]) == 0)
817    {
818      if(++argi >= arge)
819      {
820        usage();
821        bailOut(1, "ERROR: '-p' option requires parameter.\n");
822      }
823      if((path_filter = strdup(argv[argi])) == NULL)
824        bailOut(2, "ERROR: Memory allocation problem.\n");
825
826      path_filter_enabled = true;
827    }
828    else if (strcmp("-t", argv[argi]) == 0)
829    {
830      if(++argi >= arge)
831      {
832        usage();
833        bailOut(1, "ERROR: '-t' option requires parameter.\n");
834      }
835      if((type_filter = regfio_type_str2val(argv[argi])) == 0)
836      {
837        fprintf(stderr, "ERROR: Invalid type specified: %s.\n", argv[argi]);
838        bailOut(1, "");
839      }
840
841      type_filter_enabled = true;
842    }
843    else if (strcmp("-h", argv[argi]) == 0)
844      print_header = true;
845    else if (strcmp("-H", argv[argi]) == 0)
846      print_header = false;
847    else if (strcmp("-s", argv[argi]) == 0)
848      print_security = true;
849    else if (strcmp("-S", argv[argi]) == 0)
850      print_security = false;
851    else if (strcmp("-v", argv[argi]) == 0)
852      print_verbose = true;
853    else
854    {
855      usage();
856      fprintf(stderr, "ERROR: Unrecognized option: %s\n", argv[argi]);
857      bailOut(1, "");
858    }
859  }
860  if((registry_file = strdup(argv[argi])) == NULL)
861    bailOut(2, "ERROR: Memory allocation problem.\n");
862
863  f = regfio_open(registry_file);
864  if(f == NULL)
865  {
866    fprintf(stderr, "ERROR: Couldn't open registry file: %s\n", registry_file);
867    bailOut(3, "");
868  }
869
870  root = regfio_rootkey(f);
871  nk_stack = void_stack_new(1024);
872
873  if(void_stack_push(nk_stack, root))
874  {
875    if(print_header)
876    {
877      if(print_security)
878        printf("PATH,TYPE,VALUE,MTIME,OWNER,GROUP,SACL,DACL\n");
879      else
880        printf("PATH,TYPE,VALUE,MTIME\n");
881    }
882
883    path_stack = path2Stack(path_filter);
884    if(void_stack_size(path_stack) < 1)
885      printKeyTree(f, nk_stack, "");
886    else
887    {
888      retr_path_ret = retrievePath(f, nk_stack, path_stack);
889      if(retr_path_ret == 1)
890        fprintf(stderr, "WARNING: specified path not found.\n");
891      else if(retr_path_ret != 0)
892        bailOut(4, "ERROR:\n");
893    }
894  }
895  else
896    bailOut(2, "ERROR: Memory allocation problem.\n");
897
898  void_stack_destroy_deep(nk_stack);
899  regfio_close(f);
900
901  return 0;
902}
Note: See TracBrowser for help on using the repository browser.