Changeset 178 for trunk/src/reglookup-recover.c

Timestamp:

03/13/10 12:56:36 (14 years ago)

Author:

tim

Message:

reworked I/O to use callback functions

fixed a bug in mtime validation and consolidated time formatting code

File:

• trunk/src/reglookup-recover.c (modified) (12 diffs)

trunk/src/reglookup-recover.c

@@ -40 +40 @@
 
 
-char* getQuotedData(int fd, uint32_t offset, uint32_t length)
+char* getQuotedData(REGFI_RAW_FILE* file_cb, uint32_t offset, uint32_t length)
 {
   uint8_t* buf;
@@ -46 +46 @@
   uint32_t len;
 
-  if((lseek(fd, offset, SEEK_SET)) == -1)
+  if((regfi_seek(file_cb, offset, SEEK_SET)) == -1)
     return NULL;
 
@@ -54 +54 @@
 
   len = length;
-  if((regfi_read(fd, buf, &length) != 0) || length != len)
+  if((regfi_read(file_cb, buf, &length) != 0) || length != len)
   {
     free(buf);
@@ -69 +69 @@
 void printKey(REGFI_FILE* f, REGFI_NK_REC* nk, const char* prefix)
 {
-  char mtime[20];
-  time_t tmp_time[1];
-  struct tm* tmp_time_s = NULL;
+  char mtime[24];
   char* quoted_name = NULL;
   char* quoted_raw = "";
 
-  *tmp_time = regfi_nt2unix_time(&nk->mtime);
-  tmp_time_s = gmtime(tmp_time);
-  strftime(mtime, sizeof(mtime), "%Y-%m-%d %H:%M:%S", tmp_time_s);
-
+  formatTime(&nk->mtime, mtime);
+  
   /* XXX: Add command line option to choose output encoding */
   regfi_interpret_keyname(f, nk, REGFI_ENCODING_ASCII, true);
@@ -96 +92 @@
 
   if(print_parsedraw)
-    quoted_raw = getQuotedData(f->fd, nk->offset, nk->cell_size);
+    quoted_raw = getQuotedData(f->cb, nk->offset, nk->cell_size);
 
   printf("%.8X,%.8X,KEY,%s,%s,%s,%d,,,,,,,,%s\n", nk->offset, nk->cell_size,
@@ -162 +158 @@
 
   if(print_parsedraw)
-    quoted_raw = getQuotedData(f->fd, vk->offset, vk->cell_size);
+    quoted_raw = getQuotedData(f->cb, vk->offset, vk->cell_size);
 
   str_type = regfi_type_val2str(vk->type);
@@ -195 +191 @@
 
   if(print_parsedraw)
-    quoted_raw = getQuotedData(f->fd, sk->offset, sk->cell_size);
+    quoted_raw = getQuotedData(f->cb, sk->offset, sk->cell_size);
 
   if(owner == NULL)
@@ -229 +225 @@
   bool unalloc;
 
-  if(!regfi_parse_cell(f->fd, offset, NULL, 0, &cell_length, &unalloc))
+  if(!regfi_parse_cell(f->cb, offset, NULL, 0, &cell_length, &unalloc))
     return 1;
 
-  quoted_buf = getQuotedData(f->fd, offset, cell_length);
+  quoted_buf = getQuotedData(f->cb, offset, cell_length);
   if(quoted_buf == NULL)
     return 2;
@@ -490 +486 @@
         max_size = regfi_calc_maxsize(file, offset);
         if(max_size >= 0 
-           && regfi_parse_cell(file->fd, offset, NULL, 0,
+           && regfi_parse_cell(file->cb, offset, NULL, 0,
                                &cell_length, &unalloc)
            && (cell_length & 0x00000007) == 0
@@ -789 +785 @@
   REGFI_VK_REC* tmp_value;
   uint32_t argi, arge, i, j, ret, num_unalloc_keys;
-  
+  int fd;
+
   /* Process command line arguments */
   if(argc < 2)
@@ -826 +823 @@
     bailOut(REGLOOKUP_EXIT_OSERR, "ERROR: Memory allocation problem.\n");
 
-  f = regfi_open(registry_file);
-  if(f == NULL)
+  fd = openHive(registry_file);
+  if(fd < 0)
   {
     fprintf(stderr, "ERROR: Couldn't open registry file: %s\n", registry_file);
     bailOut(REGLOOKUP_EXIT_NOINPUT, "");
   }
+
+  f = regfi_alloc(fd);
+  if(f == NULL)
+  {
+    close(fd);
+    bailOut(REGLOOKUP_EXIT_NOINPUT, "ERROR: Failed to create REGFI_FILE structure.\n");
+  }
+
   if(print_verbose)
     regfi_set_message_mask(f, REGFI_MSG_ERROR|REGFI_MSG_WARN|REGFI_MSG_INFO);
@@ -991 +996 @@
   range_list_free(unalloc_sks);
 
+  regfi_free(f);
+  close(fd);
+
   return 0;
 }