Ejemplo n.º 1
0
/**
 * @param db_path Path to DB, which probably does not exist. But it gets passed in because we need
 *   it in a bunch of places. 
 * @param idx_path Path to index file (should be superset of db_path)
 */
TSK_HDB_INFO *idxonly_open(const TSK_TCHAR *db_path, const TSK_TCHAR *idx_path)
{
    TSK_HDB_BINSRCH_INFO *hdb_binsrch_info = NULL;
    TSK_TCHAR *ext;
    TSK_HDB_HTYPE_ENUM htype;

    hdb_binsrch_info = hdb_binsrch_open(NULL, db_path);
    if (NULL == hdb_binsrch_info) {
        return NULL;
    }

    hdb_binsrch_info->base.db_type = TSK_HDB_DBTYPE_IDXONLY_ID;

    // open the index
    ext = TSTRRCHR(idx_path, _TSK_T('-'));
    if (ext == NULL) {
        tsk_error_reset();
        tsk_error_set_errno(TSK_ERR_HDB_ARG);
        tsk_error_set_errstr("idxonly_open: invalid file name (no extension): %" PRIttocTSK, idx_path);
        return NULL;
    }
    else if ((TSTRLEN(ext) == 8) && (TSTRICMP(ext, _TSK_T("-md5.idx")) == 0)) {
        htype = TSK_HDB_HTYPE_MD5_ID;
    }
    else if ((TSTRLEN(ext) == 9) && (TSTRICMP(ext, _TSK_T("-sha1.idx")) == 0)) {
        htype = TSK_HDB_HTYPE_SHA1_ID;
    }
    else {
        tsk_error_reset();
        tsk_error_set_errno(TSK_ERR_HDB_ARG);
        tsk_error_set_errstr("idxonly_open: invalid file name (unknown extension): %" PRIttocTSK, idx_path);
        return NULL;
    }
    
    if (hdb_binsrch_open_idx((TSK_HDB_INFO*)hdb_binsrch_info, htype)) {
        return NULL;
    }

    if (idxonly_name(hdb_binsrch_info)) {
        hdb_binsrch_close((TSK_HDB_INFO*)hdb_binsrch_info);
        return NULL;
    }

    hdb_binsrch_info->base.get_db_path = idxonly_get_db_path;
    hdb_binsrch_info->get_entry = idxonly_getentry;

    // Before returning, do one final check that we'll be able to open
    // the index file
    if (hdb_binsrch_open_idx((TSK_HDB_INFO*)hdb_binsrch_info, hdb_binsrch_info->hash_type)) {
        hdb_binsrch_close((TSK_HDB_INFO*)hdb_binsrch_info);
        return NULL;
    }

    return (TSK_HDB_INFO*)hdb_binsrch_info;    
}
Ejemplo n.º 2
0
CEsmFile* CMWEditApp::FindMaster (const TCHAR *pPathname) {
  const TCHAR*	pFilename = FindFilename(pPathname);
  CEsmFile*	pFile;
  int		Index;

  for (Index = 0; Index < m_EsmMasters.GetSize(); Index++) {
    pFile = m_EsmMasters.GetAt(Index);
    if (TSTRICMP(FindFilename(pFile->GetFilename()), pFilename) == 0) return (pFile);
   }

  return (NULL);
 }
Ejemplo n.º 3
0
bool IsESMScriptFunction1 (const TCHAR* pString) {
  //DEFINE_FUNCTION("IsESMScriptFunction1()");
  int	Result;
  int	Index;

  for (Index = 0; g_ScriptFunctions[Index].Name[0] != NULL_CHAR; Index++) {
    Result = TSTRICMP(g_ScriptFunctions[Index].Name, pString);
    if (Result == 0) return (true);
    if (Result  > 0) return (false);
   }

  return (false);
 }
Ejemplo n.º 4
0
bool IsESMScriptReserved1 (const TCHAR* pString) {
  //DEFINE_FUNCTION("IsESMScriptReserved1()");
  int Index;
  int Result;

  for (Index = 0; l_Reserved[Index] != NULL; Index++) {
    Result = TSTRICMP(l_Reserved[Index], pString);

    if (Result == 0) 
      return (true);
    else if (Result  > 0) 
      return (false);
   }

  return (false);
 }
Ejemplo n.º 5
0
/**
* \ingroup hashdblib
* Sets hash database name in hdb_info based on database file path. 
* @param hdb_info Struct representation of an open hash database.
*/
void 
    hdb_base_db_name_from_path(TSK_HDB_INFO *hdb_info)
{
#ifdef TSK_WIN32
    const char PATH_CHAR = '\\';
#else
    const char PATH_CHAR = '/';
#endif
    TSK_TCHAR * begin;
    TSK_TCHAR * end;
    int i;
    hdb_info->db_name[0] = '\0';

    begin = TSTRRCHR(hdb_info->db_fname, PATH_CHAR);
#ifdef TSK_WIN32
    // cygwin can have forward slashes, so try that too on Windows
    if (!begin) {
        begin = TSTRRCHR(hdb_info->db_fname, '/');
    }
#endif

    if (!begin) {
        begin = hdb_info->db_fname;
    }
    else {
        // unlikely since this means that the dbname is "/"
        if (TSTRLEN(begin) == 1)
            return;
        else
            begin++;
    }

    // end points to the byte after the last one we want to use
    if ((TSTRLEN(hdb_info->db_fname) > 4) && (TSTRICMP(&hdb_info->db_fname[TSTRLEN(hdb_info->db_fname)-4], _TSK_T(".idx")) == 0)) 
        end = &hdb_info->db_fname[TSTRLEN(hdb_info->db_fname)-4];
    else
        end = begin + TSTRLEN(begin);   

    // @@@ This only works for file names with Latin characters. It may need
    // to be fixed some day. Leave it be for now. 
    for(i = 0; i < (end-begin); i++)
    {
        hdb_info->db_name[i] = (char) begin[i];
    }

    hdb_info->db_name[i] = '\0';
}
Ejemplo n.º 6
0
esmscrfuncinfo_t* GetESMScriptFuncInfo (const TCHAR* pString) {
  int			FirstChar = toupper(*pString) - (int)'A';
  esmscrfuncinfo_t*	pStartSearch;
  int			Result;
  int			Index;

	/* Ensure valid word input */
  if (FirstChar < 0 || FirstChar > 26) return (NULL);
  pStartSearch = g_ScriptFuncAlpha[FirstChar];
  if (pStartSearch == NULL) return (NULL);

  for (Index = 0; pStartSearch[Index].Name[0] != NULL_CHAR; Index++) {
    Result = TSTRICMP(pStartSearch[Index].Name, pString);
    if (Result == 0) return &(pStartSearch[Index]);
    if (Result  > 0) return (NULL);
   }

  return (NULL);
 }
Ejemplo n.º 7
0
bool IsESMScriptFunction (const TCHAR* pString) {
  //DEFINE_FUNCTION("IsESMScriptFunction()");
  int			FirstChar = toupper(*pString) - (int)'A';
  esmscrfuncinfo_t*	pStartSearch;
  int			Result;
  int			Index;

	/* Ensure valid word input */
  if (FirstChar < 0 || FirstChar > 26) return (false);
  pStartSearch = g_ScriptFuncAlpha[FirstChar];
  if (pStartSearch == NULL) return (false);

  for (Index = 0; pStartSearch[Index].Name[0] != NULL_CHAR; Index++) {
    Result = TSTRICMP(pStartSearch[Index].Name, pString);
    if (Result == 0) return (true);
    if (Result  > 0) return (false);
   }

  return (false);
 }
Ejemplo n.º 8
0
int GetESMScriptResToken (const TCHAR* pString) {

  switch (toupper(pString[0])) {
    case 'B':
	if (TSTRICMP(pString+1, _T("egin")) == 0) return (ESMSCR_TOKEN_BEGIN);
	break;
    case 'E':
	if (TSTRICMP(pString+1, _T("nd"))      == 0) return (ESMSCR_TOKEN_END);
	if (TSTRICMP(pString+1, _T("ndwhile")) == 0) return (ESMSCR_TOKEN_ENDWHILE);
	if (TSTRICMP(pString+1, _T("lse"))     == 0) return (ESMSCR_TOKEN_ELSE);
	if (TSTRICMP(pString+1, _T("lseif"))   == 0) return (ESMSCR_TOKEN_ELSEIF);
	if (TSTRICMP(pString+1, _T("ndif"))    == 0) return (ESMSCR_TOKEN_ENDIF);
	break;
    case 'I':
	if (TSTRICMP(pString+1, _T("f")) == 0) return (ESMSCR_TOKEN_IF);
#ifdef MWEDIT_SCRIPT_MWSE
	if (TSTRICMP(pString+1, _T("fx")) == 0) return (ESMSCR_TOKEN_IFX);
#endif
	break;
    case 'L':
	if (TSTRICMP(pString+1, _T("ong")) == 0) return (ESMSCR_TOKEN_TYPEOP);
	break;
    case 'F':
	if (TSTRICMP(pString+1, _T("loat")) == 0) return (ESMSCR_TOKEN_TYPEOP);
	break;
    case 'R':
	if (TSTRICMP(pString+1, _T("eturn"))   == 0) return (ESMSCR_TOKEN_RETURN);
//	if (TSTRICMP(pString+1, _T("eset"))    == 0) return (ESMSCR_TOKEN_RESET);
	break;
    case 'S':
	if (TSTRICMP(pString+1, _T("et"))   == 0) return (ESMSCR_TOKEN_SET);
	if (TSTRICMP(pString+1, _T("hort")) == 0) return (ESMSCR_TOKEN_TYPEOP);
#ifdef MWEDIT_SCRIPT_MWSE
	if (TSTRICMP(pString+1, _T("etx"))   == 0) return (ESMSCR_TOKEN_SETX);
#endif
	break;
    case 'T':
	if (TSTRICMP(pString+1, _T("o"))   == 0) return (ESMSCR_TOKEN_TO);
	break;
    case 'G':
	if (TSTRICMP(pString+1, _T("et")) == 0) return (ESMSCR_TOKEN_GET);
	break;
    case 'W':
	if (TSTRICMP(pString+1, _T("hile")) == 0) return (ESMSCR_TOKEN_WHILE);
#ifdef MWEDIT_SCRIPT_MWSE
	if (TSTRICMP(pString+1, _T("hilex")) == 0) return (ESMSCR_TOKEN_WHILEX);
#endif
	break;
    case 'X':
    case 'Y':
    case 'Z':
	if (pString[1] == NULL_CHAR) return (ESMSCR_TOKEN_XYZ);
	break;
   };

  return (ESMSCR_TOKEN_UNKNOWN);
 }