/* Tests the libevtx_chunk_initialize function
* Returns 1 if successful or 0 if not
*/
int evtx_test_chunk_initialize(
void )
{
libcerror_error_t *error = NULL;
libevtx_chunk_t *chunk = NULL;
int result = 0;
#if defined( HAVE_EVTX_TEST_MEMORY )
int number_of_malloc_fail_tests = 1;
int number_of_memset_fail_tests = 1;
int test_number = 0;
#endif
/* Test regular cases
*/
result = libevtx_chunk_initialize(
&chunk,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
1 );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"chunk",
chunk );
EVTX_TEST_ASSERT_IS_NULL(
"error",
error );
result = libevtx_chunk_free(
&chunk,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
1 );
EVTX_TEST_ASSERT_IS_NULL(
"chunk",
chunk );
EVTX_TEST_ASSERT_IS_NULL(
"error",
error );
/* Test error cases
*/
result = libevtx_chunk_initialize(
NULL,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
-1 );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"error",
error );
libcerror_error_free(
&error );
chunk = (libevtx_chunk_t *) 0x12345678UL;
result = libevtx_chunk_initialize(
&chunk,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
-1 );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"error",
error );
libcerror_error_free(
&error );
chunk = NULL;
#if defined( HAVE_EVTX_TEST_MEMORY )
for( test_number = 0;
test_number < number_of_malloc_fail_tests;
test_number++ )
{
/* Test libevtx_chunk_initialize with malloc failing
*/
evtx_test_malloc_attempts_before_fail = test_number;
result = libevtx_chunk_initialize(
&chunk,
&error );
if( evtx_test_malloc_attempts_before_fail != -1 )
{
evtx_test_malloc_attempts_before_fail = -1;
if( chunk != NULL )
{
libevtx_chunk_free(
&chunk,
NULL );
}
}
else
{
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
-1 );
EVTX_TEST_ASSERT_IS_NULL(
"chunk",
chunk );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"error",
error );
libcerror_error_free(
&error );
}
}
for( test_number = 0;
test_number < number_of_memset_fail_tests;
test_number++ )
{
/* Test libevtx_chunk_initialize with memset failing
*/
evtx_test_memset_attempts_before_fail = test_number;
result = libevtx_chunk_initialize(
&chunk,
&error );
if( evtx_test_memset_attempts_before_fail != -1 )
{
evtx_test_memset_attempts_before_fail = -1;
if( chunk != NULL )
{
libevtx_chunk_free(
&chunk,
NULL );
}
}
else
{
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
-1 );
EVTX_TEST_ASSERT_IS_NULL(
"chunk",
chunk );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"error",
error );
libcerror_error_free(
&error );
}
}
#endif /* defined( HAVE_EVTX_TEST_MEMORY ) */
return( 1 );
on_error:
if( error != NULL )
{
libcerror_error_free(
&error );
}
if( chunk != NULL )
{
libevtx_chunk_free(
&chunk,
NULL );
}
return( 0 );
}
/* Opens a file for reading
* Returns 1 if successful or -1 on error
*/
int libevtx_file_open_read(
libevtx_internal_file_t *internal_file,
libbfio_handle_t *file_io_handle,
libcerror_error_t **error )
{
libevtx_chunk_t *chunk = NULL;
libevtx_record_values_t *record_values = NULL;
libevtx_chunks_table_t *chunks_table = NULL;
static char *function = "libevtx_file_open_read";
off64_t file_offset = 0;
size64_t file_size = 0;
uint16_t chunk_index = 0;
uint16_t number_of_chunks = 0;
uint16_t number_of_records = 0;
uint16_t record_index = 0;
int element_index = 0;
int result = 0;
int segment_index = 0;
#if defined( HAVE_VERBOSE_OUTPUT )
uint64_t previous_record_identifier = 0;
#endif
#if defined( HAVE_DEBUG_OUTPUT )
uint8_t *trailing_data = NULL;
size_t trailing_data_size = 0;
ssize_t read_count = 0;
#endif
if( internal_file == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
"%s: invalid file.",
function );
return( -1 );
}
if( internal_file->io_handle == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_MISSING,
"%s: invalid file - missing IO handle.",
function );
return( -1 );
}
if( internal_file->chunks_vector != NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET,
"%s: invalid file - chunks vector already set.",
function );
return( -1 );
}
if( internal_file->chunks_cache != NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET,
"%s: invalid file - chunks cache already set.",
function );
return( -1 );
}
if( internal_file->records_list != NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET,
"%s: invalid file - records list already set.",
function );
return( -1 );
}
if( internal_file->recovered_records_list != NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET,
"%s: invalid file - recovered records list already set.",
function );
return( -1 );
}
if( internal_file->records_cache != NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET,
"%s: invalid file - records cache already set.",
function );
return( -1 );
}
if( libbfio_handle_get_size(
file_io_handle,
&file_size,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve file size.",
function );
goto on_error;
}
#if defined( HAVE_DEBUG_OUTPUT )
if( libcnotify_verbose != 0 )
{
libcnotify_printf(
"Reading file header:\n" );
}
#endif
if( libevtx_io_handle_read_file_header(
internal_file->io_handle,
file_io_handle,
0,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_IO,
LIBCERROR_IO_ERROR_READ_FAILED,
"%s: unable to read file header.",
function );
goto on_error;
}
internal_file->io_handle->chunks_data_size = file_size
- internal_file->io_handle->chunks_data_offset;
/* TODO clone function ? */
if( libfdata_vector_initialize(
&( internal_file->chunks_vector ),
(size64_t) internal_file->io_handle->chunk_size,
(intptr_t *) internal_file->io_handle,
NULL,
NULL,
(int (*)(intptr_t *, intptr_t *, libfdata_vector_t *, libfcache_cache_t *, int, int, off64_t, size64_t, uint32_t, uint8_t, libcerror_error_t **)) &libevtx_io_handle_read_chunk,
NULL,
LIBFDATA_DATA_HANDLE_FLAG_NON_MANAGED,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create chunks vector.",
function );
goto on_error;
}
if( libfdata_vector_append_segment(
internal_file->chunks_vector,
&segment_index,
0,
internal_file->io_handle->chunks_data_offset,
internal_file->io_handle->chunks_data_size,
0,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_APPEND_FAILED,
"%s: unable to append segment to chunks vector.",
function );
goto on_error;
}
if( libfcache_cache_initialize(
&( internal_file->chunks_cache ),
LIBEVTX_MAXIMUM_CACHE_ENTRIES_CHUNKS,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create chunks cache.",
function );
goto on_error;
}
#if defined( HAVE_DEBUG_OUTPUT )
if( libcnotify_verbose != 0 )
{
libcnotify_printf(
"Reading chunks:\n" );
}
#endif
if( libevtx_chunks_table_initialize(
&chunks_table,
internal_file->io_handle,
internal_file->chunks_vector,
internal_file->chunks_cache,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create chunks table.",
function );
goto on_error;
}
/* TODO clone function ? */
if( libfdata_list_initialize(
&( internal_file->records_list ),
(intptr_t *) chunks_table,
(int (*)(intptr_t **, libcerror_error_t **)) &libevtx_chunks_table_free,
NULL,
(int (*)(intptr_t *, intptr_t *, libfdata_list_element_t *, libfcache_cache_t *, int, off64_t, size64_t, uint32_t, uint8_t, libcerror_error_t **)) &libevtx_chunks_table_read_record,
NULL,
LIBFDATA_DATA_HANDLE_FLAG_MANAGED,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create records list.",
function );
goto on_error;
}
/* The chunks_table is managed by the list */
if( libfdata_list_initialize(
&( internal_file->recovered_records_list ),
(intptr_t *) chunks_table,
NULL,
NULL,
(int (*)(intptr_t *, intptr_t *, libfdata_list_element_t *, libfcache_cache_t *, int, off64_t, size64_t, uint32_t, uint8_t, libcerror_error_t **)) &libevtx_chunks_table_read_record,
NULL,
LIBFDATA_DATA_HANDLE_FLAG_NON_MANAGED,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create recovered records list.",
function );
chunks_table = NULL;
goto on_error;
}
chunks_table = NULL;
if( libfcache_cache_initialize(
&( internal_file->records_cache ),
LIBEVTX_MAXIMUM_CACHE_ENTRIES_RECORDS,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create records cache.",
function );
goto on_error;
}
file_offset = internal_file->io_handle->chunks_data_offset;
while( ( file_offset + internal_file->io_handle->chunk_size ) <= (off64_t) file_size )
{
if( libevtx_chunk_initialize(
&chunk,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create chunk: %" PRIu16 ".",
function,
chunk_index );
goto on_error;
}
result = libevtx_chunk_read(
chunk,
internal_file->io_handle,
file_io_handle,
file_offset,
error );
if( result == -1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_IO,
LIBCERROR_IO_ERROR_READ_FAILED,
"%s: unable to read chunk: %" PRIu16 ".",
function,
chunk_index );
goto on_error;
}
else if( result == 0 )
{
if( chunk_index < internal_file->io_handle->number_of_chunks )
{
#if defined( HAVE_VERBOSE_OUTPUT )
if( libcnotify_verbose != 0 )
{
libcnotify_printf(
"%s: corruption detected in chunk: %" PRIu16 ".\n",
function,
chunk_index );
}
#endif
internal_file->io_handle->flags |= LIBEVTX_IO_HANDLE_FLAG_IS_CORRUPTED;
}
}
else
{
if( ( chunk->flags & LIBEVTX_CHUNK_FLAG_IS_CORRUPTED ) != 0 )
{
#if defined( HAVE_VERBOSE_OUTPUT )
if( libcnotify_verbose != 0 )
{
libcnotify_printf(
"%s: corruption detected in chunk: %" PRIu16 ".\n",
function,
chunk_index );
}
#endif
if( chunk_index < internal_file->io_handle->number_of_chunks )
{
internal_file->io_handle->flags |= LIBEVTX_IO_HANDLE_FLAG_IS_CORRUPTED;
}
}
if( ( chunk_index < internal_file->io_handle->number_of_chunks )
|| ( ( chunk->flags & LIBEVTX_CHUNK_FLAG_IS_CORRUPTED ) == 0 ) )
{
number_of_chunks++;
}
if( libevtx_chunk_get_number_of_records(
chunk,
&number_of_records,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve chunk: %" PRIu16 " number of records.",
function,
chunk_index );
goto on_error;
}
for( record_index = 0;
record_index < number_of_records;
record_index++ )
{
if( libevtx_chunk_get_record(
chunk,
record_index,
&record_values,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve chunk: %" PRIu16 " record: %" PRIu16 ".",
function,
chunk_index,
record_index );
goto on_error;
}
if( record_values == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_MISSING,
"%s: missing chunk: %" PRIu16 " record: %" PRIu16 ".",
function,
chunk_index,
record_index );
goto on_error;
}
if( record_values->identifier < internal_file->io_handle->first_record_identifier )
{
internal_file->io_handle->first_record_identifier = record_values->identifier;
}
if( record_values->identifier > internal_file->io_handle->last_record_identifier )
{
internal_file->io_handle->last_record_identifier = record_values->identifier;
}
#if defined( HAVE_VERBOSE_OUTPUT )
if( ( chunk_index == 0 )
&& ( record_index == 0 ) )
{
previous_record_identifier = record_values->identifier;
}
else
{
previous_record_identifier++;
if( record_values->identifier != previous_record_identifier )
{
if( libcnotify_verbose != 0 )
{
libcnotify_printf(
"%s: detected gap in record identifier ( %" PRIu64 " != %" PRIu64 " ).\n",
function,
previous_record_identifier,
record_values->identifier );
}
previous_record_identifier = record_values->identifier;
}
}
#endif
/* The chunk index is stored in the element data size
*/
if( ( chunk_index < internal_file->io_handle->number_of_chunks )
|| ( ( internal_file->io_handle->file_flags & LIBEVTX_FILE_FLAG_IS_DIRTY ) != 0 ) )
{
if( libfdata_list_append_element(
internal_file->records_list,
&element_index,
0,
file_offset + record_values->chunk_data_offset,
(size64_t) chunk_index,
0,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_APPEND_FAILED,
"%s: unable to append element to records list.",
function );
goto on_error;
}
}
else
{
/* If the file is not dirty, records found in chunks outside the indicated
* range are considered recovered
*/
if( libfdata_list_append_element(
internal_file->recovered_records_list,
&element_index,
0,
file_offset + record_values->chunk_data_offset,
(size64_t) chunk_index,
0,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_APPEND_FAILED,
"%s: unable to append element to recovered records list.",
function );
goto on_error;
}
}
/* TODO cache record values ? */
}
if( libevtx_chunk_get_number_of_recovered_records(
chunk,
&number_of_records,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve chunk: %" PRIu16 " number of recovered records.",
function,
chunk_index );
goto on_error;
}
for( record_index = 0;
record_index < number_of_records;
record_index++ )
{
if( libevtx_chunk_get_recovered_record(
chunk,
record_index,
&record_values,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve chunk: %" PRIu16 " recovered record: %" PRIu16 ".",
function,
chunk_index,
record_index );
goto on_error;
}
if( record_values == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_MISSING,
"%s: missing chunk: %" PRIu16 " recovered record: %" PRIu16 ".",
function,
chunk_index,
record_index );
goto on_error;
}
/* TODO check for and remove duplicate identifiers ? */
/* The chunk index is stored in the element data size
*/
if( libfdata_list_append_element(
internal_file->recovered_records_list,
&element_index,
0,
file_offset + record_values->chunk_data_offset,
(size64_t) chunk_index,
0,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_APPEND_FAILED,
"%s: unable to append element to recovered records list.",
function );
goto on_error;
}
}
}
file_offset += chunk->data_size;
if( libevtx_chunk_free(
&chunk,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_FINALIZE_FAILED,
"%s: unable to free chunk: %" PRIu16 ".",
function,
chunk_index );
goto on_error;
}
chunk_index++;
}
internal_file->io_handle->chunks_data_size = file_offset
- internal_file->io_handle->chunks_data_offset;
if( number_of_chunks != internal_file->io_handle->number_of_chunks )
{
#if defined( HAVE_VERBOSE_OUTPUT )
if( libcnotify_verbose != 0 )
{
libcnotify_printf(
"%s: mismatch in number of chunks ( %" PRIu16 " != %" PRIu16 " ).\n",
function,
internal_file->io_handle->number_of_chunks,
chunk_index );
}
#endif
internal_file->io_handle->flags |= LIBEVTX_IO_HANDLE_FLAG_IS_CORRUPTED;
}
#if defined( HAVE_DEBUG_OUTPUT )
if( libcnotify_verbose != 0 )
{
if( file_offset < (off64_t) file_size )
{
trailing_data_size = (size_t) ( file_size - file_offset );
trailing_data = (uint8_t *) memory_allocate(
sizeof( uint8_t ) * trailing_data_size );
if( trailing_data == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_MEMORY,
LIBCERROR_MEMORY_ERROR_INSUFFICIENT,
"%s: unable to create trailing data.",
function );
goto on_error;
}
read_count = libbfio_handle_read_buffer(
file_io_handle,
trailing_data,
trailing_data_size,
error );
if( read_count != (ssize_t) trailing_data_size )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_IO,
LIBCERROR_IO_ERROR_READ_FAILED,
"%s: unable to read trailing data.",
function );
memory_free(
trailing_data );
goto on_error;
}
file_offset += read_count;
libcnotify_printf(
"%s: trailing data:\n",
function );
libcnotify_print_data(
trailing_data,
trailing_data_size,
LIBCNOTIFY_PRINT_DATA_FLAG_GROUP_DATA );
memory_free(
trailing_data );
trailing_data = NULL;
}
}
#endif
return( 1 );
on_error:
#if defined( HAVE_DEBUG_OUTPUT )
if( trailing_data != NULL )
{
memory_free(
trailing_data );
}
#endif
if( chunk != NULL )
{
libevtx_chunk_free(
&chunk,
NULL );
}
if( internal_file->records_cache != NULL )
{
libfcache_cache_free(
&( internal_file->records_cache ),
NULL );
}
if( internal_file->records_list != NULL )
{
libfdata_list_free(
&( internal_file->records_list ),
NULL );
}
if( chunks_table != NULL )
{
libevtx_chunks_table_free(
&chunks_table,
NULL );
}
if( internal_file->chunks_cache != NULL )
{
libfcache_cache_free(
&( internal_file->chunks_cache ),
NULL );
}
if( internal_file->chunks_vector != NULL )
{
libfdata_vector_free(
&( internal_file->chunks_vector ),
NULL );
}
return( -1 );
}
/* Tests the libevtx_chunk_get_number_of_recovered_records function
* Returns 1 if successful or 0 if not
*/
int evtx_test_chunk_get_number_of_recovered_records(
void )
{
libcerror_error_t *error = NULL;
libevtx_chunk_t *chunk = NULL;
uint16_t number_of_recovered_records = 0;
int number_of_recovered_records_is_set = 0;
int result = 0;
/* Initialize test
*/
result = libevtx_chunk_initialize(
&chunk,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
1 );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"chunk",
chunk );
EVTX_TEST_ASSERT_IS_NULL(
"error",
error );
/* Test regular cases
*/
result = libevtx_chunk_get_number_of_recovered_records(
chunk,
&number_of_recovered_records,
&error );
EVTX_TEST_ASSERT_NOT_EQUAL_INT(
"result",
result,
-1 );
EVTX_TEST_ASSERT_IS_NULL(
"error",
error );
number_of_recovered_records_is_set = result;
/* Test error cases
*/
result = libevtx_chunk_get_number_of_recovered_records(
NULL,
&number_of_recovered_records,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
-1 );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"error",
error );
libcerror_error_free(
&error );
if( number_of_recovered_records_is_set != 0 )
{
result = libevtx_chunk_get_number_of_recovered_records(
chunk,
NULL,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
-1 );
EVTX_TEST_ASSERT_IS_NOT_NULL(
"error",
error );
libcerror_error_free(
&error );
}
/* Clean up
*/
result = libevtx_chunk_free(
&chunk,
&error );
EVTX_TEST_ASSERT_EQUAL_INT(
"result",
result,
1 );
EVTX_TEST_ASSERT_IS_NULL(
"chunk",
chunk );
EVTX_TEST_ASSERT_IS_NULL(
"error",
error );
return( 1 );
on_error:
if( error != NULL )
{
libcerror_error_free(
&error );
}
if( chunk != NULL )
{
libevtx_chunk_free(
&chunk,
NULL );
}
return( 0 );
}