/* Determines the event log type from the filename
* Returns 1 if successful, 0 if unsupported value or -1 on error
*/
int evtxinput_determine_event_log_type_from_filename(
const libcstring_system_character_t *filename,
int *event_log_type,
libcerror_error_t **error )
{
const libcstring_system_character_t *path_separator = NULL;
static char *function = "evtxinput_determine_event_log_type_from_filename";
size_t filename_length = 0;
int result = 0;
if( filename == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
"%s: invalid filename.",
function );
return( -1 );
}
if( event_log_type == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
"%s: invalid event log type.",
function );
return( -1 );
}
filename_length = libcstring_system_string_length(
filename );
path_separator = libcstring_system_string_search_character_reverse(
filename,
(libcstring_system_character_t) LIBCPATH_SEPARATOR,
filename_length );
if( path_separator == NULL )
{
path_separator = filename;
}
else
{
path_separator++;
filename_length = libcstring_system_string_length(
path_separator );
}
if( filename_length == 11 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "System.evtx" ),
11 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_SYSTEM;
result = 1;
}
}
else if( filename_length == 13 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "Security.evtx" ),
13 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_SECURITY;
result = 1;
}
}
else if( filename_length == 16 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "Application.evtx" ),
16 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_APPLICATION;
result = 1;
}
}
else if( filename_length == 17 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "Media Center.evtx" ),
17 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_MEDIA_CENTER;
result = 1;
}
}
else if( filename_length == 19 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "HardwareEvents.evtx" ),
19 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_HARDWARE_EVENTS;
result = 1;
}
}
else if( filename_length == 20 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "DFS Replication.evtx" ),
20 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_DFS_REPLICATION;
result = 1;
}
}
else if( filename_length == 22 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "Internet Explorer.evtx" ),
22 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_INTERNET_EXPLORER;
result = 1;
}
}
else if( filename_length == 27 )
{
if( libcstring_system_string_compare_no_case(
path_separator,
_LIBCSTRING_SYSTEM_STRING( "Key Management Service.evtx" ),
27 ) == 0 )
{
*event_log_type = EVTXTOOLS_EVENT_LOG_TYPE_KEY_MANAGEMENT_SERVICE;
result = 1;
}
}
return( result );
}
/* Opens the parent input file
* Returns 1 if successful, 0 if no parent or -1 on error
*/
int mount_handle_open_input_parent_file(
mount_handle_t *mount_handle,
libvhdi_file_t *input_file,
libcerror_error_t **error )
{
uint8_t guid[ 16 ];
libcstring_system_character_t *parent_basename_end = NULL;
libcstring_system_character_t *parent_filename = NULL;
libcstring_system_character_t *parent_path = NULL;
libvhdi_file_t *parent_input_file = NULL;
static char *function = "mount_handle_open_input_parent_file";
size_t parent_basename_length = 0;
size_t parent_filename_size = 0;
size_t parent_path_size = 0;
int entry_index = 0;
int result = 0;
if( mount_handle == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
"%s: invalid mount handle.",
function );
return( -1 );
}
result = libvhdi_file_get_parent_identifier(
input_file,
guid,
16,
error );
if( result == -1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve parent content identifier.",
function );
goto on_error;
}
else if( result != 1 )
{
return( 0 );
}
#if defined( LIBCSTRING_HAVE_WIDE_SYSTEM_CHARACTER )
result = libvhdi_file_get_utf16_parent_filename_size(
input_file,
&parent_filename_size,
error );
#else
result = libvhdi_file_get_utf8_parent_filename_size(
input_file,
&parent_filename_size,
error );
#endif
if( result != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve parent filename size.",
function );
goto on_error;
}
if( parent_filename_size == 0 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_MISSING,
"%s: missing parent filename.",
function );
goto on_error;
}
if( ( parent_filename_size > (size_t) SSIZE_MAX )
|| ( ( sizeof( libcstring_system_character_t ) * parent_filename_size ) > (size_t) SSIZE_MAX ) )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_VALUE_EXCEEDS_MAXIMUM,
"%s: invalid parent filename size value exceeds maximum.",
function );
goto on_error;
}
parent_filename = libcstring_system_string_allocate(
parent_filename_size );
if( parent_filename == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_MEMORY,
LIBCERROR_MEMORY_ERROR_INSUFFICIENT,
"%s: unable to create parent filename string.",
function );
goto on_error;
}
#if defined( LIBCSTRING_HAVE_WIDE_SYSTEM_CHARACTER )
result = libvhdi_file_get_utf16_parent_filename(
input_file,
(uint16_t *) parent_filename,
parent_filename_size,
error );
#else
result = libvhdi_file_get_utf8_parent_filename(
input_file,
(uint8_t *) parent_filename,
parent_filename_size,
error );
#endif
if( result != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_GET_FAILED,
"%s: unable to retrieve parent filename.",
function );
goto on_error;
}
parent_basename_end = libcstring_system_string_search_character_reverse(
parent_filename,
(libcstring_system_character_t) '\\',
parent_filename_size );
if( parent_basename_end != NULL )
{
parent_basename_length = (size_t) ( parent_basename_end - parent_filename ) + 1;
}
if( mount_handle->basename == NULL )
{
parent_path = &( parent_filename[ parent_basename_length ] );
parent_path_size = parent_filename_size - ( parent_basename_length + 1 );
}
else
{
#if defined( LIBCSTRING_HAVE_WIDE_SYSTEM_CHARACTER )
if( libcpath_path_join_wide(
&parent_path,
&parent_path_size,
mount_handle->basename,
mount_handle->basename_size - 1,
&( parent_filename[ parent_basename_length ] ),
parent_filename_size - ( parent_basename_length + 1 ),
error ) != 1 )
#else
if( libcpath_path_join(
&parent_path,
&parent_path_size,
mount_handle->basename,
mount_handle->basename_size - 1,
&( parent_filename[ parent_basename_length ] ),
parent_filename_size - ( parent_basename_length + 1 ),
error ) != 1 )
#endif
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to create parent path.",
function );
goto on_error;
}
}
if( libvhdi_file_initialize(
&parent_input_file,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to initialize parent input file.",
function );
goto on_error;
}
#if defined( LIBCSTRING_HAVE_WIDE_SYSTEM_CHARACTER )
if( libvhdi_file_open_wide(
parent_input_file,
parent_path,
LIBVHDI_OPEN_READ,
error ) != 1 )
#else
if( libvhdi_file_open(
parent_input_file,
parent_path,
LIBVHDI_OPEN_READ,
error ) != 1 )
#endif
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_IO,
LIBCERROR_IO_ERROR_OPEN_FAILED,
"%s: unable to open parent input file: %" PRIs_LIBCSTRING_SYSTEM ".",
function,
parent_path );
goto on_error;
}
if( mount_handle_open_input_parent_file(
mount_handle,
parent_input_file,
error ) == -1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_IO,
LIBCERROR_IO_ERROR_OPEN_FAILED,
"%s: unable to open parent input file.",
function );
return( -1 );
}
if( libvhdi_file_set_parent_file(
input_file,
parent_input_file,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_SET_FAILED,
"%s: unable to set parent input file.",
function );
goto on_error;
}
if( libcdata_array_append_entry(
mount_handle->input_files_array,
&entry_index,
(intptr_t *) parent_input_file,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_APPEND_FAILED,
"%s: unable to append parent input file to array.",
function );
goto on_error;
}
if( parent_path != NULL )
{
if( mount_handle->basename != NULL )
{
memory_free(
parent_path );
}
parent_path = NULL;
}
if( parent_filename != NULL )
{
memory_free(
parent_filename );
parent_filename = NULL;
}
return( 1 );
on_error:
if( parent_input_file != NULL )
{
libvhdi_file_free(
&parent_input_file,
NULL );
}
if( ( parent_path != NULL )
&& ( mount_handle->basename != NULL ) )
{
memory_free(
parent_path );
}
if( parent_filename != NULL )
{
memory_free(
parent_filename );
}
return( -1 );
}
/* Opens the input of the mount handle
* Returns 1 if successful, 0 if the keys could not be read or -1 on error
*/
int mount_handle_open_input(
mount_handle_t *mount_handle,
const libcstring_system_character_t *filename,
libcerror_error_t **error )
{
libcstring_system_character_t *basename_end = NULL;
libvhdi_file_t *input_file = NULL;
static char *function = "mount_handle_open_input";
size_t basename_length = 0;
size_t filename_length = 0;
int entry_index = 0;
if( mount_handle == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
"%s: invalid mount handle.",
function );
return( -1 );
}
if( filename == NULL )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
"%s: invalid filename.",
function );
return( -1 );
}
filename_length = libcstring_system_string_length(
filename );
basename_end = libcstring_system_string_search_character_reverse(
filename,
(libcstring_system_character_t) LIBCPATH_SEPARATOR,
filename_length + 1 );
if( basename_end != NULL )
{
basename_length = (size_t) ( basename_end - filename ) + 1;
}
if( basename_length > 0 )
{
if( mount_handle_set_basename(
mount_handle,
filename,
basename_length,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_SET_FAILED,
"%s: unable to set basename.",
function );
goto on_error;
}
}
if( libvhdi_file_initialize(
&input_file,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_INITIALIZE_FAILED,
"%s: unable to initialize input file.",
function );
goto on_error;
}
#if defined( LIBCSTRING_HAVE_WIDE_SYSTEM_CHARACTER )
if( libvhdi_file_open_wide(
input_file,
filename,
LIBVHDI_OPEN_READ,
error ) != 1 )
#else
if( libvhdi_file_open(
input_file,
filename,
LIBVHDI_OPEN_READ,
error ) != 1 )
#endif
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_IO,
LIBCERROR_IO_ERROR_OPEN_FAILED,
"%s: unable to open input file.",
function );
goto on_error;
}
if( mount_handle_open_input_parent_file(
mount_handle,
input_file,
error ) == -1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_IO,
LIBCERROR_IO_ERROR_OPEN_FAILED,
"%s: unable to open parent input file.",
function );
goto on_error;
}
if( libcdata_array_append_entry(
mount_handle->input_files_array,
&entry_index,
(intptr_t *) input_file,
error ) != 1 )
{
libcerror_error_set(
error,
LIBCERROR_ERROR_DOMAIN_RUNTIME,
LIBCERROR_RUNTIME_ERROR_APPEND_FAILED,
"%s: unable to append input file to array.",
function );
goto on_error;
}
return( 1 );
on_error:
if( input_file != NULL )
{
libvhdi_file_free(
&input_file,
NULL );
}
libcdata_array_empty(
mount_handle->input_files_array,
(int (*)(intptr_t **, libcerror_error_t **)) &libvhdi_file_free,
NULL );
return( -1 );
}
int main( int argc, char * const argv[] )
#endif
{
export_handle_t *olecfexport_export_handle = NULL;
libcerror_error_t *error = NULL;
log_handle_t *log_handle = NULL;
libcstring_system_character_t *log_filename = NULL;
libcstring_system_character_t *option_ascii_codepage = NULL;
libcstring_system_character_t *option_target_path = NULL;
libcstring_system_character_t *path_separator = NULL;
libcstring_system_character_t *source = NULL;
char *program = "olecfexport";
size_t source_length = 0;
libcstring_system_integer_t option = 0;
int result = 0;
int verbose = 0;
libcnotify_stream_set(
stderr,
NULL );
libcnotify_verbose_set(
1 );
if( libclocale_initialize(
"olecftools",
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize locale values.\n" );
goto on_error;
}
if( libcsystem_initialize(
_IONBF,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize system values.\n" );
goto on_error;
}
olecfoutput_version_fprint(
stdout,
program );
while( ( option = libcsystem_getopt(
argc,
argv,
_LIBCSTRING_SYSTEM_STRING( "c:hl:t:vV" ) ) ) != (libcstring_system_integer_t) -1 )
{
switch( option )
{
case (libcstring_system_integer_t) '?':
default:
fprintf(
stderr,
"Invalid argument: %" PRIs_LIBCSTRING_SYSTEM "\n",
argv[ optind - 1 ] );
usage_fprint(
stdout );
return( EXIT_FAILURE );
case (libcstring_system_integer_t) 'c':
option_ascii_codepage = optarg;
break;
case (libcstring_system_integer_t) 'h':
usage_fprint(
stdout );
return( EXIT_SUCCESS );
case (libcstring_system_integer_t) 'l':
log_filename = optarg;
break;
case (libcstring_system_integer_t) 't':
option_target_path = optarg;
break;
case (libcstring_system_integer_t) 'v':
verbose = 1;
break;
case (libcstring_system_integer_t) 'V':
olecfoutput_copyright_fprint(
stdout );
return( EXIT_SUCCESS );
}
}
if( optind == argc )
{
fprintf(
stderr,
"Missing source file.\n" );
usage_fprint(
stdout );
return( EXIT_FAILURE );
}
source = argv[ optind ];
if( option_target_path == NULL )
{
source_length = libcstring_system_string_length(
source );
path_separator = libcstring_system_string_search_character_reverse(
source,
(libcstring_system_character_t) LIBCPATH_SEPARATOR,
source_length );
if( path_separator == NULL )
{
path_separator = source;
}
else
{
path_separator++;
}
option_target_path = path_separator;
}
libcnotify_verbose_set(
verbose );
libolecf_notify_set_stream(
stderr,
NULL );
libolecf_notify_set_verbose(
verbose );
if( export_handle_initialize(
&olecfexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize export handle.\n" );
goto on_error;
}
if( export_handle_set_target_path(
olecfexport_export_handle,
option_target_path,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set target path.\n" );
goto on_error;
}
result = export_handle_create_items_export_path(
olecfexport_export_handle,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to create items export path.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"%" PRIs_LIBCSTRING_SYSTEM " already exists.\n",
olecfexport_export_handle->items_export_path );
goto on_error;
}
if( log_handle_initialize(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize log handle.\n" );
goto on_error;
}
if( log_handle_open(
log_handle,
log_filename,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open log file: %" PRIs_LIBCSTRING_SYSTEM ".\n",
log_filename );
goto on_error;
}
if( option_ascii_codepage != NULL )
{
result = export_handle_set_ascii_codepage(
olecfexport_export_handle,
option_ascii_codepage,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set ASCII codepage in export handle.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported ASCII codepage defaulting to: windows-1252.\n" );
}
}
fprintf(
stdout,
"Opening file.\n" );
if( export_handle_open_input(
olecfexport_export_handle,
source,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open: %" PRIs_LIBCSTRING_SYSTEM ".\n",
source );
goto on_error;
}
if( export_handle_export_file(
olecfexport_export_handle,
log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to export file stream and storage items.\n" );
goto on_error;
}
if( export_handle_close(
olecfexport_export_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close export handle.\n" );
goto on_error;
}
if( export_handle_free(
&olecfexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free export handle.\n" );
goto on_error;
}
if( log_handle_close(
log_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close log file: %" PRIs_LIBCSTRING_SYSTEM ".\n",
log_filename );
goto on_error;
}
if( log_handle_free(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free log handle.\n" );
goto on_error;
}
fprintf(
stdout,
"Export completed.\n" );
return( EXIT_SUCCESS );
on_error:
if( error != NULL )
{
libcnotify_print_error_backtrace(
error );
libcerror_error_free(
&error );
}
if( log_handle != NULL )
{
log_handle_close(
log_handle,
NULL );
log_handle_free(
&log_handle,
NULL );
}
if( olecfexport_export_handle != NULL )
{
export_handle_close(
olecfexport_export_handle,
NULL );
export_handle_free(
&olecfexport_export_handle,
NULL );
}
return( EXIT_FAILURE );
}
int main( int argc, char * const argv[] )
#endif
{
libcstring_system_character_t *log_filename = NULL;
libcstring_system_character_t *option_ascii_codepage = NULL;
libcstring_system_character_t *option_export_mode = NULL;
libcstring_system_character_t *option_table_name = NULL;
libcstring_system_character_t *option_target_path = NULL;
libcstring_system_character_t *path_separator = NULL;
libcstring_system_character_t *source = NULL;
liberror_error_t *error = NULL;
log_handle_t *log_handle = NULL;
char *program = "esedbexport";
size_t source_length = 0;
size_t option_table_name_length = 0;
libcstring_system_integer_t option = 0;
int result = 0;
int verbose = 0;
libsystem_notify_set_stream(
stderr,
NULL );
libsystem_notify_set_verbose(
1 );
if( libsystem_initialize(
"esedbtools",
_IONBF,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize system values.\n" );
libsystem_notify_print_error_backtrace(
error );
liberror_error_free(
&error );
return( EXIT_FAILURE );
}
esedboutput_version_fprint(
stdout,
program );
while( ( option = libsystem_getopt(
argc,
argv,
_LIBCSTRING_SYSTEM_STRING( "c:hl:m:t:T:vV" ) ) ) != (libcstring_system_integer_t) -1 )
{
switch( option )
{
case (libcstring_system_integer_t) '?':
default:
fprintf(
stderr,
"Invalid argument: %" PRIs_LIBCSTRING_SYSTEM "\n",
argv[ optind - 1 ] );
usage_fprint(
stdout );
return( EXIT_FAILURE );
case (libcstring_system_integer_t) 'c':
option_ascii_codepage = optarg;
break;
case (libcstring_system_integer_t) 'h':
usage_fprint(
stdout );
return( EXIT_SUCCESS );
case (libcstring_system_integer_t) 'l':
log_filename = optarg;
break;
case (libcstring_system_integer_t) 'm':
option_export_mode = optarg;
break;
case (libcstring_system_integer_t) 't':
option_target_path = optarg;
break;
case (libcstring_system_integer_t) 'T':
option_table_name = optarg;
break;
case (libcstring_system_integer_t) 'v':
verbose = 1;
break;
case (libcstring_system_integer_t) 'V':
esedboutput_copyright_fprint(
stdout );
return( EXIT_SUCCESS );
}
}
if( optind == argc )
{
fprintf(
stderr,
"Missing source file.\n" );
usage_fprint(
stdout );
return( EXIT_FAILURE );
}
source = argv[ optind ];
if( option_target_path == NULL )
{
source_length = libcstring_system_string_length(
source );
path_separator = libcstring_system_string_search_character_reverse(
source,
(libcstring_system_character_t) LIBSYSTEM_PATH_SEPARATOR,
source_length );
if( path_separator == NULL )
{
path_separator = source;
}
else
{
path_separator++;
}
option_target_path = path_separator;
}
if( option_table_name != NULL )
{
option_table_name_length = libcstring_system_string_length(
option_table_name );
}
libsystem_notify_set_verbose(
verbose );
libesedb_notify_set_stream(
stderr,
NULL );
libesedb_notify_set_verbose(
verbose );
if( log_handle_initialize(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize log handle.\n" );
goto on_error;
}
if( export_handle_initialize(
&esedbexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize export handle.\n" );
goto on_error;
}
/* TODO
esedbexport_export_handle->print_status_information = print_status_information;
*/
if( option_export_mode != NULL )
{
result = export_handle_set_export_mode(
esedbexport_export_handle,
option_export_mode,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set export mode.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported export mode defaulting to: tables.\n" );
}
}
if( option_ascii_codepage != NULL )
{
result = export_handle_set_ascii_codepage(
esedbexport_export_handle,
option_ascii_codepage,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set ASCII codepage in export handle.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported ASCII codepage defaulting to: windows-1252.\n" );
}
}
if( export_handle_set_target_path(
esedbexport_export_handle,
option_target_path,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set target path.\n" );
goto on_error;
}
result = export_handle_create_items_export_path(
esedbexport_export_handle,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to create items export path.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"%" PRIs_LIBCSTRING_SYSTEM " already exists.\n",
esedbexport_export_handle->items_export_path );
goto on_error;
}
if( log_handle_open(
log_handle,
log_filename,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open log file: %" PRIs_LIBCSTRING_SYSTEM ".\n",
log_filename );
goto on_error;
}
fprintf(
stdout,
"Opening file.\n" );
#ifdef TODO_SIGNAL_ABORT
if( libsystem_signal_attach(
esedbexport_signal_handler,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to attach signal handler.\n" );
libsystem_notify_print_error_backtrace(
error );
liberror_error_free(
&error );
}
#endif
if( export_handle_open(
esedbexport_export_handle,
source,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open: %" PRIs_LIBCSTRING_SYSTEM ".\n",
source );
goto on_error;
}
/* TODO
fprintf(
stdout,
"Exporting aliases.\n" );
*/
result = export_handle_export_file(
esedbexport_export_handle,
option_table_name,
option_table_name_length,
log_handle,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to export file.\n" );
goto on_error;
}
#ifdef TODO_SIGNAL_ABORT
if( libsystem_signal_detach(
&error ) != 1 )
{
fprintf(
stderr,
"Unable to detach signal handler.\n" );
libsystem_notify_print_error_backtrace(
error );
liberror_error_free(
&error );
}
#endif
if( export_handle_close(
esedbexport_export_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close export handle.\n" );
goto on_error;
}
if( export_handle_free(
&esedbexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free export handle.\n" );
goto on_error;
}
if( log_handle_close(
log_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close log handle.\n" );
goto on_error;
}
if( log_handle_free(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free log handle.\n" );
goto on_error;
}
if( esedbexport_abort != 0 )
{
fprintf(
stdout,
"Export aborted.\n" );
return( EXIT_FAILURE );
}
/* TODO export FAILED ? */
fprintf(
stdout,
"Export completed.\n" );
return( EXIT_SUCCESS );
on_error:
if( error != NULL )
{
libsystem_notify_print_error_backtrace(
error );
liberror_error_free(
&error );
}
if( esedbexport_export_handle != NULL )
{
export_handle_free(
&esedbexport_export_handle,
NULL );
}
if( log_handle != NULL )
{
log_handle_free(
&log_handle,
NULL );
}
return( EXIT_FAILURE );
}
int main( int argc, char * const argv[] )
#endif
{
libcerror_error_t *error = NULL;
log_handle_t *log_handle = NULL;
libcstring_system_character_t *log_filename = NULL;
libcstring_system_character_t *option_ascii_codepage = NULL;
libcstring_system_character_t *option_export_mode = NULL;
libcstring_system_character_t *option_preferred_export_format = NULL;
libcstring_system_character_t *option_target_path = NULL;
libcstring_system_character_t *path_separator = NULL;
libcstring_system_character_t *source = NULL;
char *program = "pffexport";
size_t source_length = 0;
libcstring_system_integer_t option = 0;
uint8_t dump_item_values = 0;
uint8_t print_status_information = 1;
int result = 0;
int verbose = 0;
libcnotify_stream_set(
stderr,
NULL );
libcnotify_verbose_set(
1 );
if( libclocale_initialize(
"pfftools",
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize locale values.\n" );
goto on_error;
}
if( libcsystem_initialize(
_IONBF,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to initialize system values.\n" );
goto on_error;
}
pffoutput_version_fprint(
stdout,
program );
while( ( option = libcsystem_getopt(
argc,
argv,
_LIBCSTRING_SYSTEM_STRING( "c:df:hl:m:qt:vV" ) ) ) != (libcstring_system_integer_t) -1 )
{
switch( option )
{
case (libcstring_system_integer_t) '?':
default:
fprintf(
stderr,
"Invalid argument: %" PRIs_LIBCSTRING_SYSTEM "\n",
argv[ optind - 1 ] );
usage_fprint(
stdout );
return( EXIT_FAILURE );
case (libcstring_system_integer_t) 'c':
option_ascii_codepage = optarg;
break;
case (libcstring_system_integer_t) 'd':
dump_item_values = 1;
break;
case (libcstring_system_integer_t) 'f':
option_preferred_export_format = optarg;
break;
case (libcstring_system_integer_t) 'h':
usage_fprint(
stdout );
return( EXIT_SUCCESS );
case (libcstring_system_integer_t) 'l':
log_filename = optarg;
break;
case (libcstring_system_integer_t) 'm':
option_export_mode = optarg;
break;
case (libcstring_system_integer_t) 'q':
print_status_information = 0;
break;
case (libcstring_system_integer_t) 't':
option_target_path = optarg;
break;
case (libcstring_system_integer_t) 'v':
verbose = 1;
break;
case (libcstring_system_integer_t) 'V':
pffoutput_copyright_fprint(
stdout );
return( EXIT_SUCCESS );
}
}
if( optind == argc )
{
fprintf(
stderr,
"Missing source file.\n" );
usage_fprint(
stdout );
return( EXIT_FAILURE );
}
source = argv[ optind ];
if( option_target_path == NULL )
{
source_length = libcstring_system_string_length(
source );
path_separator = libcstring_system_string_search_character_reverse(
source,
(libcstring_system_character_t) LIBCPATH_SEPARATOR,
source_length );
if( path_separator == NULL )
{
path_separator = source;
}
else
{
path_separator++;
}
option_target_path = path_separator;
}
libcnotify_verbose_set(
verbose );
libpff_notify_set_stream(
stderr,
NULL );
libpff_notify_set_verbose(
verbose );
if( export_handle_initialize(
&pffexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to create export handle.\n" );
goto on_error;
}
pffexport_export_handle->print_status_information = print_status_information;
if( option_export_mode != NULL )
{
result = export_handle_set_export_mode(
pffexport_export_handle,
option_export_mode,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set export mode.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported export mode defaulting to: items.\n" );
}
}
pffexport_export_handle->dump_item_values = dump_item_values;
if( option_preferred_export_format != NULL )
{
result = export_handle_set_preferred_export_format(
pffexport_export_handle,
option_preferred_export_format,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set preferred export format.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported preferred export format defaulting to: text.\n" );
}
}
if( option_ascii_codepage != NULL )
{
result = export_handle_set_ascii_codepage(
pffexport_export_handle,
option_ascii_codepage,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to set ASCII codepage in export handle.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"Unsupported ASCII codepage defaulting to: windows-1252.\n" );
}
}
if( export_handle_set_target_path(
pffexport_export_handle,
option_target_path,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set target path.\n" );
goto on_error;
}
result = export_handle_create_items_export_path(
pffexport_export_handle,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to create items export path.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"%" PRIs_LIBCSTRING_SYSTEM " already exists.\n",
pffexport_export_handle->items_export_path );
goto on_error;
}
result = export_handle_create_orphans_export_path(
pffexport_export_handle,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to create orphans export path.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"%" PRIs_LIBCSTRING_SYSTEM " already exists.\n",
pffexport_export_handle->orphans_export_path );
goto on_error;
}
result = export_handle_create_recovered_export_path(
pffexport_export_handle,
&error );
if( result == -1 )
{
fprintf(
stderr,
"Unable to create recovered export path.\n" );
goto on_error;
}
else if( result == 0 )
{
fprintf(
stderr,
"%" PRIs_LIBCSTRING_SYSTEM " already exists.\n",
pffexport_export_handle->recovered_export_path );
goto on_error;
}
if( log_handle_initialize(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to create log handle.\n" );
goto on_error;
}
if( log_handle_open(
log_handle,
log_filename,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to open log file: %" PRIs_LIBCSTRING_SYSTEM ".\n",
log_filename );
goto on_error;
}
if( libpff_file_initialize(
&pffexport_file,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to create file.\n" );
goto on_error;
}
if( libpff_file_set_ascii_codepage(
pffexport_file,
pffexport_export_handle->ascii_codepage,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to set ASCII codepage.\n" );
goto on_error;
}
if( libcsystem_signal_attach(
pffexport_signal_handler,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to attach signal handler.\n" );
goto on_error;
}
fprintf(
stdout,
"Opening file.\n" );
#if defined( LIBCSTRING_HAVE_WIDE_SYSTEM_CHARACTER )
if( libpff_file_open_wide(
pffexport_file,
source,
LIBPFF_OPEN_READ,
&error ) != 1 )
#else
if( libpff_file_open(
pffexport_file,
source,
LIBPFF_OPEN_READ,
&error ) != 1 )
#endif
{
fprintf(
stderr,
"Error opening file: %" PRIs_LIBCSTRING_SYSTEM ".\n",
source );
goto on_error;
}
if( export_handle_export_file(
pffexport_export_handle,
pffexport_file,
log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to export file.\n" );
goto on_error;
}
if( libpff_file_close(
pffexport_file,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close file.\n" );
goto on_error;
}
if( libcsystem_signal_detach(
&error ) != 1 )
{
fprintf(
stderr,
"Unable to detach signal handler.\n" );
goto on_error;
}
if( libpff_file_free(
&pffexport_file,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free file.\n" );
goto on_error;
}
if( log_handle_close(
log_handle,
&error ) != 0 )
{
fprintf(
stderr,
"Unable to close log file.\n" );
goto on_error;
}
if( log_handle_free(
&log_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free log handle.\n" );
goto on_error;
}
if( export_handle_free(
&pffexport_export_handle,
&error ) != 1 )
{
fprintf(
stderr,
"Unable to free export handle.\n" );
goto on_error;
}
if( pffexport_abort != 0 )
{
fprintf(
stdout,
"Export aborted.\n" );
return( EXIT_FAILURE );
}
fprintf(
stdout,
"Export completed.\n" );
return( EXIT_SUCCESS );
on_error:
if( error != NULL )
{
libcnotify_print_error_backtrace(
error );
libcerror_error_free(
&error );
}
if( pffexport_file != NULL )
{
libpff_file_close(
pffexport_file,
NULL );
libpff_file_free(
&pffexport_file,
NULL );
}
if( log_handle != NULL )
{
log_handle_close(
log_handle,
NULL );
log_handle_free(
&log_handle,
NULL );
}
if( pffexport_export_handle != NULL )
{
export_handle_free(
&pffexport_export_handle,
NULL );
}
return( EXIT_FAILURE );
}
