struct ntreg_lf_record {
int32_t seg_len;
- char id[2]; /* "lf" */
+ char id[2]; /* "lf"|"lh" */
uint16_t nr_keys; /* number of keys in this record */
struct {
uint32_t offset; /* offset of nk-record for this subkey */
subkey_lf += 0x1000;
if (!IS_VALID_BLOCK (h, subkey_lf)) {
if (h->msglvl >= 2)
- fprintf (stderr, "hivex_node_children: returning EFAULT because subkey_lf is not a valid block (%zu)\n",
+ fprintf (stderr, "hivex_node_children: returning EFAULT because subkey_lf is not a valid block (0x%zx)\n",
subkey_lf);
errno = EFAULT;
goto error;
/* Count total number of children. */
size_t i, count = 0;
for (i = 0; i < nr_offsets; ++i) {
- hive_node_h offset = ri->offset[i];
+ hive_node_h offset = le32toh (ri->offset[i]);
offset += 0x1000;
if (!IS_VALID_BLOCK (h, offset)) {
if (h->msglvl >= 2)
goto error;
}
if (!BLOCK_ID_EQ (h, offset, "lf") && !BLOCK_ID_EQ (h, offset, "lh")) {
+ if (h->msglvl >= 2)
+ fprintf (stderr, "get_children: returning ENOTSUP because ri-record offset does not point to lf/lh (0x%zx)\n",
+ offset);
errno = ENOTSUP;
goto error;
}
* something reasonable above.
*/
for (i = 0; i < nr_offsets; ++i) {
- hive_node_h offset = ri->offset[i];
+ hive_node_h offset = le32toh (ri->offset[i]);
offset += 0x1000;
if (!IS_VALID_BLOCK (h, offset)) {
if (h->msglvl >= 2)
goto error;
}
if (!BLOCK_ID_EQ (h, offset, "lf") && !BLOCK_ID_EQ (h, offset, "lh")) {
+ if (h->msglvl >= 2)
+ fprintf (stderr, "get_children: returning ENOTSUP because ri-record offset does not point to lf/lh (0x%zx)\n",
+ offset);
errno = ENOTSUP;
goto error;
}
goto ok;
}
/* else not supported, set errno and fall through */
+ if (h->msglvl >= 2)
+ fprintf (stderr, "get_children: returning ENOTSUP because subkey block is not lf/lh/ri (0x%zx, %d, %d)\n",
+ subkey_lf, block->id[0], block->id[1]);
errno = ENOTSUP;
error:
free_offset_list (&children);
blockhdr->id[1] = id[1];
}
+ BITMAP_SET (h->bitmap, offset);
+
h->endblocks += seg_len;
/* If there is space after the last block in the last page, then we
git.annexia.org / hivex.git / blobdiff