[Libguestfs] hivex: some issues (key encoding, ...) and suggested fixes
Richard W.M. Jones
rjones at redhat.com
Tue Mar 1 04:33:33 UTC 2011
On Mon, Feb 28, 2011 at 02:33:32PM +0000, Matthew Booth wrote:
> On 26/02/11 18:56, Török Edwin wrote:
> >4. hivexml output is not a well-formed XML
> >
> >See problem #1 and #2, if value_string and node_name are fixed to not
> >dump the binary garbage and just return UTF8 then I think hivexml's
> >output would pass xmllint.
>
> As it happens, I opened a BZ on this just the other day. I think
> there's an additional element here: it seems that sometimes a
> registry key genuinely contains non-text data. An example is
> HKLM/SOFTWARE/Microsoft/MSDTC/Security/XAKey, which I'm guessing is
> a cryptographic key. This would require a CDATA section. However,
> it's not clear to me how the tool can reliably infer that a value is
> binary data without specific knowledge of the schema.
The type field stored in the registry is in many cases nonsensical.
In hivexml we trust the type, which is wrong. We ought to either
shoot hivexml or fix it.
In hivexregedit / virt-win-reg, we dump all strings as binary
(ie. hex(TYPE):...) for this and for other reasons to do with
preserving the encoding. It's explained in the man page I think.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top
More information about the Libguestfs
mailing list