[Libguestfs] [PATCH] Add a minimal hive with "special" keys and values

Hilko Bengen bengen at hilluzination.de
Fri Jan 10 00:14:51 UTC 2014 

---
 images/README          |  15 +++++++++++++++
 images/mkzero/Makefile |   7 +++++++
 images/mkzero/mkzero.c |  48 ++++++++++++++++++++++++++++++++++++++++++++++++
 images/special         | Bin 0 -> 8192 bytes
 4 files changed, 70 insertions(+)
 create mode 100644 images/mkzero/Makefile
 create mode 100644 images/mkzero/mkzero.c
 create mode 100644 images/special

diff --git a/images/README b/images/README
index 2131885..34c65f3 100644
--- a/images/README
+++ b/images/README
@@ -11,3 +11,18 @@ hand-crafted binary blob.
 tests.
 
 - Richard W.M. Jones 2010-02-24.
+
+'special' was created by importing 'minimal' into a VM running Windows
+XP and loading it into HKEY_LOCAL_MACHINE\minimal using regedit.exe
+(File/Load Hive...)
+
+- A subkey 'asdf_äöüß' was created in the root node
+  - An empty REG_STRING value 'asdf_äöüß' was created within that node.
+- A subkey 'weird™' was created in the root node.
+  - An empty REG_STRING value 'symbols $£₤₧€' (SMALL DOLLAR SIGN,
+    FULLWIDTH POUND SIGN, PESETA SIGN, EURO SIGN) was created within
+    that node.
+- A subkey 'zero\0key' with an REG_DWORD value 'zero\0val'
+  was created using the 'mkzero/mkzero.c'. (\0 = zero character) 
+
+- Hilko Bengen 2014-01-10.
diff --git a/images/mkzero/Makefile b/images/mkzero/Makefile
new file mode 100644
index 0000000..4d33ade
--- /dev/null
+++ b/images/mkzero/Makefile
@@ -0,0 +1,7 @@
+CROSS=i686-w64-mingw32-
+
+all: mkzero.exe
+mkzero.exe: mkzero.o
+	$(CROSS)gcc -o $@ $< -lntdll
+%.o: %.c
+	$(CROSS)gcc -o $@ -c $<
diff --git a/images/mkzero/mkzero.c b/images/mkzero/mkzero.c
new file mode 100644
index 0000000..1b50b22
--- /dev/null
+++ b/images/mkzero/mkzero.c
@@ -0,0 +1,48 @@
+/* use the NT native API to create registry key and value that contain
+   a zero character */
+
+#include <ntdef.h>
+#include <stdio.h>
+#include <ddk/wdm.h>
+#include <windef.h>
+
+int main (int argc, char **argv)
+{
+  NTSTATUS rc;
+
+  UNICODE_STRING root_key_name;
+  RtlInitUnicodeString(&root_key_name, L"\\Registry\\Machine\\minimal");
+  OBJECT_ATTRIBUTES root_key_obj;
+  InitializeObjectAttributes (&root_key_obj, &root_key_name,
+                              OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
+                              NULL, NULL);
+  HANDLE minimal_key_handle;
+  rc = ZwCreateKey (&minimal_key_handle, KEY_ALL_ACCESS, &root_key_obj,
+                    0, NULL, REG_OPTION_NON_VOLATILE, NULL);
+  if (!NT_SUCCESS (rc)) {
+    printf("error: CreateKey <HKLM\\minimal>: 0x%08x\n", rc);
+    exit(1);
+  }
+
+  UNICODE_STRING key_name = {16, 16, L"zero\0key"};
+  OBJECT_ATTRIBUTES key_obj;
+  InitializeObjectAttributes (&key_obj, &key_name, 
+                              OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
+                              minimal_key_handle, NULL);
+  HANDLE key_handle;
+  rc = ZwCreateKey (&key_handle, KEY_ALL_ACCESS, &key_obj,
+                    0, NULL, REG_OPTION_NON_VOLATILE, NULL);
+  if (!NT_SUCCESS (rc)) {
+    printf("error: CreateKey: 0x%08x\n", rc);
+    exit(1);
+  }
+
+  UNICODE_STRING value_name = {16, 16, L"zero\0val"};
+  DWORD value = 0;
+  rc = ZwSetValueKey (key_handle, &value_name, 0,
+                      REG_DWORD, &value, sizeof(value));
+  if (!NT_SUCCESS (rc)) {
+    printf("error: SetValueKey: 0x%08x\n", rc);
+    exit(1);
+  }
+}
diff --git a/images/special b/images/special
new file mode 100644
index 0000000000000000000000000000000000000000..8aa4f2254af7b52f0a79061a7288c2128eee7b63
GIT binary patch
literal 8192
zcmeHLziU%b6h28COhb#$Ul4=fYx at MLKL!^^6)M(2Dk4tBk~GnVmnM=(q~Z`n)IUHs
zhkyk;I61kvcM)}{1Q$C94muRkP^1{Y at 7_GxmnJ$170!YC?z!ijckape-TNS?oV$K)
zEF!{jqOm&ic<4<8s>CoT)Lkl$)hjY3XCy0gl9wVzMQ%!2(s-6IPszCCVDruT2G&8`
z9AXO0qq1!fXx39_w at ooxh$5f}C<2OrBA^H;0*Zhlpa>`eioicbU^bI4nho&(K9Haf
zz;(UVY8CyX^5XN4gX|5^c6x_M9~H=AzX(EF)H&DM^IjS{WDsl5^DbVRygYe);`|l5
zmwvTc6<;J7wSyZRz#}64kJx;0%#I?=7nQG);7gK}{a8it4kYH{F-$#?#6xOZ>|NqV
zd&C<%;!nxWP=0qK-r1br*ioH{x3$K0vx<a4z%k7f)M#uy^M+y#w4Hl|^N6ef>#83Y
zz+dBbm`$(dcCK8KYPzrn|4Y=<FmVGw%f_)pj&x=wJN>D-{t;aqV!DdB6*xGaxzF8t
zo0l4V94u-aKJapH5c6RSisfa^^5XR1CDntMF7XEcF7d{W_^!Oz_^rG+U3f`_u(rH7
zp3Q5UUa@`nU5h8*=k9#*hDN7n{O|m&;rA>@e~6Ft at U?kmJ59(>9P_z7$1d1=Ci3&h
zu4c7;&s_Kd0X;?x>>!)>g@(ZILg5jm at Sfd5A1;rMTvkSgX(I!L*{Io*`#r=jSYEha
zBJU3JaZr}9uKKCad7-@`^XTPe(B&&Ycg2&Zvf%Qh&>MUwTv>ne?$F)8)E`Hoo%OT6
zp#A~q8|RbR?Kv*Y_Q?e5yt at 40bx{9XtY3ZeKG-PmhWd-X8~R?kffF;_Mu=krkIp*C
oOB)Kqjk!;LZoXkZJexA9st70oihv at Z2q*%IfFhs>{C^1i23(Tu`2YX_

literal 0
HcmV?d00001

-- 
1.8.5.2

More information about the Libguestfs mailing list