[Libguestfs] [PATCH 1/7] Add a minimal hive with "special" keys and values

Alex Nelson a.nelson at prometheuscomputing.com
Tue Jan 14 17:10:59 UTC 2014 

Hi Hilko,

Thanks a lot for creating this test hive!

I think another thing that will trip up Registry programs is value names
that include back slashes. For example, under the System hive, the key
"\MountedDevices" has child values with names like "\DosDevices\C:" (the
leading backslash is a part of the value name).  There are many other
values that include backslashes.  I don't think I have any keys that have
backslash-carrying names, but I haven't tested that extensively.

Have these values caused enough troubles to warrant another test hive?

--Alex



On Mon, Jan 13, 2014 at 8:18 AM, Richard W.M. Jones <rjones at redhat.com>wrote:

> On Sat, Jan 11, 2014 at 12:12:46AM +0100, Hilko Bengen wrote:
> > ---
> >  images/README          |  14 ++++++++++++
> >  images/mkzero/Makefile |   9 ++++++++
> >  images/mkzero/mkzero.c |  59
> +++++++++++++++++++++++++++++++++++++++++++++++++
> >  images/special         | Bin 0 -> 8192 bytes
> >  4 files changed, 82 insertions(+)
> >  create mode 100644 images/mkzero/Makefile
> >  create mode 100644 images/mkzero/mkzero.c
> >  create mode 100644 images/special
> >
> > diff --git a/images/README b/images/README
> > index 2131885..b01e5a2 100644
> > --- a/images/README
> > +++ b/images/README
> > @@ -11,3 +11,17 @@ hand-crafted binary blob.
> >  tests.
> >
> >  - Richard W.M. Jones 2010-02-24.
> > +
> > +'special' was created by importing 'minimal' into a VM running Windows
> > +XP, loading it into HKEY_LOCAL_MACHINE\minimal using regedit.exe
> > +(File/Load Hive...), and running 'mkzero.exe'.
> > +
> > +'mkzero.exe' creates the following keys and values:
> > +
> > +- A key 'zero\0key' containing a REG_DWORD value 'zero\0val' (\0 = zero
> > +  character)
> > +- A key 'asdf_äöüß' containing a REG_DWORD value 'asdf_äöüß'
> > +- A key 'weird™' containing a REG_DWORD value 'symbols $£₤₧€' (SMALL
> > +  DOLLAR SIGN, FULLWIDTH POUND SIGN, PESETA SIGN, EURO SIGN)
> > +
> > +- Hilko Bengen 2014-01-10.
> > diff --git a/images/mkzero/Makefile b/images/mkzero/Makefile
> > new file mode 100644
> > index 0000000..affe52b
> > --- /dev/null
> > +++ b/images/mkzero/Makefile
> > @@ -0,0 +1,9 @@
> > +CROSS=i686-w64-mingw32-
> > +CFLAGS=--std=c99
> > +all: mkzero.exe
> > +clean:
> > +     rm -f *.exe *.o
> > +mkzero.exe: mkzero.o
> > +     $(CROSS)gcc -o $@ $< -lntdll
> > +%.o: %.c
> > +     $(CROSS)gcc $(CFLAGS) -Wpedantic -Wall -o $@ -c $<
> > diff --git a/images/mkzero/mkzero.c b/images/mkzero/mkzero.c
> > new file mode 100644
> > index 0000000..a95794a
> > --- /dev/null
> > +++ b/images/mkzero/mkzero.c
> > @@ -0,0 +1,59 @@
> > +/* use the NT native API to create registry key and value that contain
> > +   a zero character */
> > +
> > +#include <ntdef.h>
> > +#include <stdio.h>
> > +#include <ddk/wdm.h>
> > +#include <windef.h>
> > +
> > +void create_key_value (PHANDLE handle, WCHAR* key, int key_len, WCHAR*
> val, int val_len)
> > +{
> > +  UNICODE_STRING key_name = { key_len, key_len, key };
> > +  UNICODE_STRING value_name = { val_len, val_len, val };
> > +  OBJECT_ATTRIBUTES key_obj;
> > +  InitializeObjectAttributes (&key_obj, &key_name,
> > +                              OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
> > +                              *handle, NULL);
> > +  HANDLE key_handle;
> > +  NTSTATUS rc;
> > +  rc = ZwCreateKey (&key_handle, KEY_ALL_ACCESS, &key_obj,
> > +                    0, NULL, REG_OPTION_NON_VOLATILE, NULL);
> > +  if (!NT_SUCCESS (rc)) {
> > +    wprintf(L"error: CreateKey %s: 0x%08x\n", key, rc);
> > +    exit(1);
> > +  }
> > +  DWORD value = 0;
> > +  rc = ZwSetValueKey (key_handle, &value_name, 0,
> > +                      REG_DWORD, &value, sizeof(value));
> > +  if (!NT_SUCCESS (rc)) {
> > +    wprintf(L"error: SetValueKey %s: 0x%08x\n", val, rc);
> > +    exit(1);
> > +  }
> > +}
> > +
> > +int main (int argc, char **argv)
> > +{
> > +  UNICODE_STRING root_key_name;
> > +  RtlInitUnicodeString(&root_key_name, L"\\Registry\\Machine\\minimal");
> > +  OBJECT_ATTRIBUTES root_key_obj;
> > +  InitializeObjectAttributes (&root_key_obj, &root_key_name,
> > +                              OBJ_OPENIF | OBJ_CASE_INSENSITIVE,
> > +                              NULL, NULL);
> > +  HANDLE minimal_key_handle;
> > +  NTSTATUS rc = ZwCreateKey (&minimal_key_handle, KEY_ALL_ACCESS,
> &root_key_obj,
> > +                    0, NULL, REG_OPTION_NON_VOLATILE, NULL);
> > +  if (!NT_SUCCESS (rc)) {
> > +    wprintf(L"error: CreateKey <HKLM\\minimal>: 0x%08x\n", rc);
> > +    exit(1);
> > +  }
> > +  WCHAR k1[] = L"zero\0key";
> > +  WCHAR v1[] = L"zero\0val";
> > +  create_key_value (&minimal_key_handle, k1, sizeof (k1)-2, v1, sizeof
> (v1)-2);
> > +  WCHAR k2[] = L"abcd_äöüß";
> > +  WCHAR v2[] = L"abcd_äöüß";
> > +  create_key_value (&minimal_key_handle, k2, sizeof (k2)-2, v2, sizeof
> (v2)-2);
> > +  WCHAR k3[] = L"weird™";
> > +  WCHAR v3[] = L"symbols $£₤₧€";
> > +  create_key_value (&minimal_key_handle, k3, sizeof (k3)-2, v3, sizeof
> (v3)-2);
> > +  return 0;
> > +}
> > diff --git a/images/special b/images/special
> > new file mode 100644
> > index
> 0000000000000000000000000000000000000000..8a5ff5f34f32f0e56c1e1e9abf49bd3a8857c5e7
> > GIT binary patch
> > literal 8192
> > zcmeHLziU%b6h28CZ9~<EDAeHa+P=XdxC$;R6s%K4L=cN5X`%@)O-drwio+ZH at elY1
> > z1T2`rMJE?Ghc2Q^L|k-m(@8`sh|ll4H&6SLm(oQjat_>k?mh3^bH4X|uYulX`TDgz
> > zDG`p7(@(o+_rFeIDH#kJ*De>1UAJUG&PYj?r7CrdmfVo06fig77i3n-i1}u}f_;>?
> > zjGP+lsO=gC@|UkX+cjVmh%%rIC<DrXGN2471ImChpbRJj%D_Kmpi->XO#}RYA6aw{
> > zz<oOm!@8fB{JkG9c{jk=>AfN&T);Y`B1j3jrVo1lAOn3ifxYK>=P%4(oIgHy?h+qw
> > z{0hUCkL!iB9c*wEQ%Xi3^76qk9Yqcyo|Z3?<sq4rBiN;I29|L#O>v!_#3aE$JRyH(
> > zNWO_9|CAhv)p!5qJ6r3UIMA7Vi#223Jxj!Zzcn_rZY<YO+utKz2fTypy6?txaoMqF
> > z)PlzLZB!(`+(*wTH>5K*hWU26*$}_H*6!&MAjUy3vnT>R?oPlTv+vW>W7F#44ACPu
> > zM301g!+S!$i6cKz51T)zhm)X3F2=Fd$nk7ld)bvajCbvvcw4^n+1od>xa5E1yT;F1
> > zZMMlz4SCknQ#PT23*zbDz<-2a^~b11fNu2s?5!TFg&Ok$bZx`$RPU7pz4=YDHf<cE
> > zP+Tf4e)|6NgNg7jN~BgvO9yAKb|1WY4iGQCdhg#EeB%T7`p;W at vZL?uRsy~p`bYTq
> > zJ8={Dh*jJumSlR05Q(E!8To^64$0m1`;7=Eb7&g|Z!U(H at s_ONF0zPQ${N<Lc=AZr
> > k-N)_|mrtRG{b8{ios|J)Kp9X5lmTTx8Bhk4f&Y|&-#+)~(*OVf
> >
> > literal 0
> > HcmV?d00001
>
> ACK.
>
> Rich.
>
> --
> Richard Jones, Virtualization Group, Red Hat
> http://people.redhat.com/~rjones
> virt-df lists disk usage of guests without needing to install any
> software inside the virtual machine.  Supports Linux and Windows.
> http://people.redhat.com/~rjones/virt-df/
>
> _______________________________________________
> Libguestfs mailing list
> Libguestfs at redhat.com
> https://www.redhat.com/mailman/listinfo/libguestfs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20140114/d52511fc/attachment.htm>

More information about the Libguestfs mailing list