diff --git a/configure.ac b/configure.ac index c90de8f..f51519d 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ AC_PREREQ( 2.59 ) AC_INIT( [libevt], - [20180125], + [20180317], [joachim.metz@gmail.com]) AC_CONFIG_SRCDIR( @@ -48,6 +48,12 @@ AX_COMMON_CHECK_ENABLE_WINAPI dnl Check if wide character type should be enabled AX_COMMON_CHECK_ENABLE_WIDE_CHARACTER_TYPE +dnl Check if verbose output should be enabled +AX_COMMON_CHECK_ENABLE_VERBOSE_OUTPUT + +dnl Check if debug output should be enabled +AX_COMMON_CHECK_ENABLE_DEBUG_OUTPUT + dnl Check for type definitions AX_TYPES_CHECK_LOCAL @@ -146,12 +152,6 @@ AX_LIBCDIRECTORY_CHECK_ENABLE dnl Check if evttools required headers and functions are available AX_EVTTOOLS_CHECK_LOCAL -dnl Check if libevt should be build with verbose output -AX_COMMON_CHECK_ENABLE_VERBOSE_OUTPUT - -dnl Check if libevt should be build with debug output -AX_COMMON_CHECK_ENABLE_DEBUG_OUTPUT - dnl Check if tests required headers and functions are available AX_TESTS_CHECK_LOCAL diff --git a/libevt.nuspec b/libevt.nuspec index 3603086..a390283 100644 --- a/libevt.nuspec +++ b/libevt.nuspec @@ -2,7 +2,7 @@ libevt - 20180125 + 20180317 Joachim Metz joachimmetz https://raw.githubusercontent.com/libyal/libevt/master/COPYING @@ -10,7 +10,7 @@ false libevt Library to access the Windows Event Log (EVT) format - Release of libevt 20180125 + Release of libevt 20180317 Copyright (C) 2011-2018 native diff --git a/libevt/libevt_libfvalue.h b/libevt/libevt_libfvalue.h index fb914f4..4dc9a4e 100644 --- a/libevt/libevt_libfvalue.h +++ b/libevt/libevt_libfvalue.h @@ -29,6 +29,7 @@ #if defined( HAVE_LOCAL_LIBFVALUE ) #include +#include #include #include #include diff --git a/libevt/libevt_record_values.c b/libevt/libevt_record_values.c index 879dff2..3d44871 100644 --- a/libevt/libevt_record_values.c +++ b/libevt/libevt_record_values.c @@ -1157,6 +1157,17 @@ int libevt_record_values_read_event( } if( user_sid_size != 0 ) { + if( user_sid_size > ( ( record_data_size - 4 ) - user_sid_offset ) ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: user SID data size value out of bounds.", + function ); + + goto on_error; + } if( libfvalue_value_type_initialize( &( record_values->user_security_identifier ), LIBFVALUE_VALUE_TYPE_NT_SECURITY_IDENTIFIER, @@ -1218,6 +1229,17 @@ int libevt_record_values_read_event( } if( strings_size != 0 ) { + if( strings_size > ( ( record_data_size - 4 ) - strings_offset ) ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: strings size value out of bounds.", + function ); + + goto on_error; + } #if defined( HAVE_DEBUG_OUTPUT ) if( libcnotify_verbose != 0 ) { @@ -1285,6 +1307,17 @@ int libevt_record_values_read_event( } if( data_size != 0 ) { + if( data_size > ( ( record_data_size - 4 ) - data_offset ) ) + { + libcerror_error_set( + error, + LIBCERROR_ERROR_DOMAIN_RUNTIME, + LIBCERROR_RUNTIME_ERROR_VALUE_OUT_OF_BOUNDS, + "%s: data size value out of bounds.", + function ); + + goto on_error; + } #if defined( HAVE_DEBUG_OUTPUT ) if( libcnotify_verbose != 0 ) { @@ -1292,7 +1325,7 @@ int libevt_record_values_read_event( "%s: data:\n", function ); libcnotify_print_data( - &( record_data[ data_offset ] ), + &( record_data[ record_data_offset ] ), (size_t) data_size, LIBCNOTIFY_PRINT_DATA_FLAG_GROUP_DATA ); } diff --git a/m4/libcdata.m4 b/m4/libcdata.m4 index c19c04f..f4067aa 100644 --- a/m4/libcdata.m4 +++ b/m4/libcdata.m4 @@ -1,6 +1,6 @@ dnl Checks for libcdata or required headers and functions dnl -dnl Version: 20170904 +dnl Version: 20180316 dnl Function to detect if libcdata is available dnl ac_libcdata_dummy is used to prevent AC_CHECK_LIB adding unnecessary -l arguments @@ -123,6 +123,48 @@ AC_DEFUN([AX_LIBCDATA_CHECK_LIB], [ac_cv_libcdata_dummy=yes], [ac_cv_libcdata=no]) + dnl Balanced tree functions + AC_CHECK_LIB( + cdata, + libfdata_btree_initialize, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + AC_CHECK_LIB( + cdata, + libcdata_btree_free, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + AC_CHECK_LIB( + cdata, + libcdata_btree_get_number_of_values, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + AC_CHECK_LIB( + cdata, + libcdata_btree_get_value_by_index, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + AC_CHECK_LIB( + cdata, + libcdata_btree_get_value_by_value, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + AC_CHECK_LIB( + cdata, + libcdata_btree_insert_value, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + AC_CHECK_LIB( + cdata, + libcdata_btree_replace_value, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + AC_CHECK_LIB( + cdata, + libcdata_btree_remove_value, + [ac_cv_libcdata_dummy=yes], + [ac_cv_libcdata=no]) + dnl List functions AC_CHECK_LIB( cdata, diff --git a/m4/libcsplit.m4 b/m4/libcsplit.m4 index f49d839..c911016 100644 --- a/m4/libcsplit.m4 +++ b/m4/libcsplit.m4 @@ -1,6 +1,6 @@ dnl Checks for libcsplit or required headers and functions dnl -dnl Version: 20170903 +dnl Version: 20180217 dnl Function to detect if libcsplit is available dnl ac_libcsplit_dummy is used to prevent AC_CHECK_LIB adding unnecessary -l arguments @@ -111,7 +111,7 @@ AC_DEFUN([AX_LIBCSPLIT_CHECK_LIB], AS_IF( [test "x$ac_cv_enable_wide_character_type" != xno], [AC_CHECK_LIB( - csplit, + csplit, libcsplit_wide_string_split, [ac_cv_libcsplit_dummy=yes], [ac_cv_libcsplit=no]) diff --git a/m4/libfdata.m4 b/m4/libfdata.m4 index 3e7670d..6dfec55 100644 --- a/m4/libfdata.m4 +++ b/m4/libfdata.m4 @@ -1,6 +1,6 @@ dnl Functions for libfdata dnl -dnl Version: 20170905 +dnl Version: 20180316 dnl Function to detect if libfdata is available dnl ac_libfdata_dummy is used to prevent AC_CHECK_LIB adding unnecessary -l arguments @@ -49,7 +49,76 @@ AC_DEFUN([AX_LIBFDATA_CHECK_LIB], [ac_cv_libfdata=no]) dnl Area functions - dnl TODO: add functions + AC_CHECK_LIB( + fdata, + libfdata_area_initialize, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_free, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_clone, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_empty, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_resize, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_get_number_of_segments, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_get_segment_by_index, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_set_segment_by_index, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_prepend_segment, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_append_segment, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_get_element_data_size, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_get_element_value_at_offset, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_set_element_value_at_offset, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) + AC_CHECK_LIB( + fdata, + libfdata_area_get_size, + [ac_cv_libfdata_dummy=yes], + [ac_cv_libfdata=no]) dnl Balanced tree functions dnl TODO: add functions diff --git a/runtests.sh b/runtests.sh index 49c7d09..0ef7640 100755 --- a/runtests.sh +++ b/runtests.sh @@ -1,7 +1,7 @@ #!/bin/bash # Script that runs the tests # -# Version: 20171210 +# Version: 20180214 EXIT_SUCCESS=0; EXIT_FAILURE=1; @@ -201,6 +201,14 @@ echo "${CONFIGURE_HELP}" | grep -- '--enable-wide-character-type' > /dev/null; HAVE_ENABLE_WIDE_CHARACTER_TYPE=$?; +echo "${CONFIGURE_HELP}" | grep -- '--enable-verbose-output' > /dev/null; + +HAVE_ENABLE_VERBOSE_OUTPUT=$?; + +echo "${CONFIGURE_HELP}" | grep -- '--enable-debug-output' > /dev/null; + +HAVE_ENABLE_DEBUG_OUTPUT=$?; + echo "${CONFIGURE_HELP}" | grep -- '--with-zlib' > /dev/null; HAVE_WITH_ZLIB=$?; @@ -230,6 +238,19 @@ then exit ${EXIT_FAILURE}; fi +if test ${HAVE_ENABLE_VERBOSE_OUTPUT} -eq 0 && test ${HAVE_ENABLE_DEBUG_OUTPUT} -eq 0; +then + # Test "./configure && make && make check" with verbose and debug output. + + run_configure_make_check "--enable-verbose-output --enable-debug-output"; + RESULT=$?; + + if test ${RESULT} -ne ${EXIT_SUCCESS}; + then + exit ${EXIT_FAILURE}; + fi +fi + if test ${HAVE_WITH_ZLIB} -eq 0; then # Test "./configure && make && make check" with fallback zlib implementation.