/src/libevtx/libfwevt/libfwevt_data_segment.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Data segment functions |
3 | | * |
4 | | * Copyright (C) 2011-2024, Joachim Metz <joachim.metz@gmail.com> |
5 | | * |
6 | | * Refer to AUTHORS for acknowledgements. |
7 | | * |
8 | | * This program is free software: you can redistribute it and/or modify |
9 | | * it under the terms of the GNU Lesser General Public License as published by |
10 | | * the Free Software Foundation, either version 3 of the License, or |
11 | | * (at your option) any later version. |
12 | | * |
13 | | * This program is distributed in the hope that it will be useful, |
14 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | | * GNU General Public License for more details. |
17 | | * |
18 | | * You should have received a copy of the GNU Lesser General Public License |
19 | | * along with this program. If not, see <https://www.gnu.org/licenses/>. |
20 | | */ |
21 | | |
22 | | #include <common.h> |
23 | | #include <memory.h> |
24 | | #include <types.h> |
25 | | |
26 | | #include "libfwevt_data_segment.h" |
27 | | #include "libfwevt_definitions.h" |
28 | | #include "libfwevt_libcerror.h" |
29 | | #include "libfwevt_libfdatetime.h" |
30 | | #include "libfwevt_libfguid.h" |
31 | | #include "libfwevt_libfwnt.h" |
32 | | |
33 | | /* Creates a data segment |
34 | | * Make sure the value data_segment is referencing, is set to NULL |
35 | | * Returns 1 if successful or -1 on error |
36 | | */ |
37 | | int libfwevt_data_segment_initialize( |
38 | | libfwevt_data_segment_t **data_segment, |
39 | | const uint8_t *data, |
40 | | size_t data_size, |
41 | | libcerror_error_t **error ) |
42 | 2.75M | { |
43 | 2.75M | static char *function = "libfwevt_data_segment_initialize"; |
44 | | |
45 | 2.75M | if( data_segment == NULL ) |
46 | 0 | { |
47 | 0 | libcerror_error_set( |
48 | 0 | error, |
49 | 0 | LIBCERROR_ERROR_DOMAIN_ARGUMENTS, |
50 | 0 | LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE, |
51 | 0 | "%s: invalid data segment.", |
52 | 0 | function ); |
53 | |
|
54 | 0 | return( -1 ); |
55 | 0 | } |
56 | 2.75M | if( *data_segment != NULL ) |
57 | 0 | { |
58 | 0 | libcerror_error_set( |
59 | 0 | error, |
60 | 0 | LIBCERROR_ERROR_DOMAIN_RUNTIME, |
61 | 0 | LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET, |
62 | 0 | "%s: invalid data segment value already set.", |
63 | 0 | function ); |
64 | |
|
65 | 0 | return( -1 ); |
66 | 0 | } |
67 | 2.75M | if( data == NULL ) |
68 | 0 | { |
69 | 0 | libcerror_error_set( |
70 | 0 | error, |
71 | 0 | LIBCERROR_ERROR_DOMAIN_ARGUMENTS, |
72 | 0 | LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE, |
73 | 0 | "%s: invalid data.", |
74 | 0 | function ); |
75 | |
|
76 | 0 | return( -1 ); |
77 | 0 | } |
78 | 2.75M | if( data_size > (size_t) MEMORY_MAXIMUM_ALLOCATION_SIZE ) |
79 | 0 | { |
80 | 0 | libcerror_error_set( |
81 | 0 | error, |
82 | 0 | LIBCERROR_ERROR_DOMAIN_ARGUMENTS, |
83 | 0 | LIBCERROR_ARGUMENT_ERROR_VALUE_OUT_OF_BOUNDS, |
84 | 0 | "%s: invalid data size value out of bounds.", |
85 | 0 | function ); |
86 | |
|
87 | 0 | return( -1 ); |
88 | 0 | } |
89 | 2.75M | *data_segment = memory_allocate_structure( |
90 | 2.75M | libfwevt_data_segment_t ); |
91 | | |
92 | 2.75M | if( *data_segment == NULL ) |
93 | 0 | { |
94 | 0 | libcerror_error_set( |
95 | 0 | error, |
96 | 0 | LIBCERROR_ERROR_DOMAIN_MEMORY, |
97 | 0 | LIBCERROR_MEMORY_ERROR_INSUFFICIENT, |
98 | 0 | "%s: unable to create data segment.", |
99 | 0 | function ); |
100 | |
|
101 | 0 | goto on_error; |
102 | 0 | } |
103 | 2.75M | if( memory_set( |
104 | 2.75M | *data_segment, |
105 | 2.75M | 0, |
106 | 2.75M | sizeof( libfwevt_data_segment_t ) ) == NULL ) |
107 | 0 | { |
108 | 0 | libcerror_error_set( |
109 | 0 | error, |
110 | 0 | LIBCERROR_ERROR_DOMAIN_MEMORY, |
111 | 0 | LIBCERROR_MEMORY_ERROR_SET_FAILED, |
112 | 0 | "%s: unable to clear data segment.", |
113 | 0 | function ); |
114 | |
|
115 | 0 | memory_free( |
116 | 0 | *data_segment ); |
117 | |
|
118 | 0 | *data_segment = NULL; |
119 | |
|
120 | 0 | return( -1 ); |
121 | 0 | } |
122 | 2.75M | if( data_size > 0 ) |
123 | 1.39M | { |
124 | 1.39M | ( *data_segment)->data = (uint8_t *) memory_allocate( |
125 | 1.39M | sizeof( uint8_t ) * data_size ); |
126 | | |
127 | 1.39M | if( ( *data_segment)->data == NULL ) |
128 | 0 | { |
129 | 0 | libcerror_error_set( |
130 | 0 | error, |
131 | 0 | LIBCERROR_ERROR_DOMAIN_MEMORY, |
132 | 0 | LIBCERROR_MEMORY_ERROR_INSUFFICIENT, |
133 | 0 | "%s: unable to create data.", |
134 | 0 | function ); |
135 | |
|
136 | 0 | goto on_error; |
137 | 0 | } |
138 | 1.39M | ( *data_segment)->data_size = data_size; |
139 | | |
140 | 1.39M | if( memory_copy( |
141 | 1.39M | ( *data_segment)->data, |
142 | 1.39M | data, |
143 | 1.39M | data_size ) == NULL ) |
144 | 0 | { |
145 | 0 | libcerror_error_set( |
146 | 0 | error, |
147 | 0 | LIBCERROR_ERROR_DOMAIN_MEMORY, |
148 | 0 | LIBCERROR_MEMORY_ERROR_COPY_FAILED, |
149 | 0 | "%s: unable to copy data.", |
150 | 0 | function ); |
151 | |
|
152 | 0 | goto on_error; |
153 | 0 | } |
154 | 1.39M | } |
155 | 2.75M | return( 1 ); |
156 | | |
157 | 0 | on_error: |
158 | 0 | if( *data_segment != NULL ) |
159 | 0 | { |
160 | 0 | if( ( *data_segment )->data != NULL ) |
161 | 0 | { |
162 | 0 | memory_free( |
163 | 0 | ( *data_segment )->data ); |
164 | 0 | } |
165 | 0 | memory_free( |
166 | 0 | *data_segment ); |
167 | |
|
168 | 0 | *data_segment = NULL; |
169 | 0 | } |
170 | 0 | return( -1 ); |
171 | 2.75M | } |
172 | | |
173 | | /* Frees a data segment |
174 | | * Returns 1 if successful or -1 on error |
175 | | */ |
176 | | int libfwevt_data_segment_free( |
177 | | libfwevt_data_segment_t **data_segment, |
178 | | libcerror_error_t **error ) |
179 | 2.75M | { |
180 | 2.75M | static char *function = "libfwevt_data_segment_free"; |
181 | 2.75M | int result = 1; |
182 | | |
183 | 2.75M | if( data_segment == NULL ) |
184 | 0 | { |
185 | 0 | libcerror_error_set( |
186 | 0 | error, |
187 | 0 | LIBCERROR_ERROR_DOMAIN_ARGUMENTS, |
188 | 0 | LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE, |
189 | 0 | "%s: invalid data segment.", |
190 | 0 | function ); |
191 | |
|
192 | 0 | return( -1 ); |
193 | 0 | } |
194 | 2.75M | if( *data_segment != NULL ) |
195 | 2.75M | { |
196 | 2.75M | switch( ( *data_segment )->cached_value_type & 0x7f ) |
197 | 2.75M | { |
198 | 0 | case LIBFWEVT_VALUE_TYPE_GUID: |
199 | 0 | if( libfguid_identifier_free( |
200 | 0 | &( ( *data_segment )->guid ), |
201 | 0 | error ) != 1 ) |
202 | 0 | { |
203 | 0 | libcerror_error_set( |
204 | 0 | error, |
205 | 0 | LIBCERROR_ERROR_DOMAIN_RUNTIME, |
206 | 0 | LIBCERROR_RUNTIME_ERROR_FINALIZE_FAILED, |
207 | 0 | "%s: unable to free GUID.", |
208 | 0 | function ); |
209 | |
|
210 | 0 | result = -1; |
211 | 0 | } |
212 | 0 | break; |
213 | | |
214 | 0 | case LIBFWEVT_VALUE_TYPE_FILETIME: |
215 | 0 | if( libfdatetime_filetime_free( |
216 | 0 | &( ( *data_segment )->filetime ), |
217 | 0 | error ) != 1 ) |
218 | 0 | { |
219 | 0 | libcerror_error_set( |
220 | 0 | error, |
221 | 0 | LIBCERROR_ERROR_DOMAIN_RUNTIME, |
222 | 0 | LIBCERROR_RUNTIME_ERROR_FINALIZE_FAILED, |
223 | 0 | "%s: unable to free FILETIME.", |
224 | 0 | function ); |
225 | |
|
226 | 0 | result = -1; |
227 | 0 | } |
228 | 0 | break; |
229 | | |
230 | 0 | case LIBFWEVT_VALUE_TYPE_SYSTEMTIME: |
231 | 0 | if( libfdatetime_systemtime_free( |
232 | 0 | &( ( *data_segment )->systemtime ), |
233 | 0 | error ) != 1 ) |
234 | 0 | { |
235 | 0 | libcerror_error_set( |
236 | 0 | error, |
237 | 0 | LIBCERROR_ERROR_DOMAIN_RUNTIME, |
238 | 0 | LIBCERROR_RUNTIME_ERROR_FINALIZE_FAILED, |
239 | 0 | "%s: unable to free SYSTEMTIME.", |
240 | 0 | function ); |
241 | |
|
242 | 0 | result = -1; |
243 | 0 | } |
244 | 0 | break; |
245 | | |
246 | 0 | case LIBFWEVT_VALUE_TYPE_NT_SECURITY_IDENTIFIER: |
247 | 0 | if( libfwnt_security_identifier_free( |
248 | 0 | &( ( *data_segment )->security_identifier ), |
249 | 0 | error ) != 1 ) |
250 | 0 | { |
251 | 0 | libcerror_error_set( |
252 | 0 | error, |
253 | 0 | LIBCERROR_ERROR_DOMAIN_RUNTIME, |
254 | 0 | LIBCERROR_RUNTIME_ERROR_FINALIZE_FAILED, |
255 | 0 | "%s: unable to free NT security identifier.", |
256 | 0 | function ); |
257 | |
|
258 | 0 | result = -1; |
259 | 0 | } |
260 | 0 | break; |
261 | 2.75M | } |
262 | 2.75M | if( ( *data_segment )->data != NULL ) |
263 | 1.39M | { |
264 | 1.39M | memory_free( |
265 | 1.39M | ( *data_segment )->data ); |
266 | 1.39M | } |
267 | 2.75M | memory_free( |
268 | 2.75M | *data_segment ); |
269 | | |
270 | 2.75M | *data_segment = NULL; |
271 | 2.75M | } |
272 | 2.75M | return( result ); |
273 | 2.75M | } |
274 | | |