/src/libevtx/libfwevt/libfwevt_xml_token.c

Source (jump to first uncovered line)
/*
 * Windows Event Log binary XML token functions
 *
 * Copyright (C) 2011-2024, Joachim Metz <joachim.metz@gmail.com>
 *
 * Refer to AUTHORS for acknowledgements.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

#include <common.h>
#include <byte_stream.h>
#include <memory.h>
#include <types.h>

#include "libfwevt_definitions.h"
#include "libfwevt_libcerror.h"
#include "libfwevt_libcnotify.h"
#include "libfwevt_xml_token.h"

/* Creats a binary XML token
 * Make sure the value xml_token is referencing, is set to NULL
 * Returns 1 if successful or -1 on error
 */
int libfwevt_xml_token_initialize(
     libfwevt_xml_token_t **xml_token,
     libcerror_error_t **error )
{
  static char *function = "libfwevt_xml_token_initialize";

  if( xml_token == NULL )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
     LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
     "%s: invalid binary XML token.",
     function );

    return( -1 );
  }
  if( *xml_token != NULL )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_RUNTIME,
     LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET,
     "%s: invalid binary XML token value already set.",
     function );

    return( -1 );
  }
  *xml_token = memory_allocate_structure(
                libfwevt_xml_token_t );

  if( *xml_token == NULL )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_MEMORY,
     LIBCERROR_MEMORY_ERROR_INSUFFICIENT,
     "%s: unable to create binary XML token.",
     function );

    goto on_error;
  }
  if( memory_set(
       *xml_token,
       0,
       sizeof( libfwevt_xml_token_t ) ) == NULL )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_MEMORY,
     LIBCERROR_MEMORY_ERROR_SET_FAILED,
     "%s: unable to clear binary XML token.",
     function );

    goto on_error;
  }
  return( 1 );

on_error:
  if( *xml_token != NULL )
  {
    memory_free(
     *xml_token );

    *xml_token = NULL;
  }
  return( -1 );
}

/* Frees a binary XML token
 * Returns 1 if successful or -1 on error
 */
int libfwevt_xml_token_free(
     libfwevt_xml_token_t **xml_token,
     libcerror_error_t **error )
{
  static char *function = "libfwevt_xml_token_free";
  int result            = 1;

  if( xml_token == NULL )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
     LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
     "%s: invalid binary XML token.",
     function );

    return( -1 );
  }
  if( *xml_token != NULL )
  {
    memory_free(
     *xml_token );

    *xml_token = NULL;
  }
  return( result );
}

/* Reads the binary XML token
 * Returns 1 if successful or -1 on error
 */
int libfwevt_xml_token_read_data(
     libfwevt_xml_token_t *xml_token,
     const uint8_t *chunk_data,
     size_t chunk_data_size,
     size_t chunk_data_offset,
     libcerror_error_t **error )
{
  static char *function  = "libfwevt_xml_token_read_data";
  uint8_t xml_token_type = 0;

  if( xml_token == NULL )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
     LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
     "%s: invalid binary XML token.",
     function );

    return( -1 );
  }
  if( chunk_data == NULL )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
     LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
     "%s: invalid chunk data.",
     function );

    return( -1 );
  }
  if( chunk_data_size > (size_t) SSIZE_MAX )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
     LIBCERROR_ARGUMENT_ERROR_VALUE_EXCEEDS_MAXIMUM,
     "%s: invalid binary XML token data size value exceeds maximum.",
     function );

    return( -1 );
  }
  if( chunk_data_offset >= chunk_data_size )
  {
    libcerror_error_set(
     error,
     LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
     LIBCERROR_ARGUMENT_ERROR_VALUE_OUT_OF_BOUNDS,
     "%s: invalid chunk data offset value out of bounds.",
     function );

    return( -1 );
  }
  xml_token_type = chunk_data[ chunk_data_offset ];

  switch( xml_token_type )
  {
    case LIBFWEVT_XML_TOKEN_END_OF_FILE:
    case LIBFWEVT_XML_TOKEN_CLOSE_START_ELEMENT_TAG:
    case LIBFWEVT_XML_TOKEN_CLOSE_EMPTY_ELEMENT_TAG:
    case LIBFWEVT_XML_TOKEN_END_ELEMENT_TAG:
    case LIBFWEVT_XML_TOKEN_OPEN_START_ELEMENT_TAG:
    case LIBFWEVT_XML_TOKEN_OPEN_START_ELEMENT_TAG | LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
    case LIBFWEVT_XML_TOKEN_VALUE:
    case LIBFWEVT_XML_TOKEN_VALUE | LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
    case LIBFWEVT_XML_TOKEN_ATTRIBUTE:
    case LIBFWEVT_XML_TOKEN_ATTRIBUTE | LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
    case LIBFWEVT_XML_TOKEN_CDATA_SECTION:
    case LIBFWEVT_XML_TOKEN_CDATA_SECTION | LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
    case LIBFWEVT_XML_TOKEN_CHARACTER_REFERENCE:
    case LIBFWEVT_XML_TOKEN_CHARACTER_REFERENCE | LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
    case LIBFWEVT_XML_TOKEN_ENTITY_REFERENCE:
    case LIBFWEVT_XML_TOKEN_ENTITY_REFERENCE | LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
    case LIBFWEVT_XML_TOKEN_PI_TARGET:
    case LIBFWEVT_XML_TOKEN_PI_DATA:
    case LIBFWEVT_XML_TOKEN_TEMPLATE_INSTANCE:
    case LIBFWEVT_XML_TOKEN_NORMAL_SUBSTITUTION:
    case LIBFWEVT_XML_TOKEN_OPTIONAL_SUBSTITUTION:
    case LIBFWEVT_XML_TOKEN_FRAGMENT_HEADER:
      break;

    default:
      libcerror_error_set(
       error,
       LIBCERROR_ERROR_DOMAIN_RUNTIME,
       LIBCERROR_RUNTIME_ERROR_UNSUPPORTED_VALUE,
       "%s: unsupported binary XML token type: 0x%02" PRIx8 ".",
       function,
       xml_token_type );

      return( -1 );
  }
  xml_token->type = xml_token_type;

  return( 1 );
}


Coverage Report

Created: 2025-06-13 07:22

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Windows Event Log binary XML token functions
3		*
4		* Copyright (C) 2011-2024, Joachim Metz <joachim.metz@gmail.com>
5		*
6		* Refer to AUTHORS for acknowledgements.
7		*
8		* This program is free software: you can redistribute it and/or modify
9		* it under the terms of the GNU Lesser General Public License as published by
10		* the Free Software Foundation, either version 3 of the License, or
11		* (at your option) any later version.
12		*
13		* This program is distributed in the hope that it will be useful,
14		* but WITHOUT ANY WARRANTY; without even the implied warranty of
15		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16		* GNU General Public License for more details.
17		*
18		* You should have received a copy of the GNU Lesser General Public License
19		* along with this program. If not, see <https://www.gnu.org/licenses/>.
20		*/
21
22		#include <common.h>
23		#include <byte_stream.h>
24		#include <memory.h>
25		#include <types.h>
26
27		#include "libfwevt_definitions.h"
28		#include "libfwevt_libcerror.h"
29		#include "libfwevt_libcnotify.h"
30		#include "libfwevt_xml_token.h"
31
32		/* Creats a binary XML token
33		* Make sure the value xml_token is referencing, is set to NULL
34		* Returns 1 if successful or -1 on error
35		*/
36		int libfwevt_xml_token_initialize(
37		libfwevt_xml_token_t **xml_token,
38		libcerror_error_t **error )
39	2.17M	{
40	2.17M	static char *function = "libfwevt_xml_token_initialize";
41
42	2.17M	if( xml_token == NULL )
43	0	{
44	0	libcerror_error_set(
45	0	error,
46	0	LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
47	0	LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
48	0	"%s: invalid binary XML token.",
49	0	function );
50
51	0	return( -1 );
52	0	}
53	2.17M	if( *xml_token != NULL )
54	0	{
55	0	libcerror_error_set(
56	0	error,
57	0	LIBCERROR_ERROR_DOMAIN_RUNTIME,
58	0	LIBCERROR_RUNTIME_ERROR_VALUE_ALREADY_SET,
59	0	"%s: invalid binary XML token value already set.",
60	0	function );
61
62	0	return( -1 );
63	0	}
64	2.17M	*xml_token = memory_allocate_structure(
65	2.17M	libfwevt_xml_token_t );
66
67	2.17M	if( *xml_token == NULL )
68	0	{
69	0	libcerror_error_set(
70	0	error,
71	0	LIBCERROR_ERROR_DOMAIN_MEMORY,
72	0	LIBCERROR_MEMORY_ERROR_INSUFFICIENT,
73	0	"%s: unable to create binary XML token.",
74	0	function );
75
76	0	goto on_error;
77	0	}
78	2.17M	if( memory_set(
79	2.17M	*xml_token,
80	2.17M	0,
81	2.17M	sizeof( libfwevt_xml_token_t ) ) == NULL )
82	0	{
83	0	libcerror_error_set(
84	0	error,
85	0	LIBCERROR_ERROR_DOMAIN_MEMORY,
86	0	LIBCERROR_MEMORY_ERROR_SET_FAILED,
87	0	"%s: unable to clear binary XML token.",
88	0	function );
89
90	0	goto on_error;
91	0	}
92	2.17M	return( 1 );
93
94	0	on_error:
95	0	if( *xml_token != NULL )
96	0	{
97	0	memory_free(
98	0	*xml_token );
99
100	0	*xml_token = NULL;
101	0	}
102	0	return( -1 );
103	2.17M	}
104
105		/* Frees a binary XML token
106		* Returns 1 if successful or -1 on error
107		*/
108		int libfwevt_xml_token_free(
109		libfwevt_xml_token_t **xml_token,
110		libcerror_error_t **error )
111	2.17M	{
112	2.17M	static char *function = "libfwevt_xml_token_free";
113	2.17M	int result = 1;
114
115	2.17M	if( xml_token == NULL )
116	0	{
117	0	libcerror_error_set(
118	0	error,
119	0	LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
120	0	LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
121	0	"%s: invalid binary XML token.",
122	0	function );
123
124	0	return( -1 );
125	0	}
126	2.17M	if( *xml_token != NULL )
127	2.17M	{
128	2.17M	memory_free(
129	2.17M	*xml_token );
130
131	2.17M	*xml_token = NULL;
132	2.17M	}
133	2.17M	return( result );
134	2.17M	}
135
136		/* Reads the binary XML token
137		* Returns 1 if successful or -1 on error
138		*/
139		int libfwevt_xml_token_read_data(
140		libfwevt_xml_token_t *xml_token,
141		const uint8_t *chunk_data,
142		size_t chunk_data_size,
143		size_t chunk_data_offset,
144		libcerror_error_t **error )
145	7.29M	{
146	7.29M	static char *function = "libfwevt_xml_token_read_data";
147	7.29M	uint8_t xml_token_type = 0;
148
149	7.29M	if( xml_token == NULL )
150	0	{
151	0	libcerror_error_set(
152	0	error,
153	0	LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
154	0	LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
155	0	"%s: invalid binary XML token.",
156	0	function );
157
158	0	return( -1 );
159	0	}
160	7.29M	if( chunk_data == NULL )
161	0	{
162	0	libcerror_error_set(
163	0	error,
164	0	LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
165	0	LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
166	0	"%s: invalid chunk data.",
167	0	function );
168
169	0	return( -1 );
170	0	}
171	7.29M	if( chunk_data_size > (size_t) SSIZE_MAX )
172	0	{
173	0	libcerror_error_set(
174	0	error,
175	0	LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
176	0	LIBCERROR_ARGUMENT_ERROR_VALUE_EXCEEDS_MAXIMUM,
177	0	"%s: invalid binary XML token data size value exceeds maximum.",
178	0	function );
179
180	0	return( -1 );
181	0	}
182	7.29M	if( chunk_data_offset >= chunk_data_size )
183	197	{
184	197	libcerror_error_set(
185	197	error,
186	197	LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
187	197	LIBCERROR_ARGUMENT_ERROR_VALUE_OUT_OF_BOUNDS,
188	197	"%s: invalid chunk data offset value out of bounds.",
189	197	function );
190
191	197	return( -1 );
192	197	}
193	7.29M	xml_token_type = chunk_data[ chunk_data_offset ];
194
195	7.29M	switch( xml_token_type )
196	7.29M	{
197	80.6k	case LIBFWEVT_XML_TOKEN_END_OF_FILE:
198	941k	case LIBFWEVT_XML_TOKEN_CLOSE_START_ELEMENT_TAG:
199	1.30M	case LIBFWEVT_XML_TOKEN_CLOSE_EMPTY_ELEMENT_TAG:
200	2.09M	case LIBFWEVT_XML_TOKEN_END_ELEMENT_TAG:
201	2.76M	case LIBFWEVT_XML_TOKEN_OPEN_START_ELEMENT_TAG:
202	3.26M	case LIBFWEVT_XML_TOKEN_OPEN_START_ELEMENT_TAG \| LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
203	4.76M	case LIBFWEVT_XML_TOKEN_VALUE:
204	5.04M	case LIBFWEVT_XML_TOKEN_VALUE \| LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
205	5.55M	case LIBFWEVT_XML_TOKEN_ATTRIBUTE:
206	5.83M	case LIBFWEVT_XML_TOKEN_ATTRIBUTE \| LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
207	5.86M	case LIBFWEVT_XML_TOKEN_CDATA_SECTION:
208	5.86M	case LIBFWEVT_XML_TOKEN_CDATA_SECTION \| LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
209	5.86M	case LIBFWEVT_XML_TOKEN_CHARACTER_REFERENCE:
210	5.86M	case LIBFWEVT_XML_TOKEN_CHARACTER_REFERENCE \| LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
211	5.89M	case LIBFWEVT_XML_TOKEN_ENTITY_REFERENCE:
212	5.89M	case LIBFWEVT_XML_TOKEN_ENTITY_REFERENCE \| LIBFWEVT_XML_TOKEN_FLAG_HAS_MORE_DATA:
213	5.89M	case LIBFWEVT_XML_TOKEN_PI_TARGET:
214	5.90M	case LIBFWEVT_XML_TOKEN_PI_DATA:
215	5.98M	case LIBFWEVT_XML_TOKEN_TEMPLATE_INSTANCE:
216	6.08M	case LIBFWEVT_XML_TOKEN_NORMAL_SUBSTITUTION:
217	7.16M	case LIBFWEVT_XML_TOKEN_OPTIONAL_SUBSTITUTION:
218	7.29M	case LIBFWEVT_XML_TOKEN_FRAGMENT_HEADER:
219	7.29M	break;
220
221	175	default:
222	175	libcerror_error_set(
223	175	error,
224	175	LIBCERROR_ERROR_DOMAIN_RUNTIME,
225	175	LIBCERROR_RUNTIME_ERROR_UNSUPPORTED_VALUE,
226	175	"%s: unsupported binary XML token type: 0x%02" PRIx8 ".",
227	175	function,
228	175	xml_token_type );
229
230	175	return( -1 );
231	7.29M	}
232	7.29M	xml_token->type = xml_token_type;
233
234	7.29M	return( 1 );
235	7.29M	}
236