Control: tags -1 patch Hello Lucas, Hello Debian Forensics Team,
I grabbed 2 patches from upstream to fix the build failure against libewf2, please find them attached. Note that the package will still FTBFS because libewf2 doesn't declare a dependency to libbfio-dev, see http://bugs.debian.org/721427 Cheers, Andreas
Description: Fix detection of libewf v2 API. Author: Joachim Metz Origin: upstream, https://github.com/sleuthkit/sleuthkit/commit/ee5515215c1f618bf966d175ace1270fea7c5d4b Bug: http://sourceforge.net/p/sleuthkit/bugs/208/ Last-Update: <2013-08-29> --- sleuthkit-3.2.3.orig/configure.ac +++ sleuthkit-3.2.3/configure.ac @@ -121,7 +121,7 @@ AS_IF([test "x$with_libewf" != "xno"], )] # Check for the header file first to make sure they have the dev install [AC_CHECK_HEADERS([libewf.h], - [AC_CHECK_LIB([ewf], [libewf_open],[ + [AC_CHECK_LIB([ewf], [libewf_get_version],[ AC_SUBST([LIBEWF_LIBS],["-lewf"]) AC_DEFINE([HAVE_LIBEWF],[1],[Define to have libewf header included.]) ])]
Description: Fix build with libewf2 Author: Omar Choudary Origin: upstream, https://github.com/sleuthkit/sleuthkit/commit/7dcf7863b449f6058952489b0367cf0c1fbd0964 Bug: http://sourceforge.net/p/sleuthkit/feature-requests/73/ Last-Update: <2013-08-30> Index: sleuthkit-3.2.3/tsk3/img/ewf.c =================================================================== --- sleuthkit-3.2.3.orig/tsk3/img/ewf.c 2013-08-31 10:13:21.397922919 +0000 +++ sleuthkit-3.2.3/tsk3/img/ewf.c 2013-08-31 11:05:10.793936030 +0000 @@ -14,67 +14,160 @@ #include "tsk_img_i.h" #if HAVE_LIBEWF + #include "ewf.h" -static ssize_t -ewf_image_read(TSK_IMG_INFO * img_info, TSK_OFF_T offset, char *buf, - size_t len) +#define TSK_EWF_ERROR_STRING_SIZE 512 + +static \ +ssize_t ewf_image_read( + TSK_IMG_INFO *img_info, + TSK_OFF_T offset, + char *buffer, + size_t size ) { - ssize_t cnt; - IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info; +#if defined( HAVE_LIBEWF_V2_API ) + char error_string[ TSK_EWF_ERROR_STRING_SIZE ]; - if (tsk_verbose) - tsk_fprintf(stderr, - "ewf_read: byte offset: %" PRIuOFF " len: %" PRIuSIZE "\n", - offset, len); - - if (offset > img_info->size) { - tsk_error_reset(); - tsk_errno = TSK_ERR_IMG_READ_OFF; - snprintf(tsk_errstr, TSK_ERRSTR_L, - "split_read - %" PRIuOFF, offset); - return -1; - } + libewf_error_t *ewf_error = NULL; +#endif - cnt = libewf_read_random(ewf_info->handle, buf, len, offset); - if (cnt < 0) { - tsk_error_reset(); - // @@@ Add more specific error message - tsk_error_reset(); - tsk_errno = TSK_ERR_IMG_READ; - snprintf(tsk_errstr, TSK_ERRSTR_L, - "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE " - %s", - offset, len, strerror(errno)); - return -1; - } + IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info; + ssize_t read_count = 0; + if( tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "ewf_read: byte offset: %" PRIuOFF " len: %" PRIuSIZE "\n", + offset, + size ); + } + if( offset > img_info->size ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_READ_OFF; + + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "split_read - %" PRIuOFF, + offset ); + + return( -1 ); + } +#if defined( HAVE_LIBEWF_V2_API ) + read_count = libewf_handle_read_random( + ewf_info->handle, + buffer, + size, + offset, + &ewf_error ); + + if( read_count < 0 ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_READ; + + if( libewf_error_backtrace_sprint( + ewf_error, + error_string, + TSK_EWF_ERROR_STRING_SIZE ) == -1 ) + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE " - %s", + offset, + size, + strerror( errno ) ); + } + else + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE "\n%s", + offset, + size, + error_string ); + } + libewf_error_free( + &ewf_error ); - return cnt; + return( -1 ); + } +#else + read_count = libewf_read_random( + ewf_info->handle, + buffer, + size, + offset ); + + if( read_count < 0 ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_READ; + + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_read - offset: %" PRIuOFF " - len: %" PRIuSIZE " - %s", + offset, + size, + strerror( errno ) ); + + return( -1 ); + } +#endif + return( read_count ); } -static void -ewf_image_imgstat(TSK_IMG_INFO * img_info, FILE * hFile) +static \ +void ewf_image_imgstat( + TSK_IMG_INFO *img_info, + FILE * hFile ) { IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info; - tsk_fprintf(hFile, "IMAGE FILE INFORMATION\n"); - tsk_fprintf(hFile, "--------------------------------------------\n"); - tsk_fprintf(hFile, "Image Type:\t\tewf\n"); - tsk_fprintf(hFile, "\nSize of data in bytes:\t%" PRIuOFF "\n", - img_info->size); - - if (ewf_info->md5hash_isset == 1) { - tsk_fprintf(hFile, "MD5 hash of data:\t%s\n", ewf_info->md5hash); - } - return; + tsk_fprintf( + hFile, + "IMAGE FILE INFORMATION\n" + "--------------------------------------------\n" + "Image Type:\t\tewf\n" + "\nSize of data in bytes:\t%" PRIuOFF "\n", + img_info->size ); + + if( ewf_info->md5hash_isset == 1 ) + { + tsk_fprintf( + hFile, + "MD5 hash of data:\t%s\n", + ewf_info->md5hash ); + } + return; } -static void -ewf_image_close(TSK_IMG_INFO * img_info) +static \ +void ewf_image_close( + TSK_IMG_INFO *img_info ) { int i; IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *) img_info; - libewf_close(ewf_info->handle); +#if defined( HAVE_LIBEWF_V2_API ) + libewf_handle_close( + ewf_info->handle, + NULL ); + libewf_handle_free( + &( ewf_info->handle ), + NULL ); +#else + libewf_close( + ewf_info->handle ); +#endif for (i = 0; i < ewf_info->num_imgs; i++) { free(ewf_info->images[i]); } @@ -82,197 +175,413 @@ free(img_info); } -/* Tests if the image file header against the - * header (magic) signature specified. - * Returns a 0 on no match and a 1 on a match, and -1 on error. - */ -#if 0 -static int -img_file_header_signature_ncmp(const char *filename, - const char *file_header_signature, int size_of_signature) +TSK_IMG_INFO *ewf_open( + int num_img, + const TSK_TCHAR * const images[], + unsigned int a_ssize ) { - int match; - ssize_t read_count = 0; - char header[512]; - int fd; +#if defined( HAVE_LIBEWF_V2_API ) + char error_string[ TSK_EWF_ERROR_STRING_SIZE ]; - if ((filename == NULL) || (file_header_signature == NULL)) { - return (0); - } - if (size_of_signature <= 0) { - return (0); - } + libewf_error_t *ewf_error = NULL; + int result = 0; - if ((fd = open(filename, O_RDONLY | O_BINARY)) < 0) { - tsk_error_reset(); - tsk_errno = TSK_ERR_IMG_OPEN; - snprintf(tsk_errstr, TSK_ERRSTR_L, "ewf magic testing: %s", - filename); - return -1; - } - read_count = read(fd, header, 512); +#elif !defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ) + uint8_t md5_hash[ 16 ]; +#endif - if (read_count != 512) { - tsk_error_reset(); - tsk_errno = TSK_ERR_IMG_READ; - snprintf(tsk_errstr, TSK_ERRSTR_L, "ewf magic testing: %s", - filename); - return -1; - } - close(fd); + IMG_EWF_INFO *ewf_info = NULL; + TSK_IMG_INFO *img_info = NULL; - match = strncmp(file_header_signature, header, size_of_signature) == 0; + ewf_info = (IMG_EWF_INFO *) tsk_malloc( + sizeof( IMG_EWF_INFO ) ); - return (match); -} + if( ewf_info == NULL ) + { + return NULL; + } + img_info = (TSK_IMG_INFO *) ewf_info; + + /* Check the file signature before we call the library open + */ +#if defined( HAVE_LIBEWF_V2_API ) +#if defined( TSK_WIN32 ) + if( libewf_check_file_signature_wide( + images[ 0 ], + &ewf_error ) != 1 ) +#else + if( libewf_check_file_signature( + images[ 0 ], + &ewf_error ) != 1 ) #endif + { + tsk_error_reset(); + tsk_errno = TSK_ERR_IMG_MAGIC; -TSK_IMG_INFO * -ewf_open(int a_num_img, const TSK_TCHAR * const a_images[], - unsigned int a_ssize) -{ - IMG_EWF_INFO *ewf_info; - TSK_IMG_INFO *img_info; -#if !defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ) - uint8_t md5_hash[16]; + if( libewf_error_backtrace_sprint( + ewf_error, + error_string, + TSK_EWF_ERROR_STRING_SIZE ) == -1 ) + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open: Not an EWF file" ); + } + else + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open: Not an EWF file\n%s", + error_string ); + } + libewf_error_free( + &ewf_error ); + + free( + ewf_info ); + + if(tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Not an EWF file\n" ); + } + return( NULL ); + } + if( libewf_handle_initialize( + &( ewf_info->handle ), + &ewf_error ) != 1 ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_OPEN; + + if( libewf_error_backtrace_sprint( + ewf_error, + error_string, + TSK_EWF_ERROR_STRING_SIZE ) == -1 ) + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error opening", + images[ 0 ] ); + } + else + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error opening\n%s", + images[ 0 ], + error_string ); + } + free( + ewf_info); + + if( tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Unable to create EWF handle\n" ); + } + return( NULL ); + } +#if defined( TSK_WIN32 ) + if( libewf_handle_open_wide( + ewf_info->handle, + (wchar_t * const *) images, + num_img, + LIBEWF_OPEN_READ, + &ewf_error ) != 1 ) +#else + if( libewf_handle_open( + ewf_info->handle, + (char * const *) images, + num_img, + LIBEWF_OPEN_READ, + &ewf_error ) != 1 ) #endif + { + tsk_error_reset(); - if ((ewf_info = - (IMG_EWF_INFO *) tsk_malloc(sizeof(IMG_EWF_INFO))) == NULL) { - return NULL; - } - - img_info = (TSK_IMG_INFO *) ewf_info; + tsk_errno = TSK_ERR_IMG_OPEN; - - // See if they specified only the first of the set... - if (a_num_img == 1) { - if ((ewf_info->images = - tsk_img_findFiles(a_images[0], - &ewf_info->num_imgs)) == NULL) { - free(ewf_info); - return NULL; - } - } - else { - int i; - ewf_info->num_imgs = a_num_img; - if ((ewf_info->images = - (TSK_TCHAR **) tsk_malloc(a_num_img * - sizeof(TSK_TCHAR *))) == NULL) { - free(ewf_info); - return NULL; - } - for (i = 0; i < a_num_img; i++) { - if ((ewf_info->images[i] = - (TSK_TCHAR *) tsk_malloc((TSTRLEN(a_images[i]) + - 1) * sizeof(TSK_TCHAR))) == NULL) { - free(ewf_info); - return NULL; - } - TSTRNCPY(ewf_info->images[i], a_images[i], - TSTRLEN(a_images[i]) + 1); - } - } - - - - /* check the magic before we call the library open */ - //if (img_file_header_signature_ncmp(images[0], - // "\x45\x56\x46\x09\x0d\x0a\xff\x00", 8) != 1) { -#if defined (TSK_WIN32) - if (libewf_check_file_signature_wide(ewf_info->images[0]) == 0) { + if( libewf_error_backtrace_sprint( + ewf_error, + error_string, + TSK_EWF_ERROR_STRING_SIZE ) == -1 ) + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error opening", + images[ 0 ] ); + } + else + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error opening\n%s", + images[ 0 ], + error_string ); + } + libewf_error_free( + &ewf_error ); + + free( + ewf_info ); + + if( tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Error opening EWF file\n" ); + } + return( NULL ); + } + if( libewf_handle_get_media_size( + ewf_info->handle, + (size64_t *) &( img_info->size ), + &ewf_error ) != 1 ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_OPEN; + + if( libewf_error_backtrace_sprint( + ewf_error, + error_string, + TSK_EWF_ERROR_STRING_SIZE ) == -1 ) + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error getting size of image", + images[ 0 ] ); + } + else + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error getting size of image\n%s", + images[ 0 ], + error_string ); + } + libewf_error_free( + &ewf_error ); + + free( + ewf_info ); + + if( tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Error getting size of EWF file\n" ); + } + return( NULL ); + } + result = libewf_handle_get_utf8_hash_value_md5( + ewf_info->handle, + (uint8_t *) ewf_info->md5hash, + 33, + &ewf_error ); + + if( result == -1 ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_OPEN; + + if( libewf_error_backtrace_sprint( + ewf_error, + error_string, + TSK_EWF_ERROR_STRING_SIZE ) == -1 ) + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error getting MD5 of image", + images[ 0 ] ); + } + else + { + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error getting MD5 of image\n%s", + images[ 0 ], + error_string ); + } + libewf_error_free( + &ewf_error ); + + free( + ewf_info ); + + if( tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Error getting size of EWF file\n" ); + } + return( NULL ); + } + ewf_info->md5hash_isset = result; #else - if (libewf_check_file_signature(ewf_info->images[0]) == 0) { +#if defined( TSK_WIN32 ) + if( libewf_check_file_signature_wide( + images[ 0 ] ) != 1 ) +#else + if( libewf_check_file_signature( + images[ 0 ] ) != 1 ) #endif - tsk_error_reset(); - tsk_errno = TSK_ERR_IMG_MAGIC; - snprintf(tsk_errstr, TSK_ERRSTR_L, "ewf_open: Not an EWF file"); - free(ewf_info); - if (tsk_verbose) - tsk_fprintf(stderr, "Not an EWF file\n"); - - return NULL; - } - -#if defined (TSK_WIN32) - ewf_info->handle = - libewf_open_wide((wchar_t * const *) ewf_info->images, - ewf_info->num_imgs, LIBEWF_OPEN_READ); + { + tsk_error_reset(); + tsk_errno = TSK_ERR_IMG_MAGIC; + + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open: Not an EWF file" ); + + free( + ewf_info ); + + if(tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Not an EWF file\n" ); + } + return( NULL ); + } +#if defined( TSK_WIN32 ) + ewf_info->handle = libewf_open_wide( + (wchar_t * const *) images, + num_img, + LIBEWF_OPEN_READ ); #else - ewf_info->handle = - libewf_open((char *const *) ewf_info->images, ewf_info->num_imgs, - LIBEWF_OPEN_READ); + ewf_info->handle = libewf_open( + (char * const *) images, + num_img, + LIBEWF_OPEN_READ ); #endif - if (ewf_info->handle == NULL) { - tsk_error_reset(); - tsk_errno = TSK_ERR_IMG_OPEN; - snprintf(tsk_errstr, TSK_ERRSTR_L, - "ewf_open file: %" PRIttocTSK ": Error opening", - ewf_info->images[0]); - free(ewf_info); - if (tsk_verbose) { - tsk_fprintf(stderr, "Error opening EWF file\n"); - } - return NULL; - } + if( ewf_info->handle == NULL ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_OPEN; + + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error opening", + images[ 0 ] ); + + free( + ewf_info ); + + if( tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Error opening EWF file\n" ); + } + return( NULL ); + } - // 2007 version #if defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ) - img_info->size = libewf_get_media_size(ewf_info->handle); - ewf_info->md5hash_isset = libewf_get_stored_md5_hash(ewf_info->handle, - ewf_info->md5hash, LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5); -// libewf-20080322 version + // 2007 version + img_info->size = libewf_get_media_size( + ewf_info->handle ); + + ewf_info->md5hash_isset = libewf_get_stored_md5_hash( + ewf_info->handle, + ewf_info->md5hash, + LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ); #else - if (libewf_get_media_size(ewf_info->handle, - (size64_t *) & (img_info->size)) - != 1) { - tsk_error_reset(); - tsk_errno = TSK_ERR_IMG_OPEN; - snprintf(tsk_errstr, TSK_ERRSTR_L, - "ewf_open file: %" PRIttocTSK ": Error getting size of image", - ewf_info->images[0]); - free(ewf_info); - if (tsk_verbose) { - tsk_fprintf(stderr, "Error getting size of EWF file\n"); - } - return NULL; - } - - if (libewf_get_md5_hash(ewf_info->handle, md5_hash, 16) == 1) { - int md5_string_iterator = 0; - int md5_hash_iterator; - for (md5_hash_iterator = 0; md5_hash_iterator < 16; - md5_hash_iterator++) { - int digit = md5_hash[md5_hash_iterator] / 16; - if (digit <= 9) - ewf_info->md5hash[md5_string_iterator++] = (char) - ('0' + digit); - else - ewf_info->md5hash[md5_string_iterator++] = (char) ('a' + - (digit - 10)); - digit = md5_hash[md5_hash_iterator] % 16; - if (digit <= 9) - ewf_info->md5hash[md5_string_iterator++] = - (char) ('0' + digit); - else - ewf_info->md5hash[md5_string_iterator++] = (char) ('a' + - (digit - 10)); - } - ewf_info->md5hash_isset = 1; - } -#endif - img_info->sector_size = 512; - if (a_ssize) - img_info->sector_size = a_ssize; - - - img_info->itype = TSK_IMG_TYPE_EWF_EWF; - img_info->read = ewf_image_read; - img_info->close = ewf_image_close; - img_info->imgstat = ewf_image_imgstat; - + // libewf-20080322 version + if( libewf_get_media_size( + ewf_info->handle, + (size64_t *) &( img_info->size ) ) != 1 ) + { + tsk_error_reset(); + + tsk_errno = TSK_ERR_IMG_OPEN; + + snprintf( + tsk_errstr, + TSK_ERRSTR_L, + "ewf_open file: %" PRIttocTSK ": Error getting size of image", + images[ 0 ] ); + + free( + ewf_info ); + + if( tsk_verbose != 0 ) + { + tsk_fprintf( + stderr, + "Error getting size of EWF file\n" ); + } + return( NULL ); + } + if( libewf_get_md5_hash( + ewf_info->handle, + md5_hash, + 16 ) == 1 ) + { + int md5_string_iterator = 0; + int md5_hash_iterator = 0; + + for( md5_hash_iterator = 0; + md5_hash_iterator < 16; + md5_hash_iterator++ ) + { + int digit = md5_hash[ md5_hash_iterator ] / 16; + + if( digit <= 9 ) + { + ewf_info->md5hash[ md5_string_iterator++ ] = '0' + (char) digit; + } + else + { + ewf_info->md5hash[ md5_string_iterator++ ] = 'a' + (char) ( digit - 10 ); + } + digit = md5_hash[md5_hash_iterator] % 16; + + if( digit <= 9 ) + { + ewf_info->md5hash[ md5_string_iterator++ ] = '0' + (char) digit; + } + else + { + ewf_info->md5hash[ md5_string_iterator++ ] = 'a' + (char) ( digit - 10 ); + } + } + ewf_info->md5hash_isset = 1; + } +#endif /* defined( LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ) */ +#endif /* defined( HAVE_LIBEWF_V2_API ) */ + if( a_ssize != 0 ) + { + img_info->sector_size = a_ssize; + } + else + { + img_info->sector_size = 512; + } + img_info->itype = TSK_IMG_TYPE_EWF_EWF; + img_info->read = &ewf_image_read; + img_info->close = &ewf_image_close; + img_info->imgstat = &ewf_image_imgstat; return img_info; } #endif Index: sleuthkit-3.2.3/tsk3/img/ewf.h =================================================================== --- sleuthkit-3.2.3.orig/tsk3/img/ewf.h 2013-08-31 10:13:21.425922919 +0000 +++ sleuthkit-3.2.3/tsk3/img/ewf.h 2013-08-31 11:00:28.329934838 +0000 @@ -13,8 +13,8 @@ * Header files for EWF-specific data structures and functions. */ -#ifndef _EWF_H -#define _EWF_H +#if !defined( _TSK_IMG_EWF_H ) +#define _TSK_IMG_EWF_H #if HAVE_LIBEWF @@ -25,6 +25,14 @@ #include <libewf.h> +#if !defined( LIBEWF_HANDLE ) + +/* libewf version 2 no longer defines LIBEWF_HANDLE + */ +#define HAVE_LIBEWF_V2_API +#endif + + #ifdef __cplusplus extern "C" { #endif @@ -34,7 +42,7 @@ typedef struct { TSK_IMG_INFO img_info; - LIBEWF_HANDLE *handle; + libewf_handle_t *handle; char md5hash[33]; int md5hash_isset; TSK_TCHAR **images;
signature.asc
Description: OpenPGP digital signature
