archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/enduser/windows.com/wuv3/wudetect/regkeysubstr.cpp

83 lines
2.1 KiB
Raw Normal View History

Add source files
4 years ago
  1. #include "wudetect.h"
  3. /////////////////////////////////////////////////////////////////////////////
  4. // CExpressionParser::fDetectRegSubStr
  5. // Detect a substring in registry datum.
  6. //
  7. // Form: E=RegSubstr,<SubStr>,<RootKey>,<KeyPath>,<RegValue>,<RegData>
  8. //
  9. // Comments :
  10. /////////////////////////////////////////////////////////////////////////////
  12. bool CExpressionParser::fDetectRegSubStr(TCHAR * pszBuf)
  13. {
  14. bool fSuccess = false;
  15. HKEY hKeyRoot;
  16. HKEY hKey;
  17. DWORD type;
  18. TCHAR szTargetKeyName[MAX_PATH];
  19. TCHAR szTargetKeyValue[MAX_PATH];
  20. TCHAR szKeyMissingStatus[MAX_PATH];
  21. TCHAR szData[MAX_PATH];
  22. TCHAR szSubStr[MAX_PATH];
  23. DWORD iToken = 0;
  26. // Get reg root type (HKLM, etc)
  27. if ( fMapRegRoot(pszBuf, ++iToken, &hKeyRoot) &&
  28. (GetStringField2(pszBuf, ++iToken, szTargetKeyName, sizeof(szTargetKeyName)/sizeof(TCHAR)) != 0) )
  29. {
  30. if ( RegOpenKeyEx( hKeyRoot,
  31. szTargetKeyName,
  32. 0,
  33. KEY_QUERY_VALUE,
  34. &hKey) == ERROR_SUCCESS )
  35. {
  36. if ( (GetStringField2(pszBuf, ++iToken, szTargetKeyValue, sizeof(szTargetKeyValue)/sizeof(TCHAR)) != 0) &&
  37. (GetStringField2(pszBuf, ++iToken, szKeyMissingStatus, sizeof(szKeyMissingStatus)/sizeof(TCHAR)) != 0) )
  38. {
  39. DWORD size = sizeof(szData);
  41. if ( RegQueryValueEx(hKey,
  42. szTargetKeyValue,
  43. 0,
  44. &type,
  45. (BYTE *)szData,
  46. &size) == ERROR_SUCCESS )
  47. {
  48. if ( type == REG_SZ )
  49. {
  50. _tcslwr(szData);
  52. // iterate thru the substrings looking for a match.
  53. while ( GetStringField2(pszBuf, ++iToken, szSubStr, sizeof(szSubStr)) != 0 )
  54. {
  55. _tcslwr(szSubStr);
  57. if ( _tcsstr(szData, szSubStr) != NULL )
  58. {
  59. fSuccess = true;
  60. goto quit_while;
  61. }
  62. }
  63. quit_while:;
  64. }
  65. }
  66. else
  67. {
  68. // if we get an error, assume the key does not exist. Note that if
  69. // the status is DETFIELD_NOT_INSTALLED then we don't have to do
  70. // anything since that is the default status.
  71. if ( lstrcmpi(DETFIELD_INSTALLED, szKeyMissingStatus) == 0 )
  72. {
  73. fSuccess = true;
  74. }
  75. }
  76. }
  77. RegCloseKey(hKey);
  78. }
  79. }
  82. return fSuccess;
  83. }