|
|
//-----------------------------------------------------------------------//
//
// File: query.cpp
// Created: Jan 1997
// By: Martin Holladay (a-martih)
// Purpose: Registry Query Support for REG.CPP
// Modification History:
// Created - Jan 1997 (a-martih)
// Aug 1997 (John Whited) Implemented a Binary output function for
// REG_BINARY
// Oct 1997 (martinho) fixed output for REG_MULTI_SZ \0 delimited strings
// April 1998 - MartinHo - Incremented to 1.05 for REG_MULTI_SZ bug fixes.
// Correct support for displaying query REG_MULTI_SZ of. Fix AV.
// April 1999 Zeyong Xu: re-design, revision -> version 2.0
//
//------------------------------------------------------------------------//
#include "stdafx.h"
#include "reg.h"
//-----------------------------------------------------------------------//
//
// QueryRegistry()
//
//-----------------------------------------------------------------------//
LONG QueryRegistry(PAPPVARS pAppVars, UINT argc, TCHAR *argv[]){ LONG nResult; HKEY hKey;
//
// Parse the cmd-line
//
nResult = ParseQueryCmdLine(pAppVars, argc, argv); if (nResult != ERROR_SUCCESS) { return nResult; }
//
// Connect to the Remote Machine(s) - if applicable
//
nResult = RegConnectMachine(pAppVars); if (nResult != ERROR_SUCCESS) { return nResult; }
//
// Open the registry key
//
nResult = RegOpenKeyEx(pAppVars->hRootKey, pAppVars->szSubKey, 0, KEY_READ, &hKey);
if(nResult != ERROR_SUCCESS) return nResult;
MyTPrintf(stdout,_T("\r\n! REG.EXE VERSION %s\r\n"), REG_EXE_FILEVERSION);
//
// if query a single registry value
//
if(pAppVars->szValueName) { // first print the key name
MyTPrintf(stdout,_T("\r\n%s\r\n"), pAppVars->szFullKey);
nResult = QueryValue(hKey, pAppVars->szValueName); MyTPrintf(stdout,_T("\r\n")); } else // query a registry key
{ nResult = QueryEnumerateKey(hKey, pAppVars->szFullKey, pAppVars->bRecurseSubKeys); }
RegCloseKey(hKey);
return nResult;}
//------------------------------------------------------------------------//
//
// ParseQueryCmdLine()
//
//------------------------------------------------------------------------//
REG_STATUS ParseQueryCmdLine(PAPPVARS pAppVars, UINT argc, TCHAR *argv[]){ REG_STATUS nResult; UINT i;
if(argc < 3) { return REG_STATUS_TOFEWPARAMS; } else if(argc > 5) { return REG_STATUS_TOMANYPARAMS; }
// Machine Name and Registry key
//
nResult = BreakDownKeyString(argv[2], pAppVars); if(nResult != ERROR_SUCCESS) return nResult;
// parsing
for(i=3; i<argc; i++) { if(!_tcsicmp(argv[i], _T("/v"))) { if(pAppVars->szValueName || pAppVars->bRecurseSubKeys) return REG_STATUS_INVALIDPARAMS;
i++; if(i<argc) { pAppVars->szValueName = (TCHAR*) calloc(_tcslen(argv[i]) + 1, sizeof(TCHAR)); if (!pAppVars->szValueName) { return ERROR_NOT_ENOUGH_MEMORY; } _tcscpy(pAppVars->szValueName, argv[i]); } else return REG_STATUS_TOFEWPARAMS; } else if(!_tcsicmp(argv[i], _T("/ve"))) { if(pAppVars->szValueName || pAppVars->bRecurseSubKeys) return REG_STATUS_INVALIDPARAMS;
pAppVars->szValueName = (TCHAR*) calloc(1, sizeof(TCHAR)); if (!pAppVars->szValueName) { return ERROR_NOT_ENOUGH_MEMORY; } } else if(!_tcsicmp(argv[i], _T("/s"))) { if(pAppVars->szValueName) return REG_STATUS_INVALIDPARAMS;
pAppVars->bRecurseSubKeys = TRUE; } else return REG_STATUS_INVALIDPARAMS; }
return ERROR_SUCCESS;}
//-----------------------------------------------------------------------//
//
// GetTypeStr()
//
//-----------------------------------------------------------------------//
void GetTypeStrFromType(TCHAR *szTypeStr, DWORD dwType){ switch (dwType) { case REG_BINARY: _tcscpy(szTypeStr, STR_REG_BINARY); break;
case REG_DWORD: _tcscpy(szTypeStr, STR_REG_DWORD); break;
case REG_DWORD_BIG_ENDIAN: _tcscpy(szTypeStr, STR_REG_DWORD_BIG_ENDIAN); break;
case REG_EXPAND_SZ: _tcscpy(szTypeStr, STR_REG_EXPAND_SZ); break;
case REG_LINK: _tcscpy(szTypeStr, STR_REG_LINK); break;
case REG_MULTI_SZ: _tcscpy(szTypeStr, STR_REG_MULTI_SZ); break;
case REG_NONE: _tcscpy(szTypeStr, STR_REG_NONE); break;
case REG_RESOURCE_LIST: _tcscpy(szTypeStr, STR_REG_RESOURCE_LIST); break;
case REG_SZ: _tcscpy(szTypeStr, STR_REG_SZ); break;
default: _tcscpy(szTypeStr, STR_REG_NONE); break; }}
//-----------------------------------------------------------------------//
//
// QueryValue()
//
//-----------------------------------------------------------------------//
LONG QueryValue(HKEY hKey, TCHAR* szValueName){
LONG nResult; TCHAR szTypeStr[25]; DWORD dwType; DWORD dwSize = 1; UINT i; BYTE* pBuff; TCHAR szEmptyString[ 2 ] = L"";
if ( szValueName == NULL ) { szValueName = szEmptyString; }
//
// First find out how much memory to allocate.
//
nResult = RegQueryValueEx(hKey, szValueName, 0, &dwType, NULL, &dwSize);
if (nResult != ERROR_SUCCESS) { return nResult; }
// to avoid problems with corrupted registry data --
// always allocate memory of even no. of bytes
dwSize += ( dwSize % 2 );
pBuff = (BYTE*) calloc(dwSize + 2, sizeof(BYTE)); if (!pBuff) { return ERROR_NOT_ENOUGH_MEMORY; }
//
// Now get the data
//
nResult = RegQueryValueEx(hKey, szValueName, 0, &dwType, (LPBYTE) pBuff, &dwSize);
if (nResult != ERROR_SUCCESS) { free(pBuff); return nResult; }
//
// Now list the ValueName\tType\tData
//
GetTypeStrFromType(szTypeStr, dwType);
MyTPrintf(stdout, _T(" %s\t%s\t"), (_tcslen(szValueName) == 0) // no name
? g_NoName : szValueName, szTypeStr); switch (dwType) { default: case REG_BINARY: for(i=0; i<dwSize; i++) { MyTPrintf(stdout,_T("%02X"),pBuff[i]); } break;
case REG_SZ: case REG_EXPAND_SZ: MyTPrintf(stdout,_T("%s"), (LPCWSTR)pBuff ); break;
case REG_DWORD: case REG_DWORD_BIG_ENDIAN: MyTPrintf(stdout,_T("0x%x"), *((DWORD*)pBuff) ); break;
case REG_MULTI_SZ: { //
// Replace '\0' with "\0" for MULTI_SZ
//
TCHAR* pEnd = (TCHAR*) pBuff; while( (BYTE*)pEnd < pBuff + dwSize ) { if(*pEnd == 0) { MyTPrintf(stdout,_T("\\0")); pEnd++; } else { MyTPrintf(stdout,_T("%s"), pEnd); pEnd += _tcslen(pEnd); } } }
break; }
MyTPrintf(stdout,_T("\r\n"));
if(pBuff) free(pBuff);
return ERROR_SUCCESS;}
//-----------------------------------------------------------------------//
//
// EnumerateKey() - Recursive
//
//-----------------------------------------------------------------------//
LONG QueryEnumerateKey(HKEY hKey, TCHAR* szFullKey, BOOL bRecurseSubKeys){ DWORD nResult; UINT i; DWORD dwSize; HKEY hSubKey; TCHAR* szNameBuf; TCHAR* szTempName;
// query source key info
DWORD dwLenOfKeyName; DWORD dwLenOfValueName; nResult = RegQueryInfoKey(hKey, NULL, NULL, NULL, NULL, &dwLenOfKeyName, NULL, NULL, &dwLenOfValueName, NULL, NULL, NULL);
if (nResult != ERROR_SUCCESS) { return nResult; }
#ifndef REG_FOR_WIN2000 // ansi version for win98
// fix API bugs: RegQueryInfoKey() returns non-correct length values
// on remote Win98
if(dwLenOfKeyName < MAX_PATH) dwLenOfKeyName = MAX_PATH; if(dwLenOfValueName < MAX_PATH) dwLenOfValueName = MAX_PATH;#endif
// create buffer
dwLenOfValueName++; szNameBuf = (TCHAR*) calloc(dwLenOfValueName, sizeof(TCHAR)); if (!szNameBuf) { return ERROR_NOT_ENOUGH_MEMORY; }
// first print the key name
MyTPrintf(stdout,_T("\r\n%s\r\n"), szFullKey);
//
// enumerate all of the values
//
i = 0; do { dwSize = dwLenOfValueName; nResult = RegEnumValue(hKey, i, szNameBuf, &dwSize, NULL, NULL, NULL, NULL);
if (nResult == ERROR_SUCCESS) { nResult = QueryValue(hKey, szNameBuf);
// continue to query
if(nResult == ERROR_ACCESS_DENIED) { MyTPrintf(stderr, _T("Error: Access is denied in the value %s under") _T(" the key %s\r\n"), szNameBuf, szFullKey); nResult = ERROR_SUCCESS; } }
i++;
} while (nResult == ERROR_SUCCESS);
if(szNameBuf) free(szNameBuf);
if (nResult == ERROR_NO_MORE_ITEMS) nResult = ERROR_SUCCESS;
if( nResult != ERROR_SUCCESS ) return nResult;
//
// SPECIAL CASE:
// -------------
// For HKLM\SYSTEM\CONTROLSET002 it is found to be API returning value 0 for dwMaxLength
// though there are subkeys underneath this -- to handle this, we are doing a workaround
// by assuming the max registry key length
//
if ( dwLenOfKeyName == 0 ) { dwLenOfKeyName = 256; } else if ( dwLenOfKeyName < 256 ) { // always assume 100% more length than what is returned by API
dwLenOfKeyName *= 2; }
//
// Now Enumerate all of the keys
//
dwLenOfKeyName++; szNameBuf = (TCHAR*) calloc(dwLenOfKeyName, sizeof(TCHAR)); if (!szNameBuf) { return ERROR_NOT_ENOUGH_MEMORY; } i = 0; do { dwSize = dwLenOfKeyName; nResult = RegEnumKeyEx(hKey, i, szNameBuf, &dwSize, NULL, NULL, NULL, NULL);
if (nResult != ERROR_SUCCESS) break;
//
// open up the subkey, and enumerate it
//
nResult = RegOpenKeyEx(hKey, szNameBuf, 0, KEY_READ, &hSubKey);
//
// Build up the needed string and go down enumerating again
//
szTempName = (TCHAR*) calloc(_tcslen(szFullKey) + _tcslen(szNameBuf) + 2, sizeof(TCHAR)); if (!szTempName) { nResult = ERROR_NOT_ENOUGH_MEMORY; goto Cleanup; }
_tcscpy(szTempName, szFullKey); _tcscat(szTempName, _T("\\")); _tcscat(szTempName, szNameBuf);
if (bRecurseSubKeys && nResult == ERROR_SUCCESS) { // recursive query
nResult = QueryEnumerateKey(hSubKey, szTempName, bRecurseSubKeys);
} else { // print key
MyTPrintf(stdout,_T("\r\n%s\r\n"), szTempName);
if(nResult == ERROR_ACCESS_DENIED) // continue to query next key
{ MyTPrintf(stderr, _T("Error: Access is denied in the key %s\r\n"), szTempName); nResult = ERROR_SUCCESS; } }
RegCloseKey(hSubKey); if(szTempName) free(szTempName);
i++;
} while (nResult == ERROR_SUCCESS);
Cleanup: if(szNameBuf) free(szNameBuf);
if (nResult == ERROR_NO_MORE_ITEMS) nResult = ERROR_SUCCESS;
return nResult;}
|
