From 653c73c9ef48363506caddd900c9da900e95fda3 Mon Sep 17 00:00:00 2001 From: Richard Cordovano Date: Mon, 7 Mar 2016 13:46:57 -0500 Subject: [PATCH 1/6] Fix potential NPE in events/MessageServiceConnectionInfo --- .../sleuthkit/autopsy/events/MessageServiceConnectionInfo.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Core/src/org/sleuthkit/autopsy/events/MessageServiceConnectionInfo.java b/Core/src/org/sleuthkit/autopsy/events/MessageServiceConnectionInfo.java index 9db745b09b..f7cf28096d 100644 --- a/Core/src/org/sleuthkit/autopsy/events/MessageServiceConnectionInfo.java +++ b/Core/src/org/sleuthkit/autopsy/events/MessageServiceConnectionInfo.java @@ -144,7 +144,7 @@ public final class MessageServiceConnectionInfo { } catch (JMSException ex) { String result; Throwable cause = ex.getCause(); - if (cause != null) { + if (null != cause && null != cause.getMessage()) { // there is more information from another exception String msg = cause.getMessage(); if (msg.startsWith(CONNECTION_TIMED_OUT)) { From 16f83177d64b5de04afc2ee097354e187a952755 Mon Sep 17 00:00:00 2001 From: Oliver Spohngellert Date: Tue, 8 Mar 2016 09:10:28 -0500 Subject: [PATCH 2/6] Fixed extra column bug --- Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java | 1 - 1 file changed, 1 deletion(-) diff --git a/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java b/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java index 17bf5b511a..7fa508d308 100644 --- a/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java +++ b/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java @@ -1927,7 +1927,6 @@ class ReportGenerator { orderedRowData.add(cellData); } } - orderedRowData.add(makeCommaSeparatedList(getTags())); } return orderedRowData; From a5a9baffa729a774d22a15521db2f3be86bc0736 Mon Sep 17 00:00:00 2001 From: Oliver Spohngellert Date: Tue, 8 Mar 2016 09:28:12 -0500 Subject: [PATCH 3/6] Added tags column header to hashset and keyword hits in report --- Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java b/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java index 7fa508d308..e0d201f4af 100644 --- a/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java +++ b/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java @@ -1055,6 +1055,7 @@ class ReportGenerator { List columnHeaderNames = new ArrayList<>(); columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.preview")); columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.srcFile")); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tags")); module.startTable(columnHeaderNames); } } @@ -1190,6 +1191,7 @@ class ReportGenerator { List columnHeaderNames = new ArrayList<>(); columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.file")); columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.size")); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tags")); module.startTable(columnHeaderNames); tableProgress.get(module).updateStatusLabel( NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processingList", From 28fcf8bc666233b67cdc271196c601a900548cac Mon Sep 17 00:00:00 2001 From: Oliver Spohngellert Date: Tue, 8 Mar 2016 15:04:06 -0500 Subject: [PATCH 4/6] Added known file restriction on file extension mismatch, pending updates --- .../modules/fileextmismatch/Bundle.properties | 1 + ...FileExtMismatchDetectorModuleSettings.java | 16 ++++++++++++++ .../FileExtMismatchIngestModule.java | 4 ++++ .../FileExtMismatchModuleSettingsPanel.form | 16 +++++++++++++- .../FileExtMismatchModuleSettingsPanel.java | 22 +++++++++++++++++-- 5 files changed, 56 insertions(+), 3 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/Bundle.properties b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/Bundle.properties index 7c63074fbe..385bc66925 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/Bundle.properties +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/Bundle.properties @@ -52,3 +52,4 @@ FileExtMismatchSettingsPanel.removeExtButton.text=Remove Selected Extension FileExtMismatchSettingsPanel.userTypeTextField.text= FileExtMismatchDetectorModuleFactory.getIngestJobSettingsPanel.exception.msg=Expected settings argument to be instanceof FileExtMismatchDetectorModuleSettings FileExtMismatchDetectorModuleFactory.createFileIngestModule.exception.msg=Expected settings argument to be instanceof FileExtMismatchDetectorModuleSettings +FileExtMismatchModuleSettingsPanel.skipKnownFiles.text=Skip known files diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java index 22074222a5..45b097bda2 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java @@ -28,6 +28,7 @@ final class FileExtMismatchDetectorModuleSettings implements IngestModuleIngestJ private static final long serialVersionUID = 1L; private boolean skipFilesWithNoExtension = true; private boolean skipFilesWithTextPlainMimeType = true; + private boolean skipKnownFiles = true; FileExtMismatchDetectorModuleSettings() { } @@ -35,6 +36,7 @@ final class FileExtMismatchDetectorModuleSettings implements IngestModuleIngestJ FileExtMismatchDetectorModuleSettings(boolean skipKnownFiles, boolean skipFilesWithNoExtension, boolean skipFilesWithTextPlainMimeType) { this.skipFilesWithNoExtension = skipFilesWithNoExtension; this.skipFilesWithTextPlainMimeType = skipFilesWithTextPlainMimeType; + this.skipKnownFiles = skipKnownFiles; } @Override @@ -57,4 +59,18 @@ final class FileExtMismatchDetectorModuleSettings implements IngestModuleIngestJ boolean skipFilesWithTextPlainMimeType() { return skipFilesWithTextPlainMimeType; } + + /** + * @return the skipKnownFiles + */ + boolean isSkipKnownFiles() { + return skipKnownFiles; + } + + /** + * @param skipKnownFiles the skipKnownFiles to set + */ + void setSkipKnownFiles(boolean skipKnownFiles) { + this.skipKnownFiles = skipKnownFiles; + } } diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java index c579c69014..360b9152f6 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java @@ -40,6 +40,7 @@ import org.sleuthkit.datamodel.BlackboardArtifact; import org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE; import org.sleuthkit.datamodel.TskCoreException; import org.sleuthkit.datamodel.TskData; +import org.sleuthkit.datamodel.TskData.FileKnown; import org.sleuthkit.datamodel.TskException; /** @@ -103,6 +104,9 @@ public class FileExtMismatchIngestModule implements FileIngestModule { @Override public ProcessResult process(AbstractFile abstractFile) { blackboard = Case.getCurrentCase().getServices().getBlackboard(); + if(this.settings.isSkipKnownFiles() && (abstractFile.getKnown() == FileKnown.KNOWN)) { + return ProcessResult.OK; + } // skip non-files if ((abstractFile.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNALLOC_BLOCKS) diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.form b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.form index be70dbe504..4974e318bd 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.form +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.form @@ -21,6 +21,7 @@ + @@ -32,7 +33,9 @@ - + + + @@ -62,5 +65,16 @@ + + + + + + + + + + + diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java index de619e3510..86f03f9f9e 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java @@ -38,6 +38,7 @@ final class FileExtMismatchModuleSettingsPanel extends IngestModuleIngestJobSett private void customizeComponents() { skipNoExtCheckBox.setSelected(settings.skipFilesWithNoExtension()); skipTextPlain.setSelected(settings.skipFilesWithTextPlainMimeType()); + skipKnownFiles.setSelected(settings.isSkipKnownFiles()); } @Override @@ -56,6 +57,7 @@ final class FileExtMismatchModuleSettingsPanel extends IngestModuleIngestJobSett skipNoExtCheckBox = new javax.swing.JCheckBox(); skipTextPlain = new javax.swing.JCheckBox(); + skipKnownFiles = new javax.swing.JCheckBox(); skipNoExtCheckBox.setSelected(true); skipNoExtCheckBox.setText(org.openide.util.NbBundle.getMessage(FileExtMismatchModuleSettingsPanel.class, "FileExtMismatchModuleSettingsPanel.skipNoExtCheckBox.text")); // NOI18N @@ -73,6 +75,14 @@ final class FileExtMismatchModuleSettingsPanel extends IngestModuleIngestJobSett } }); + skipKnownFiles.setSelected(true); + skipKnownFiles.setText(org.openide.util.NbBundle.getMessage(FileExtMismatchModuleSettingsPanel.class, "FileExtMismatchModuleSettingsPanel.skipKnownFiles.text")); // NOI18N + skipKnownFiles.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + skipKnownFilesActionPerformed(evt); + } + }); + javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); this.setLayout(layout); layout.setHorizontalGroup( @@ -81,7 +91,8 @@ final class FileExtMismatchModuleSettingsPanel extends IngestModuleIngestJobSett .addContainerGap() .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addComponent(skipTextPlain) - .addComponent(skipNoExtCheckBox)) + .addComponent(skipNoExtCheckBox) + .addComponent(skipKnownFiles)) .addGap(0, 138, Short.MAX_VALUE)) ); layout.setVerticalGroup( @@ -90,7 +101,9 @@ final class FileExtMismatchModuleSettingsPanel extends IngestModuleIngestJobSett .addComponent(skipNoExtCheckBox) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(skipTextPlain) - .addContainerGap(51, Short.MAX_VALUE)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(skipKnownFiles) + .addContainerGap(28, Short.MAX_VALUE)) ); }// //GEN-END:initComponents @@ -102,7 +115,12 @@ final class FileExtMismatchModuleSettingsPanel extends IngestModuleIngestJobSett settings.setSkipFilesWithTextPlainMimeType(skipTextPlain.isSelected()); }//GEN-LAST:event_skipTextPlainActionPerformed + private void skipKnownFilesActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_skipKnownFilesActionPerformed + settings.setSkipKnownFiles(skipKnownFiles.isSelected()); + }//GEN-LAST:event_skipKnownFilesActionPerformed + // Variables declaration - do not modify//GEN-BEGIN:variables + private javax.swing.JCheckBox skipKnownFiles; private javax.swing.JCheckBox skipNoExtCheckBox; private javax.swing.JCheckBox skipTextPlain; // End of variables declaration//GEN-END:variables From b27e762b09b2011c948d7cf00a1aea839f06bc7e Mon Sep 17 00:00:00 2001 From: Richard Cordovano Date: Wed, 9 Mar 2016 09:50:32 -0500 Subject: [PATCH 5/6] Handle serialization for new fileextmismatch/FileExtMismatchDetectorModuleSettings field --- ...FileExtMismatchDetectorModuleSettings.java | 43 +++++++++++++------ .../FileExtMismatchIngestModule.java | 2 +- .../FileExtMismatchModuleSettingsPanel.java | 2 +- 3 files changed, 31 insertions(+), 16 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java index 45b097bda2..d1dc75a14e 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java @@ -18,6 +18,8 @@ */ package org.sleuthkit.autopsy.modules.fileextmismatch; +import java.io.IOException; +import java.io.ObjectInputStream; import org.sleuthkit.autopsy.ingest.IngestModuleIngestJobSettings; /** @@ -26,11 +28,15 @@ import org.sleuthkit.autopsy.ingest.IngestModuleIngestJobSettings; final class FileExtMismatchDetectorModuleSettings implements IngestModuleIngestJobSettings { private static final long serialVersionUID = 1L; - private boolean skipFilesWithNoExtension = true; - private boolean skipFilesWithTextPlainMimeType = true; - private boolean skipKnownFiles = true; + private long versionNumber; + private boolean skipFilesWithNoExtension; + private boolean skipFilesWithTextPlainMimeType; + private boolean skipKnownFiles; FileExtMismatchDetectorModuleSettings() { + this.skipFilesWithNoExtension = true; + this.skipFilesWithTextPlainMimeType = true; + this.skipKnownFiles = true; } FileExtMismatchDetectorModuleSettings(boolean skipKnownFiles, boolean skipFilesWithNoExtension, boolean skipFilesWithTextPlainMimeType) { @@ -44,33 +50,42 @@ final class FileExtMismatchDetectorModuleSettings implements IngestModuleIngestJ return serialVersionUID; } - void setSkipFilesWithNoExtension(boolean enabled) { - skipFilesWithNoExtension = enabled; + void setSkipFilesWithNoExtension(boolean skipFilesWithNoExtension) { + this.skipFilesWithNoExtension = skipFilesWithNoExtension; } boolean skipFilesWithNoExtension() { return skipFilesWithNoExtension; } - void setSkipFilesWithTextPlainMimeType(boolean enabled) { - skipFilesWithTextPlainMimeType = enabled; + void setSkipFilesWithTextPlainMimeType(boolean skipFilesWithTextPlainMimeType) { + this.skipFilesWithTextPlainMimeType = skipFilesWithTextPlainMimeType; } boolean skipFilesWithTextPlainMimeType() { return skipFilesWithTextPlainMimeType; } - /** - * @return the skipKnownFiles - */ - boolean isSkipKnownFiles() { + boolean skipKnownFiles() { return skipKnownFiles; } - /** - * @param skipKnownFiles the skipKnownFiles to set - */ void setSkipKnownFiles(boolean skipKnownFiles) { this.skipKnownFiles = skipKnownFiles; } + + private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException { + in.defaultReadObject(); + if (0L == versionNumber) { + /* + * If the version number is set to the default value of zero, then + * skipKnownFiles is a new field that has been initialized to the + * Java default boolean field value of false. Change this to the + * desired default value of true. + */ + skipKnownFiles = true; + } + versionNumber = 1; + } + } diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java index 360b9152f6..a3b54e8d41 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchIngestModule.java @@ -104,7 +104,7 @@ public class FileExtMismatchIngestModule implements FileIngestModule { @Override public ProcessResult process(AbstractFile abstractFile) { blackboard = Case.getCurrentCase().getServices().getBlackboard(); - if(this.settings.isSkipKnownFiles() && (abstractFile.getKnown() == FileKnown.KNOWN)) { + if(this.settings.skipKnownFiles() && (abstractFile.getKnown() == FileKnown.KNOWN)) { return ProcessResult.OK; } diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java index 86f03f9f9e..4ecde417ce 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchModuleSettingsPanel.java @@ -38,7 +38,7 @@ final class FileExtMismatchModuleSettingsPanel extends IngestModuleIngestJobSett private void customizeComponents() { skipNoExtCheckBox.setSelected(settings.skipFilesWithNoExtension()); skipTextPlain.setSelected(settings.skipFilesWithTextPlainMimeType()); - skipKnownFiles.setSelected(settings.isSkipKnownFiles()); + skipKnownFiles.setSelected(settings.skipKnownFiles()); } @Override From 317b68900e99ffff4dfa86c98e2f7acbd4ef8281 Mon Sep 17 00:00:00 2001 From: Richard Cordovano Date: Wed, 9 Mar 2016 09:55:05 -0500 Subject: [PATCH 6/6] Update comment in fileextmismatch/FileExtMismatchDetectorModuleSettings --- .../FileExtMismatchDetectorModuleSettings.java | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java index d1dc75a14e..0efbd24db8 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java +++ b/Core/src/org/sleuthkit/autopsy/modules/fileextmismatch/FileExtMismatchDetectorModuleSettings.java @@ -1,7 +1,7 @@ /* * Autopsy Forensic Browser * - * Copyright 2014 Basis Technology Corp. + * Copyright 2011-2016 Basis Technology Corp. * Contact: carrier sleuthkit org * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -78,9 +78,8 @@ final class FileExtMismatchDetectorModuleSettings implements IngestModuleIngestJ in.defaultReadObject(); if (0L == versionNumber) { /* - * If the version number is set to the default value of zero, then - * skipKnownFiles is a new field that has been initialized to the - * Java default boolean field value of false. Change this to the + * If the version number is set to the Java field default value of + * zero, then skipKnownFiles is a new field. Change this to the * desired default value of true. */ skipKnownFiles = true;