mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-13 00:16:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

more error checking in timeline

Browse Source
This commit is contained in:
adam-m 2013-03-05 11:25:07 -05:00
parent db89cc5d43
commit 62b8c384ea
1 changed files with 170 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
Timeline/src/org/sleuthkit/autopsy/timeline/Simile2.java
View File

@ -78,7 +78,6 @@ import org.openide.modules.InstalledFileLocator;
import org.openide.nodes.ChildFactory; import org.openide.nodes.ChildFactory;
import org.openide.nodes.Children; import org.openide.nodes.Children;
import org.openide.nodes.Node; import org.openide.nodes.Node;
import org.openide.util.Exceptions;
import org.openide.util.HelpCtx; import org.openide.util.HelpCtx;
import org.openide.util.NbBundle; import org.openide.util.NbBundle;
import org.openide.util.actions.CallableSystemAction; import org.openide.util.actions.CallableSystemAction;
@ -109,8 +108,8 @@ import org.sleuthkit.datamodel.TskData;
@ActionReferences(value = { @ActionReferences(value = {
@ActionReference(path = "Menu/Tools", position = 100)}) @ActionReference(path = "Menu/Tools", position = 100)})
@NbBundle.Messages(value = "CTL_TimelineView=Generate Timeline") @NbBundle.Messages(value = "CTL_TimelineView=Generate Timeline")
public class Simile2 extends CallableSystemAction implements Presenter.Toolbar, PropertyChangeListener { public class Simile2 extends CallableSystemAction implements Presenter.Toolbar, PropertyChangeListener {
private static final Logger logger = Logger.getLogger(Simile2.class.getName()); private static final Logger logger = Logger.getLogger(Simile2.class.getName());
private final java.io.File macRoot = InstalledFileLocator.getDefault().locate("mactime", Simile2.class.getPackage().getName(), false); private final java.io.File macRoot = InstalledFileLocator.getDefault().locate("mactime", Simile2.class.getPackage().getName(), false);
private JFrame jf; //frame for holding all the elements private JFrame jf; //frame for holding all the elements
@ -488,7 +487,8 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
*/ */
/** /**
* *
* @param mon The month to convert. Must be minimum 4 characters long "February" and "Febr" are acceptable. * @param mon The month to convert. Must be minimum 4 characters long
* "February" and "Febr" are acceptable.
* @return The integer value of the month. February = 1, July = 6 * @return The integer value of the month. February = 1, July = 6
*/ */
private static int monthStringToInt(String mon) { private static int monthStringToInt(String mon) {
@ -505,7 +505,9 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
/** /**
* Used for finding the proper month in a list of available months * Used for finding the proper month in a list of available months
* @param lst The list of months to search through. It is assumed that the desired match is in this list. *
* @param lst The list of months to search through. It is assumed that the
* desired match is in this list.
* @param match The month, in integer format, to retrieve. * @param match The month, in integer format, to retrieve.
* @return The month epoch as specified by match. * @return The month epoch as specified by match.
*/ */
@ -520,7 +522,9 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
/** /**
* Used for finding the proper year in a list of available years * Used for finding the proper year in a list of available years
* @param lst The list of years to search through. It is assumed that the desired match is in this list. *
* @param lst The list of years to search through. It is assumed that the
* desired match is in this list.
* @param match The year to retrieve. * @param match The year to retrieve.
* @return The year epoch as specified by match. * @return The year epoch as specified by match.
*/ */
@ -575,11 +579,9 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
jf.dispose(); jf.dispose();
// remove ourself as change listener on Case // remove ourself as change listener on Case
Case currcase = Case.getCurrentCase(); Case.removePropertyChangeListener(this);
if (currcase != null) {
currcase.removePropertyChangeListener(this);
listeningToAddImage = false; listeningToAddImage = false;
}
} }
/* /*
@ -587,6 +589,7 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
* All of those are Epochs. * All of those are Epochs.
*/ */
abstract class Epoch { abstract class Epoch {
abstract public int getNumFiles(); abstract public int getNumFiles();
} }
@ -743,15 +746,19 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
// The node factories used to make lists of files to send to the result viewer // The node factories used to make lists of files to send to the result viewer
private class FsContentNodeChildFactory extends ChildFactory<AbstractFile> { private class FsContentNodeChildFactory extends ChildFactory<AbstractFile> {
List<AbstractFile> l; List<AbstractFile> l;
FsContentNodeChildFactory(List<AbstractFile> l) { FsContentNodeChildFactory(List<AbstractFile> l) {
this.l = l; this.l = l;
} }
@Override @Override
protected boolean createKeys(List<AbstractFile> list) { protected boolean createKeys(List<AbstractFile> list) {
list.addAll(l); list.addAll(l);
return true; return true;
} }
@Override @Override
protected Node createNodeForKey(AbstractFile file) { protected Node createNodeForKey(AbstractFile file) {
Node wrapped; Node wrapped;
@ -765,15 +772,18 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
} }
private class FsContentRootNode extends DisplayableItemNode { private class FsContentRootNode extends DisplayableItemNode {
FsContentRootNode(String NAME, List<AbstractFile> l) { FsContentRootNode(String NAME, List<AbstractFile> l) {
super(Children.create(new FsContentNodeChildFactory(l), true)); super(Children.create(new FsContentNodeChildFactory(l), true));
super.setName(NAME); super.setName(NAME);
super.setDisplayName(NAME); super.setDisplayName(NAME);
} }
@Override @Override
public DisplayableItemNode.TYPE getDisplayableItemNodeType() { public DisplayableItemNode.TYPE getDisplayableItemNodeType() {
return DisplayableItemNode.TYPE.CONTENT; return DisplayableItemNode.TYPE.CONTENT;
} }
@Override @Override
public <T> T accept(DisplayableItemNodeVisitor<T> v) { public <T> T accept(DisplayableItemNodeVisitor<T> v) {
return null; return null;
@ -829,14 +839,20 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
return years; return years;
} }
/**
* Crate a body file and return its path or null if error
*
* @return absolute path string or null if error
*/
private String makeBodyFile() { private String makeBodyFile() {
// Setup timestamp // Setup timestamp
DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss"); DateFormat dateFormat = new SimpleDateFormat("MM-dd-yyyy-HH-mm-ss");
Date date = new Date(); Date date = new Date();
String datenotime = dateFormat.format(date); String datenotime = dateFormat.format(date);
Case currentCase = Case.getCurrentCase(); final Case currentCase = Case.getCurrentCase();
SleuthkitCase skCase = currentCase.getSleuthkitCase(); final SleuthkitCase skCase = currentCase.getSleuthkitCase();
// Get report path // Get report path
String bodyFilePath = moduleDir.getAbsolutePath() String bodyFilePath = moduleDir.getAbsolutePath()
+ java.io.File.separator + currentCase.getName() + "-" + datenotime + ".txt"; + java.io.File.separator + currentCase.getName() + "-" + datenotime + ".txt";
@ -845,34 +861,39 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
String filesAndDirs = "type = '" + TskData.TSK_DB_FILES_TYPE_ENUM.FS.getFileType() + "' " String filesAndDirs = "type = '" + TskData.TSK_DB_FILES_TYPE_ENUM.FS.getFileType() + "' "
+ "AND name != '.' " + "AND name != '.' "
+ "AND name != '..'"; + "AND name != '..'";
List<FsContent> fs = Collections.EMPTY_LIST; List<FsContent> fs = null;
try { try {
fs = skCase.findFilesWhere(filesAndDirs); fs = skCase.findFilesWhere(filesAndDirs);
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
Exceptions.printStackTrace(ex); logger.log(Level.SEVERE, "Error querying image files to make a body file: " + bodyFilePath, ex);
return null;
} }
// Loop files and write info to report // Loop files and write info to report
FileWriter fileWriter = null;
try {
fileWriter = new FileWriter(bodyFilePath, true);
} catch (IOException ex) {
logger.log(Level.SEVERE, "Error creating output stream to write body file to: " + bodyFilePath, ex);
return null;
}
BufferedWriter out = null; BufferedWriter out = null;
try { try {
out = new BufferedWriter(new FileWriter(bodyFilePath, true)); out = new BufferedWriter(fileWriter);
} catch (IOException ex) {
logger.log(Level.WARNING, "Could not create new BufferedWriter for body file.", ex);
}
for (FsContent file : fs) { for (FsContent file : fs) {
try { // try {
// MD5|name|inode|mode_as_string|ObjId|GID|size|atime|mtime|ctime|crtime // MD5|name|inode|mode_as_string|ObjId|GID|size|atime|mtime|ctime|crtime
//out = new BufferedWriter(new FileWriter(bodyFilePath, true));
if (file.getMd5Hash() != null) { if (file.getMd5Hash() != null) {
out.write(file.getMd5Hash()); out.write(file.getMd5Hash());
} }
out.write("|"); out.write("|");
String path = ""; String path = null;
try { try {
path = file.getUniquePath(); path = file.getUniquePath();
} catch (TskCoreException e) { } catch (TskCoreException e) {
logger.log(Level.WARNING, "Failed to get the unique path.", e); logger.log(Level.SEVERE, "Failed to get the unique path of: " + file + " and writing body file.", e);
return null;
} }
out.write(path); out.write(path);
@ -899,18 +920,21 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
out.write("|"); out.write("|");
out.write(Long.toString(file.getCrtime())); out.write(Long.toString(file.getCrtime()));
out.write("\n"); out.write("\n");
}
} catch (IOException ex) { } catch (IOException ex) {
logger.log(Level.WARNING, "Probelm while trying to write data to the body file.", ex); logger.log(Level.WARNING, "Error while trying to write data to the body file.", ex);
break; return null;
} } finally {
} if (out != null) {
try { try {
out.flush(); out.flush();
out.close(); out.close();
} catch (IOException ex1) { } catch (IOException ex1) {
logger.log(Level.WARNING, "Could not flush and/or close body file.", ex1); logger.log(Level.WARNING, "Could not flush and/or close body file.", ex1);
} }
}
}
return bodyFilePath; return bodyFilePath;
} }
@ -952,8 +976,10 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
return; return;
} }
final Case currentCase = Case.getCurrentCase();
try { try {
if (Case.getCurrentCase().getImages().isEmpty()) { if (currentCase.getImages().isEmpty()) {
logger.log(Level.INFO, "Error creating timeline, there are no images to parse"); logger.log(Level.INFO, "Error creating timeline, there are no images to parse");
} else { } else {
@ -978,9 +1004,8 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
Platform.setImplicitExit(false); Platform.setImplicitExit(false);
// listen for case changes (specifically images being added). // listen for case changes (specifically images being added).
Case currcase = Case.getCurrentCase(); if (Case.isCaseOpen() && !listeningToAddImage) {
if (currcase != null && !listeningToAddImage) { Case.addPropertyChangeListener(this);
currcase.addPropertyChangeListener(this);
listeningToAddImage = true; listeningToAddImage = true;
} }
@ -994,11 +1019,11 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
}); });
// initialize mactimeFileName // initialize mactimeFileName
mactimeFileName = Case.getCurrentCase().getName() + "-MACTIME.txt"; mactimeFileName = currentCase.getName() + "-MACTIME.txt";
// see if data has been added to the database since the last // see if data has been added to the database since the last
// time timeline ran // time timeline ran
long objId = Case.getCurrentCase().getSleuthkitCase().getLastObjectId(); long objId = currentCase.getSleuthkitCase().getLastObjectId();
if (objId != lastObjectId && lastObjectId != -1) { if (objId != lastObjectId && lastObjectId != -1) {
clearMactimeData(); clearMactimeData();
} }
@ -1008,7 +1033,9 @@ public class Simile2 extends CallableSystemAction implements Presenter.Toolbar,
customize(); customize();
} }
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
Exceptions.printStackTrace(ex); logger.log(Level.SEVERE, "Error when generating timeline, ", ex);
} catch (Exception ex) {
logger.log(Level.SEVERE, "Unexpected error when generating timeline, ", ex);
} }
} }