mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-12 07:56:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixing official set hash db info issue

Browse Source
This commit is contained in:
Greg DiCristofaro 2020-07-20 10:07:06 -04:00
parent db192c53c5
commit d37aa7b2e7
2 changed files with 119 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbManager.java
View File

@ -520,8 +520,7 @@ public class HashDbManager implements PropertyChangeListener {
// sendIngestMessages: true if the hash set is notable
boolean sendIngestMessages = KnownFilesType.fromFileKnown(globalSet.getFileKnownStatus()).equals(HashDb.KnownFilesType.KNOWN_BAD);
crHashSets.add(new HashDbInfo(globalSet.getSetName(), globalSet.getVersion(),
globalSet.getGlobalSetID(), KnownFilesType.fromFileKnown(globalSet.getFileKnownStatus()),
globalSet.isReadOnly(), false, sendIngestMessages, false));
globalSet.getGlobalSetID(), KnownFilesType.fromFileKnown(globalSet.getFileKnownStatus()), globalSet.isReadOnly(), false, sendIngestMessages));
}
} catch (CentralRepoException ex) {
Logger.getLogger(HashDbManager.class.getName()).log(Level.SEVERE, "Error loading central repository hash sets", ex); //NON-NLS
@ -612,7 +611,7 @@ public class HashDbManager implements PropertyChangeListener {
}
String filename = file.getName();
Matcher match = OFFICIAL_FILENAME.matcher(filename);
if (match == null) {
if (!match.find()) {
throw new HashDbManagerException(String.format("File with name: %s does not match regex of: %s", filename, OFFICIAL_FILENAME.toString()));
}
@ -626,13 +625,12 @@ public class HashDbManager implements PropertyChangeListener {
return new HashDbInfo(
hashdbName,
"", // version
-1, //reference set id
knownFilesType,
true, // readonly
false, //searchDuringIngest,
false, //searchDuringIngest
false, //sendIngestMessages
true); // isOfficialSet
file.getAbsolutePath(),
true, // read only
true); // official set
}
/**

121
Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashLookupSettings.java
View File

@ -78,12 +78,12 @@ final class HashLookupSettings implements Serializable {
this.hashDbInfoList = hashDbInfoList;
}
static List<HashDbInfo> convertHashSetList(List<HashDbManager.HashDb> hashSets) throws HashLookupSettingsException{
static List<HashDbInfo> convertHashSetList(List<HashDbManager.HashDb> hashSets) throws HashLookupSettingsException {
List<HashDbInfo> dbInfoList = new ArrayList<>();
for(HashDbManager.HashDb db:hashSets){
try{
for (HashDbManager.HashDb db : hashSets) {
try {
dbInfoList.add(new HashDbInfo(db));
} catch (TskCoreException ex){
} catch (TskCoreException ex) {
logger.log(Level.SEVERE, "Could not load hash set settings for {0}", db.getHashSetName());
}
}
@ -130,10 +130,12 @@ final class HashLookupSettings implements Serializable {
try (NbObjectInputStream in = new NbObjectInputStream(new FileInputStream(SERIALIZATION_FILE_PATH))) {
HashLookupSettings filesSetsSettings = (HashLookupSettings) in.readObject();
/* NOTE: to support JIRA-4177, we need to check if any of the hash
database paths are in Windows user directory. If so, we replace the path
with USER_DIR_PLACEHOLDER before saving to disk. When reading from disk,
USER_DIR_PLACEHOLDER needs to be replaced with current user directory path.
/*
* NOTE: to support JIRA-4177, we need to check if any of the
* hash database paths are in Windows user directory. If so, we
* replace the path with USER_DIR_PLACEHOLDER before saving to
* disk. When reading from disk, USER_DIR_PLACEHOLDER needs to
* be replaced with current user directory path.
*/
convertPlaceholderToPath(filesSetsSettings);
return filesSetsSettings;
@ -292,10 +294,11 @@ final class HashLookupSettings implements Serializable {
*/
static boolean writeSettings(HashLookupSettings settings) {
/* NOTE: to support JIRA-4177, we need to check if any of the hash
database paths are in Windows user directory. If so, replace the path
with USER_DIR_PLACEHOLDER so that when it is read, it gets updated to be
the current user directory path.
/*
* NOTE: to support JIRA-4177, we need to check if any of the hash
* database paths are in Windows user directory. If so, replace the path
* with USER_DIR_PLACEHOLDER so that when it is read, it gets updated to
* be the current user directory path.
*/
convertPathToPlaceholder(settings);
try (NbObjectOutputStream out = new NbObjectOutputStream(new FileOutputStream(SERIALIZATION_FILE_PATH))) {
@ -310,9 +313,9 @@ final class HashLookupSettings implements Serializable {
}
/**
* For file type hash sets, check if hash set paths needs to be modified
* per JIRA-4177. If the file path is in current Windows user directory,
* replace the path with USER_DIR_PLACEHOLDER.
* For file type hash sets, check if hash set paths needs to be modified per
* JIRA-4177. If the file path is in current Windows user directory, replace
* the path with USER_DIR_PLACEHOLDER.
*
* @param settings HashLookupSettings settings object to examiner and modify
*/
@ -349,7 +352,6 @@ final class HashLookupSettings implements Serializable {
}
}
/**
* Represents the serializable information within a hash lookup in order to
* be written to disk. Used to hand off information when loading and saving
@ -357,7 +359,7 @@ final class HashLookupSettings implements Serializable {
*/
static final class HashDbInfo implements Serializable {
enum DatabaseType{
enum DatabaseType {
FILE,
CENTRAL_REPOSITORY
};
@ -385,6 +387,25 @@ final class HashLookupSettings implements Serializable {
* @param path The path to the db
*/
HashDbInfo(String hashSetName, HashDbManager.HashDb.KnownFilesType knownFilesType, boolean searchDuringIngest, boolean sendIngestMessages, String path) {
this(hashSetName, knownFilesType, searchDuringIngest, sendIngestMessages, path, false, false);
}
/**
* Constructs a HashDbInfo object for files type
*
* @param hashSetName The name of the hash set
* @param knownFilesType The known files type
* @param searchDuringIngest Whether or not the db is searched during
* ingest
* @param sendIngestMessages Whether or not ingest messages are sent
* @param path The path to the db
* @param readOnly Whether or not the hash set should be
* readOnly
* @param officialSet Whether or not the hash set is a Standard
* Official Hash Set.
*/
HashDbInfo(String hashSetName, HashDbManager.HashDb.KnownFilesType knownFilesType, boolean searchDuringIngest,
boolean sendIngestMessages, String path, boolean readOnly, boolean officialSet) {
this.hashSetName = hashSetName;
this.knownFilesType = knownFilesType;
this.searchDuringIngest = searchDuringIngest;
@ -392,12 +413,12 @@ final class HashLookupSettings implements Serializable {
this.path = path;
this.referenceSetID = -1;
this.version = "";
this.readOnly = false;
this.readOnly = readOnly;
this.dbType = DatabaseType.FILE;
this.officialSet = false;
this.officialSet = officialSet;
}
HashDbInfo(String hashSetName, String version, int referenceSetID, HashDbManager.HashDb.KnownFilesType knownFilesType, boolean readOnly, boolean searchDuringIngest, boolean sendIngestMessages, boolean officialSet){
HashDbInfo(String hashSetName, String version, int referenceSetID, HashDbManager.HashDb.KnownFilesType knownFilesType, boolean readOnly, boolean searchDuringIngest, boolean sendIngestMessages) {
this.hashSetName = hashSetName;
this.version = version;
this.referenceSetID = referenceSetID;
@ -407,12 +428,12 @@ final class HashLookupSettings implements Serializable {
this.sendIngestMessages = sendIngestMessages;
this.path = "";
dbType = DatabaseType.CENTRAL_REPOSITORY;
this.officialSet = officialSet;
this.officialSet = false;
}
HashDbInfo(HashDbManager.HashDb db) throws TskCoreException{
if(db instanceof HashDbManager.SleuthkitHashSet){
HashDbManager.SleuthkitHashSet fileTypeDb = (HashDbManager.SleuthkitHashSet)db;
HashDbInfo(HashDbManager.HashDb db) throws TskCoreException {
if (db instanceof HashDbManager.SleuthkitHashSet) {
HashDbManager.SleuthkitHashSet fileTypeDb = (HashDbManager.SleuthkitHashSet) db;
this.hashSetName = fileTypeDb.getHashSetName();
this.knownFilesType = fileTypeDb.getKnownFilesType();
this.searchDuringIngest = fileTypeDb.getSearchDuringIngest();
@ -428,11 +449,11 @@ final class HashLookupSettings implements Serializable {
}
this.officialSet = ((HashDbManager.SleuthkitHashSet) db).isOfficialSet();
} else {
HashDbManager.CentralRepoHashSet centralRepoDb = (HashDbManager.CentralRepoHashSet)db;
HashDbManager.CentralRepoHashSet centralRepoDb = (HashDbManager.CentralRepoHashSet) db;
this.hashSetName = centralRepoDb.getHashSetName();
this.version = centralRepoDb.getVersion();
this.knownFilesType = centralRepoDb.getKnownFilesType();
this.readOnly = ! centralRepoDb.isUpdateable();
this.readOnly = !centralRepoDb.isUpdateable();
this.searchDuringIngest = centralRepoDb.getSearchDuringIngest();
this.sendIngestMessages = centralRepoDb.getSendIngestMessages();
this.path = "";
@ -451,8 +472,6 @@ final class HashLookupSettings implements Serializable {
return officialSet;
}
/**
* Gets the hash set name.
*
@ -464,17 +483,19 @@ final class HashLookupSettings implements Serializable {
/**
* Get the version for the hash set
*
* @return version
*/
String getVersion(){
String getVersion() {
return version;
}
/**
* Get whether the hash set is read only (only applies to central repo)
*
* @return readOnly
*/
boolean isReadOnly(){
boolean isReadOnly() {
return readOnly;
}
@ -524,53 +545,55 @@ final class HashLookupSettings implements Serializable {
/**
* Sets the path.
*
* @param path the path to set
*/
public void setPath(String path) {
this.path = path;
}
int getReferenceSetID(){
int getReferenceSetID() {
return referenceSetID;
}
/**
* Returns whether the database is a normal file type.
*
* @return true if database is type FILE
*/
boolean isFileDatabaseType(){
boolean isFileDatabaseType() {
return dbType == DatabaseType.FILE;
}
boolean isCentralRepoDatabaseType(){
boolean isCentralRepoDatabaseType() {
return dbType == DatabaseType.CENTRAL_REPOSITORY;
}
boolean matches(HashDb hashDb){
if(hashDb == null){
boolean matches(HashDb hashDb) {
if (hashDb == null) {
return false;
}
if( ! this.knownFilesType.equals(hashDb.getKnownFilesType())){
if (!this.knownFilesType.equals(hashDb.getKnownFilesType())) {
return false;
}
if((this.dbType == DatabaseType.CENTRAL_REPOSITORY) && (! (hashDb instanceof CentralRepoHashSet))
|| (this.dbType == DatabaseType.FILE) && (! (hashDb instanceof SleuthkitHashSet))){
if ((this.dbType == DatabaseType.CENTRAL_REPOSITORY) && (!(hashDb instanceof CentralRepoHashSet))
|| (this.dbType == DatabaseType.FILE) && (!(hashDb instanceof SleuthkitHashSet))) {
return false;
}
if( ! this.hashSetName.equals(hashDb.getHashSetName())){
if (!this.hashSetName.equals(hashDb.getHashSetName())) {
return false;
}
if(hashDb instanceof CentralRepoHashSet){
if (hashDb instanceof CentralRepoHashSet) {
CentralRepoHashSet crDb = (CentralRepoHashSet) hashDb;
if(this.referenceSetID != crDb.getReferenceSetID()){
if (this.referenceSetID != crDb.getReferenceSetID()) {
return false;
}
if(! version.equals(crDb.getVersion())){
if (!version.equals(crDb.getVersion())) {
return false;
}
}
@ -590,11 +613,11 @@ final class HashLookupSettings implements Serializable {
final HashDbInfo other = (HashDbInfo) obj;
if(! this.dbType.equals(other.dbType)){
if (!this.dbType.equals(other.dbType)) {
return false;
}
if(this.dbType.equals(DatabaseType.FILE)){
if (this.dbType.equals(DatabaseType.FILE)) {
// For files, we expect the name and known type to match
return (this.hashSetName.equals(other.hashSetName)
&& this.knownFilesType.equals(other.knownFilesType));
@ -612,7 +635,7 @@ final class HashLookupSettings implements Serializable {
hash = 89 * hash + Objects.hashCode(this.hashSetName);
hash = 89 * hash + Objects.hashCode(this.knownFilesType);
hash = 89 * hash + Objects.hashCode(this.dbType);
if(this.dbType.equals(DatabaseType.CENTRAL_REPOSITORY)){
if (this.dbType.equals(DatabaseType.CENTRAL_REPOSITORY)) {
hash = 89 * hash + this.referenceSetID;
}
@ -620,9 +643,11 @@ final class HashLookupSettings implements Serializable {
}
/**
* This overrides the default deserialization code so we can
* properly set the dbType enum given an old settings file.
* This overrides the default deserialization code so we can properly
* set the dbType enum given an old settings file.
*
* @param stream
*
* @throws IOException
* @throws ClassNotFoundException
*/
@ -630,7 +655,7 @@ final class HashLookupSettings implements Serializable {
throws IOException, ClassNotFoundException {
stream.defaultReadObject();
if(dbType == null){
if (dbType == null) {
dbType = DatabaseType.FILE;
}
}