mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-19 11:07:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

One more module

Browse Source
This commit is contained in:
Eugene Livis 2015-11-09 14:40:45 -05:00
parent ed9ce9ecb1
commit dd2c9e740d
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Core/src/org/sleuthkit/autopsy/modules/filetypeid/FileTypeDetector.java
View File

@ -20,11 +20,16 @@ package org.sleuthkit.autopsy.modules.filetypeid;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.SortedSet; import java.util.SortedSet;
import java.util.logging.Level;
import org.apache.tika.Tika; import org.apache.tika.Tika;
import org.apache.tika.mime.MediaType; import org.apache.tika.mime.MediaType;
import org.apache.tika.mime.MimeTypes; import org.apache.tika.mime.MimeTypes;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.casemodule.services.Blackboard;
import org.sleuthkit.autopsy.coreutils.Logger;
import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
import org.sleuthkit.datamodel.AbstractFile; import org.sleuthkit.datamodel.AbstractFile;
import org.sleuthkit.datamodel.BlackboardArtifact; import org.sleuthkit.datamodel.BlackboardArtifact;
import org.sleuthkit.datamodel.BlackboardAttribute; import org.sleuthkit.datamodel.BlackboardAttribute;
@ -40,6 +45,8 @@ public class FileTypeDetector {
private static final int BUFFER_SIZE = 64 * 1024; private static final int BUFFER_SIZE = 64 * 1024;
private final byte buffer[] = new byte[BUFFER_SIZE]; private final byte buffer[] = new byte[BUFFER_SIZE];
private final List<FileType> userDefinedFileTypes; private final List<FileType> userDefinedFileTypes;
private static Blackboard blackboard;
private static final Logger logger = Logger.getLogger(FileTypeDetector.class.getName());
/** /**
* Constructs an object that detects the type of a file by an inspection of * Constructs an object that detects the type of a file by an inspection of
@ -167,6 +174,7 @@ public class FileTypeDetector {
* @throws TskCoreException * @throws TskCoreException
*/ */
public String detect(AbstractFile file) throws TskCoreException { public String detect(AbstractFile file) throws TskCoreException {
blackboard = Case.getCurrentCase().getServices().getBlackboard();
// consistently mark non-regular files (refer TskData.TSK_FS_META_TYPE_ENUM), // consistently mark non-regular files (refer TskData.TSK_FS_META_TYPE_ENUM),
// 0 sized files, unallocated, and unused blocks (refer TskData.TSK_DB_FILES_TYPE_ENUM) // 0 sized files, unallocated, and unused blocks (refer TskData.TSK_DB_FILES_TYPE_ENUM)
// as octet-stream. // as octet-stream.
@ -236,6 +244,15 @@ public class FileTypeDetector {
*/ */
BlackboardAttribute ruleNameAttribute = new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_CATEGORY.getTypeID(), FileTypeIdModuleFactory.getModuleName(), fileType.getMimeType()); BlackboardAttribute ruleNameAttribute = new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_CATEGORY.getTypeID(), FileTypeIdModuleFactory.getModuleName(), fileType.getMimeType());
artifact.addAttribute(ruleNameAttribute); artifact.addAttribute(ruleNameAttribute);
try {
// index the artifact for keyword search
blackboard.indexArtifact(artifact);
} catch (Blackboard.BlackboardException ex) {
logger.log(Level.SEVERE, NbBundle.getMessage(Blackboard.class, "Blackboard.unableToIndexArtifact.error.msg", artifact.getDisplayName()), ex); //NON-NLS
MessageNotifyUtil.Notify.error(
NbBundle.getMessage(Blackboard.class, "Blackboard.unableToIndexArtifact.exception.msg"), artifact.getDisplayName());
}
} }
return fileType.getMimeType(); return fileType.getMimeType();
} }