From 318fa6e4884b679db1369925ac5eea743efce6f7 Mon Sep 17 00:00:00 2001
From: mhmdfy <mhmdfy@gmail.com>
Date: Mon, 14 Sep 2015 12:20:01 -0400
Subject: [PATCH 1/3] add getTotalJobs back to startUp() for more insurance

---
 .../autopsy/modules/hashdatabase/HashDbIngestModule.java       | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbIngestModule.java
index a6b440de33..2416001856 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbIngestModule.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/hashdatabase/HashDbIngestModule.java
@@ -87,6 +87,9 @@ public class HashDbIngestModule implements FileIngestModule {
         updateEnabledHashSets(hashDbManager.getKnownFileHashSets(), knownHashSets);
 
         if (refCounter.incrementAndGet(jobId) == 1) {
+            // initialize job totals
+            getTotalsForIngestJobs(jobId);
+
             // if first module for this job then post error msgs if needed
             
             if (knownBadHashSets.isEmpty()) {

From 8bc876a390f42c76166e4ed63a540a7922e0586b Mon Sep 17 00:00:00 2001
From: momo <mhmdfy@gmail.com>
Date: Wed, 16 Sep 2015 16:45:30 -0400
Subject: [PATCH 2/3] Making sure to read all data and not skipping decimals

---
 .../e01verify/E01VerifyIngestModule.java      | 23 ++++++++++++-------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java
index d0a813b61b..6c43ac7cf4 100755
--- a/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java
@@ -23,6 +23,7 @@ import java.security.NoSuchAlgorithmException;
 import java.util.logging.Level;
 import javax.xml.bind.DatatypeConverter;
 import org.openide.util.NbBundle;
+import org.python.bouncycastle.util.Arrays;
 import org.sleuthkit.autopsy.coreutils.Logger;
 import org.sleuthkit.autopsy.ingest.DataSourceIngestModule;
 import org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress;
@@ -48,7 +49,6 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
 
     private MessageDigest messageDigest;
     private boolean verified = false;
-    private boolean skipped = false;
     private String calculatedHash = "";
     private String storedHash = "";
     private IngestJobContext context;
@@ -75,8 +75,10 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
     @Override
     public ProcessResult process(Content dataSource, DataSourceIngestModuleProgress statusHelper) {
         String imgName = dataSource.getName();
+        
+        // Skip non-images
         if (!(dataSource instanceof Image)) {
-            logger.log(Level.INFO, "Skipping disk image image {0}", imgName); //NON-NLS
+            logger.log(Level.INFO, "Skipping non-image {0}", imgName); //NON-NLS
             services.postMessage(IngestMessage.createMessage(MessageType.INFO, E01VerifierModuleFactory.getModuleName(),
                     NbBundle.getMessage(this.getClass(),
                             "EwfVerifyIngestModule.process.skipNonEwf",
@@ -95,16 +97,17 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
             return ProcessResult.OK;
         }
 
-        if ((img.getMd5() != null) && !img.getMd5().isEmpty()) {
-            storedHash = img.getMd5().toLowerCase();
-            logger.log(Level.INFO, "Hash value stored in {0}: {1}", new Object[]{imgName, storedHash}); //NON-NLS
-        } else {
+        // Report an error for null or empty MD5
+        if ((img.getMd5() == null) || img.getMd5().isEmpty()) {
             services.postMessage(IngestMessage.createMessage(MessageType.ERROR, E01VerifierModuleFactory.getModuleName(),
                     NbBundle.getMessage(this.getClass(),
                             "EwfVerifyIngestModule.process.noStoredHash",
                             imgName)));
             return ProcessResult.ERROR;
         }
+        
+        storedHash = img.getMd5().toLowerCase();
+        logger.log(Level.INFO, "Hash value stored in {0}: {1}", new Object[]{imgName, storedHash}); //NON-NLS
 
         logger.log(Level.INFO, "Starting hash verification of {0}", img.getName()); //NON-NLS
         services.postMessage(IngestMessage.createMessage(MessageType.INFO, E01VerifierModuleFactory.getModuleName(),
@@ -126,7 +129,8 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
         long chunkSize = 64 * img.getSsize();
         chunkSize = (chunkSize == 0) ? DEFAULT_CHUNK_SIZE : chunkSize;
 
-        int totalChunks = (int) Math.ceil(size / chunkSize);
+        // Casting to double to capture decimals
+        int totalChunks = (int) Math.ceil((double)size / (double)chunkSize);
         logger.log(Level.INFO, "Total chunks = {0}", totalChunks); //NON-NLS
         int read;
 
@@ -148,7 +152,10 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
                 logger.log(Level.SEVERE, msg, ex);
                 return ProcessResult.ERROR;
             }
-            messageDigest.update(data);
+            
+            // Only update with the read bytes.
+            byte[] subData = Arrays.copyOfRange(data, 0, read);
+            messageDigest.update(subData);
             statusHelper.progress(i);
         }
 

From ba7c0d6958d9e47470222d1f0756b245d4cea951 Mon Sep 17 00:00:00 2001
From: momo <mhmdfy@gmail.com>
Date: Thu, 17 Sep 2015 10:29:14 -0400
Subject: [PATCH 3/3] optimizing bytes list

---
 .../modules/e01verify/E01VerifyIngestModule.java      | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java
index 6c43ac7cf4..c4b1df80b2 100755
--- a/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/e01verify/E01VerifyIngestModule.java
@@ -134,7 +134,7 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
         logger.log(Level.INFO, "Total chunks = {0}", totalChunks); //NON-NLS
         int read;
 
-        byte[] data;
+        byte[] data = new byte[(int) chunkSize];
         statusHelper.switchToDeterminate(totalChunks);
 
         // Read in byte size chunks and update the hash value with the data.
@@ -142,7 +142,6 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
             if (context.dataSourceIngestIsCancelled()) {
                 return ProcessResult.OK;
             }
-            data = new byte[(int) chunkSize];
             try {
                 read = img.read(data, i * chunkSize, chunkSize);
             } catch (TskCoreException ex) {
@@ -154,8 +153,12 @@ public class E01VerifyIngestModule implements DataSourceIngestModule {
             }
             
             // Only update with the read bytes.
-            byte[] subData = Arrays.copyOfRange(data, 0, read);
-            messageDigest.update(subData);
+            if(read == chunkSize) {
+                messageDigest.update(data);
+            } else {
+                byte[] subData = Arrays.copyOfRange(data, 0, read);
+                messageDigest.update(subData);
+            }
             statusHelper.progress(i);
         }