diff --git a/0001-lib-Add-attribute-packed-on-inner-struct.patch b/0001-lib-Add-attribute-packed-on-inner-struct.patch new file mode 100644 index 0000000..460d887 --- /dev/null +++ b/0001-lib-Add-attribute-packed-on-inner-struct.patch @@ -0,0 +1,27 @@ +From 90ad0ca20e3dfddeb5e78008eb1909a27c581e8e Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 10 Sep 2013 18:10:08 +0100 +Subject: [PATCH] lib: Add attribute((packed)) on inner struct. + +Apparently this attribute is not "inherited" from the outer struct to +the inner struct. +--- + lib/hivex-internal.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/hivex-internal.h b/lib/hivex-internal.h +index 1d1083a..66ab65a 100644 +--- a/lib/hivex-internal.h ++++ b/lib/hivex-internal.h +@@ -155,7 +155,7 @@ struct ntreg_lf_record { + struct { + uint32_t offset; /* offset of nk-record for this subkey */ + char hash[4]; /* hash of subkey name */ +- } keys[1]; ++ } __attribute__((__packed__)) keys[1]; + } __attribute__((__packed__)); + + struct ntreg_ri_record { +-- +1.8.3.1 + diff --git a/0001-lib-write-Add-some-debugging-messages.patch b/0001-lib-write-Add-some-debugging-messages.patch new file mode 100644 index 0000000..f00130a --- /dev/null +++ b/0001-lib-write-Add-some-debugging-messages.patch @@ -0,0 +1,38 @@ +From 72548197b17bf1027fe8578fdacdb09e0c7bfd4d Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 10 Sep 2013 14:16:54 +0100 +Subject: [PATCH] lib/write: Add some debugging messages. + +--- + lib/write.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/lib/write.c b/lib/write.c +index c4a8ddb..8515350 100644 +--- a/lib/write.c ++++ b/lib/write.c +@@ -559,8 +559,11 @@ insert_subkey (hive_h *h, const char *name, + * indirectly from some ri-record in blocks[]. Since we can update + * either of these in-place, we don't need to do this recursively. + */ +- if (le32toh (parent_nk->subkey_lf) + 0x1000 == old_offs) ++ if (le32toh (parent_nk->subkey_lf) + 0x1000 == old_offs) { ++ DEBUG (2, "replacing parent_nk->subkey_lf 0x%zx -> 0x%zx", ++ old_offs, new_offs); + parent_nk->subkey_lf = htole32 (new_offs - 0x1000); ++ } + else { + for (i = 0; blocks[i] != 0; ++i) { + if (BLOCK_ID_EQ (h, blocks[i], "ri")) { +@@ -568,6 +571,8 @@ insert_subkey (hive_h *h, const char *name, + (struct ntreg_ri_record *) ((char *) h->addr + blocks[i]); + for (j = 0; j < le16toh (ri->nr_offsets); ++j) + if (le32toh (ri->offset[j] + 0x1000) == old_offs) { ++ DEBUG (2, "replacing ri (0x%zx) ->offset[%zu] 0x%zx -> 0x%zx", ++ blocks[i], j, old_offs, new_offs); + ri->offset[j] = htole32 (new_offs - 0x1000); + goto found_it; + } +-- +1.8.3.1 + diff --git a/0001-ppc-Fix-endianness-bug-which-caused-node_add_child-t.patch b/0001-ppc-Fix-endianness-bug-which-caused-node_add_child-t.patch new file mode 100644 index 0000000..700eae7 --- /dev/null +++ b/0001-ppc-Fix-endianness-bug-which-caused-node_add_child-t.patch @@ -0,0 +1,42 @@ +From 30c130df972756d651b33a2e0adf8f35052843c6 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 10 Sep 2013 19:05:15 +0100 +Subject: [PATCH] ppc: Fix endianness bug which caused node_add_child to fail. + +Code used: + + le32toh (reg_field + 0x1000) + +instead of the correct version: + + le32toh (reg_field) + 0x1000 + +The first incorrect form adds 0x1000 to the possibly byte-swapped +registry field, corrupting it. + +I used the following command to look for problems in the remaining +code but did not find any: + + git grep -P 'le\d+toh\s*\([^)]*\+' + +NOTE that 'htole32 (reg_field - 0x1000)' is correct. +--- + lib/write.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/write.c b/lib/write.c +index 8515350..bc2251c 100644 +--- a/lib/write.c ++++ b/lib/write.c +@@ -570,7 +570,7 @@ insert_subkey (hive_h *h, const char *name, + struct ntreg_ri_record *ri = + (struct ntreg_ri_record *) ((char *) h->addr + blocks[i]); + for (j = 0; j < le16toh (ri->nr_offsets); ++j) +- if (le32toh (ri->offset[j] + 0x1000) == old_offs) { ++ if (le32toh (ri->offset[j]) + 0x1000 == old_offs) { + DEBUG (2, "replacing ri (0x%zx) ->offset[%zu] 0x%zx -> 0x%zx", + blocks[i], j, old_offs, new_offs); + ri->offset[j] = htole32 (new_offs - 0x1000); +-- +1.8.3.1 + diff --git a/0001-ppc-iconv-Source-is-UTF-16LE-not-just-UTF-16.patch b/0001-ppc-iconv-Source-is-UTF-16LE-not-just-UTF-16.patch new file mode 100644 index 0000000..c94aebe --- /dev/null +++ b/0001-ppc-iconv-Source-is-UTF-16LE-not-just-UTF-16.patch @@ -0,0 +1,26 @@ +From 8e31fd84cb1c7edcd897ddaaea407774de459b2e Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 10 Sep 2013 17:25:30 +0100 +Subject: [PATCH] ppc: iconv: Source is UTF-16LE not just UTF-16. + +On big endian architectures like PowerPC, "UTF-16" means "UTF-16BE"! +--- + lib/utf16.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/utf16.c b/lib/utf16.c +index 4115d30..d0f2e45 100644 +--- a/lib/utf16.c ++++ b/lib/utf16.c +@@ -32,7 +32,7 @@ + char * + _hivex_windows_utf16_to_utf8 (/* const */ char *input, size_t len) + { +- iconv_t ic = iconv_open ("UTF-8", "UTF-16"); ++ iconv_t ic = iconv_open ("UTF-8", "UTF-16LE"); + if (ic == (iconv_t) -1) + return NULL; + +-- +1.8.3.1 + diff --git a/hivex.spec b/hivex.spec index 3ec3222..92837ca 100644 --- a/hivex.spec +++ b/hivex.spec @@ -7,7 +7,7 @@ Name: hivex Version: 1.3.8 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Read and write Windows Registry binary hive files License: LGPLv2 @@ -22,6 +22,12 @@ Patch0: %{name}-1.3.8-dirs.patch Patch2: ruby-vendor-not-site.patch BuildRequires: autoconf, automake, libtool, gettext-devel +# Various ppc64 bug fixes (all upstream after 1.3.8): +Patch3: 0001-lib-Add-attribute-packed-on-inner-struct.patch +Patch4: 0001-lib-write-Add-some-debugging-messages.patch +Patch5: 0001-ppc-Fix-endianness-bug-which-caused-node_add_child-t.patch +Patch6: 0001-ppc-iconv-Source-is-UTF-16LE-not-just-UTF-16.patch + BuildRequires: perl BuildRequires: perl-Test-Simple BuildRequires: perl-Test-Pod @@ -161,6 +167,10 @@ ruby-%{name} contains Ruby bindings for %{name}. %patch0 -p1 -b .dirs %patch2 -p1 -b .rubyvendor +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 autoreconf -i @@ -269,6 +279,9 @@ rm $RPM_BUILD_ROOT%{python_sitearch}/libhivexmod.la %changelog +* Tue Sep 10 2013 Richard W.M. Jones - 1.3.8-3 +- Include various upstream patches to fix endianness problems on ppc64. + * Sun Sep 8 2013 Richard W.M. Jones - 1.3.8-2 - Bump and rebuild, since ARM package still appears to depend on Perl 5.16.