virt-win-reg: Add --unsafe-printable-strings option.

This also requires hivex >= 1.2.7.
2026-03-21 22:53:37 +00:00 · 2011-05-17 11:28:00 +01:00
parent 977b61c525
commit 9116f0eb01
2 changed files with 46 additions and 2 deletions
--- a/2
+++ b/2
@@ -42,7 +42,7 @@ Requirements

 - genisoimage (NOT mkisofs any more)

- hivex >= 1.2.1 (http://libguestfs.org/download)
+- hivex >= 1.2.7 (http://libguestfs.org/download)

 - (Optional) Berkeley DB 'db_dump' and 'db_load' utilities
  (db4-utils or db4.X-util or similar)
--- a/tools/virt-win-reg
+++ b/tools/virt-win-reg
@@ -177,6 +177,47 @@ L<Win::Hivex::Regedit(3)/ENCODING STRINGS>.
 The default is to use UTF-16LE, which should work with recent versions
 of Windows.

+=cut
+
+my $unsafe_printable_strings;
+
+=item B<--unsafe-printable-strings>
+
+When exporting (only), assume strings are UTF-16LE and print them as
+strings instead of hex sequences.  Remove the final zero codepoint
+from strings if present.
+
+This is unsafe and does not preserve the fidelity of strings in the
+original Registry for various reasons:
+
+=over 4
+
+=item *
+
+Assumes the original encoding is UTF-16LE.  ASCII strings and strings
+in other encodings will be corrupted by this transformation.
+
+=item *
+
+Assumes that everything which has type 1 or 2 is really a string
+and that everything else is not a string, but the type field in
+real Registries is not reliable.
+
+=item *
+
+Loses information about whether a zero codepoint followed the string
+in the Registry or not.
+
+=back
+
+This all happens because the Registry itself contains no information
+about how strings are encoded (see
+L<Win::Hivex::Regedit(3)/ENCODING STRINGS>).
+
+You should only use this option for quick hacking and debugging of the
+Registry contents, and I<never> use it if the output is going to be
+passed into another program or stored in another Registry.
+
 =back

 =cut
@@ -188,6 +229,7 @@ GetOptions ("help|?" => \$help,
            "format=s" => \$format,
            "merge" => \$merge,
            "encoding=s" => \$encoding,
+            "unsafe-printable-strings" => \$unsafe_printable_strings,
    ) or pod2usage (2);
 pod2usage (1) if $help;
 if ($version) {
@@ -256,7 +298,9 @@ if (!$merge) {                  # Export mode.
    unless ($name) {
        # Export it.
        warn "exporting $path from $hivename with prefix $prefix ..." if $debug;
-        reg_export ($h, $path, \*STDOUT, prefix => $prefix);
+        reg_export ($h, $path, \*STDOUT,
+                    prefix => $prefix,
+                    unsafe_printable_strings => $unsafe_printable_strings);
    } else {
        # Export a single key using hivexget.
        my @args = ("hivexget", "$tmpdir/$hivename", $path, $name);