Prepare configurable registry path

2026-01-19 03:33:56 +00:00 · 2024-11-03 15:57:52 +01:00
parent e32624ba1f
commit 0a81280796
7 changed files with 39 additions and 27 deletions
--- a/src/windows-emulator/process_context.hpp
+++ b/src/windows-emulator/process_context.hpp
@@ -363,7 +363,7 @@ struct process_context
 	{
 	}

-	registry_manager registry{R"(C:\Users\mauri\Desktop\windows\win-x64\registry)"}; // TODO: Fix
+	registry_manager registry{};

 	uint64_t executed_instructions{0};
 	uint64_t current_ip{0};
--- a/src/windows-emulator/registry/hive_parser.cpp
+++ b/src/windows-emulator/registry/hive_parser.cpp
@@ -114,14 +114,21 @@ namespace

 	hive_key parse_root_block(std::ifstream& file, const std::filesystem::path& file_path)
 	{
-		if (read_file_data_string(file, 0, 4) != "regf")
+		try
 		{
-			throw std::runtime_error("Bad hive file: " + file_path.string());
+			if (read_file_data_string(file, 0, 4) != "regf")
+			{
+				throw std::runtime_error("Invalid signature");
+			}
+
+			const auto key_block = read_file_object<key_block_t>(file, MAIN_KEY_BLOCK_OFFSET);
+
+			return {key_block.subkeys, key_block.value_count, key_block.offsets};
+		}
+		catch (const std::exception& e)
+		{
+			throw std::runtime_error("Bad hive file '" + file_path.string() + "': " + e.what());
 		}
-
-		const auto key_block = read_file_object<key_block_t>(file, MAIN_KEY_BLOCK_OFFSET);
-
-		return {key_block.subkeys, key_block.value_count, key_block.offsets};
 	}

 	char char_to_lower(const char val)
--- a/src/windows-emulator/registry/registry_manager.cpp
+++ b/src/windows-emulator/registry/registry_manager.cpp
@@ -33,21 +33,17 @@ namespace
 	void register_hive(registry_manager::hive_map& hives,
 	                   const std::filesystem::path& key, const std::filesystem::path& file)
 	{
-		try
-		{
-			hives[canonicalize_path(key)] = std::make_unique<hive_parser>(file);
-		}
-		catch (const std::exception& e)
-		{
-
-		}
+		hives[canonicalize_path(key)] = std::make_unique<hive_parser>(file);
 	}
 }

+registry_manager::registry_manager() = default;
 registry_manager::~registry_manager() = default;
+registry_manager::registry_manager(registry_manager&&) noexcept = default;
+registry_manager& registry_manager::operator=(registry_manager&&) noexcept = default;

-registry_manager::registry_manager(std::filesystem::path hive_path)
-	: hive_path_(std::move(hive_path))
+registry_manager::registry_manager(const std::filesystem::path& hive_path)
+	: hive_path_(absolute(hive_path))
 {
 	this->setup();
 }
--- a/src/windows-emulator/registry/registry_manager.hpp
+++ b/src/windows-emulator/registry/registry_manager.hpp
@@ -36,10 +36,17 @@ public:
 	using hive_ptr = std::unique_ptr<hive_parser>;
 	using hive_map = std::unordered_map<std::filesystem::path, hive_ptr>;

-	registry_manager() = default;
-	registry_manager(std::filesystem::path hive_path);
+	registry_manager();
+	registry_manager(const std::filesystem::path& hive_path);
 	~registry_manager();

+	registry_manager(registry_manager&&) noexcept;
+	registry_manager& operator=(registry_manager&&) noexcept;
+
+	registry_manager(const registry_manager&) = delete;
+	registry_manager& operator=(const registry_manager&) = delete;
+
+
 	void serialize(utils::buffer_serializer& buffer) const;
 	void deserialize(utils::buffer_deserializer& buffer);

--- a/src/windows-emulator/syscalls.cpp
+++ b/src/windows-emulator/syscalls.cpp
@@ -1,12 +1,10 @@
 #include "std_include.hpp"
 #include "syscall_dispatcher.hpp"
-
-#include <numeric>
-
 #include "context_frame.hpp"
 #include "emulator_utils.hpp"
 #include "syscall_utils.hpp"

+#include <numeric>
 #include <utils/io.hpp>

 namespace
@@ -168,8 +166,9 @@ namespace

 		if (key_value_information_class == KeyValueFullInformation)
 		{
-			const auto required_size = sizeof(KEY_VALUE_FULL_INFORMATION) + (original_name.size() * 2) + value->data.
-				size() - 1;
+			const auto name_size = original_name.size() * 2;
+			const auto value_size = value->data.size();
+			const auto required_size = sizeof(KEY_VALUE_FULL_INFORMATION) + name_size + value_size + -1;
 			result_length.write(static_cast<ULONG>(required_size));

 			if (required_size > length)
--- a/src/windows-emulator/windows_emulator.cpp
+++ b/src/windows-emulator/windows_emulator.cpp
@@ -255,6 +255,8 @@ namespace
 	{
 		setup_gdt(emu);

+		context.registry = registry_manager(settings.registry_directory);
+
 		context.kusd = setup_kusd(emu);

 		context.base_allocator = create_allocator(emu, PEB_SEGMENT_SIZE);
--- a/src/windows-emulator/windows_emulator.hpp
+++ b/src/windows-emulator/windows_emulator.hpp
@@ -11,9 +11,10 @@ std::unique_ptr<x64_emulator> create_default_x64_emulator();

 struct emulator_settings
 {
-	std::filesystem::path application;
-	std::filesystem::path working_directory;
-	std::vector<std::wstring> arguments;
+	std::filesystem::path application{};
+	std::filesystem::path working_directory{};
+	std::filesystem::path registry_directory{"./registry"};
+	std::vector<std::wstring> arguments{};
 	bool disable_logging{false};
 };