diff --git a/bindings/java/jni/auto_db_java.cpp b/bindings/java/jni/auto_db_java.cpp
index ceb69170559084ca3cb5fb459e4ac69e81f9a333..c290733f232e82057cdcc2460b09c87fdb37ff1e 100644
--- a/bindings/java/jni/auto_db_java.cpp
+++ b/bindings/java/jni/auto_db_java.cpp
@@ -127,6 +127,14 @@ TskAutoDbJava::initializeJni(JNIEnv * jniEnv, jobject jobj) {
return TSK_ERR;
}
+ //(JJLjava/lang/String;Ljava/lang/String;)J
+ m_getParentIdMethodID = m_jniEnv->GetMethodID(m_callbackClass, "findParentObjId", "(JJLjava/lang/String;Ljava/lang/String;)J");
+ if (m_getParentIdMethodID == NULL) {
+ printf("#### Error loading m_getParentIdMethodID\n");
+ fflush(stdout);
+ return TSK_ERR;
+ }
+
printf("\n#### Yay found method IDs!\n");
fflush(stdout);
return TSK_OK;
@@ -585,33 +593,6 @@ TskAutoDbJava::addFile(TSK_FS_FILE* fs_file,
return TSK_ERR;
}
- /*
- zSQL = sqlite3_mprintf(
- "INSERT INTO tsk_files (fs_obj_id, obj_id, data_source_obj_id, type, attr_type, attr_id, name, meta_addr, meta_seq, dir_type, meta_type, dir_flags, meta_flags, size, crtime, ctime, atime, mtime, mode, gid, uid, md5, known, parent_path, extension) "
- "VALUES ("
- "%" PRId64 ",%" PRId64 ","
- "%" PRId64 ","
- "%d,"
- "%d,%d,'%q',"
- "%" PRIuINUM ",%d,"
- "%d,%d,%d,%d,"
- "%" PRId64 ","
- "%llu,%llu,%llu,%llu,"
- "%d,%d,%d,%Q,%d,"
- "'%q','%q')",
- fsObjId, objId, // done
- dataSourceObjId, // done
- TSK_DB_FILES_TYPE_FS, // dont' need type
- type, idx, name, // attrType, attrId, name done
- fs_file->name->meta_addr, fs_file->name->meta_seq, // done
- fs_file->name->type, meta_type, fs_file->name->flags, meta_flags, // used meta_flags
- size, // done
- (unsigned long long)crtime, (unsigned long long)ctime, (unsigned long long) atime, (unsigned long long) mtime,
- meta_mode, gid, uid, md5TextPtr, known,
- escaped_path, extension);
- */
-
-
/*
if (!TSK_FS_ISDOT(name))
{
@@ -642,7 +623,6 @@ if (!TSK_FS_ISDOT(name))
storeObjId(fsObjId, fs_file, fullPath.c_str(), objId);
}
- /*
// Add entry for the slack space.
// Current conditions for creating a slack file:
// - File name is not empty, "." or ".."
@@ -659,49 +639,32 @@ if (!TSK_FS_ISDOT(name))
if (strlen(extension) > 0) {
strncat(extension, "-slack", 6);
}
- TSK_OFF_T slackSize = fs_attr->nrd.allocsize - fs_attr->nrd.initsize;
+ jstring slackNamej = m_jniEnv->NewStringUTF(name); // TODO free?
- if (addObject(TSK_DB_OBJECT_TYPE_FILE, parObjId, objId)) {
- free(name);
- free(escaped_path);
- return 1;
- }
+ TSK_OFF_T slackSize = fs_attr->nrd.allocsize - fs_attr->nrd.initsize;
- // Run the same insert with the new name, size, and type
- zSQL = sqlite3_mprintf(
- "INSERT INTO tsk_files (fs_obj_id, obj_id, data_source_obj_id, type, attr_type, attr_id, name, meta_addr, meta_seq, dir_type, meta_type, dir_flags, meta_flags, size, crtime, ctime, atime, mtime, mode, gid, uid, md5, known, parent_path,extension) "
- "VALUES ("
- "%" PRId64 ",%" PRId64 ","
- "%" PRId64 ","
- "%d,"
- "%d,%d,'%q',"
- "%" PRIuINUM ",%d,"
- "%d,%d,%d,%d,"
- "%" PRId64 ","
- "%llu,%llu,%llu,%llu,"
- "%d,%d,%d,NULL,%d,"
- "'%q','%q')",
- fsObjId, objId,
+ // "INSERT INTO tsk_files (fs_obj_id, obj_id, data_source_obj_id,
+ // type, attr_type, attr_id, name,
+ // meta_addr, meta_seq, dir_type, meta_type, dir_flags, meta_flags,
+ // size, crtime, ctime, atime, mtime, mode, gid, uid, md5, known, parent_path, extension) "
+ jlong objIdj = m_jniEnv->CallLongMethod(m_javaDbObj, m_addFileMethodID,
+ parObjId, fsObjId,
dataSourceObjId,
TSK_DB_FILES_TYPE_SLACK,
- type, idx, name,
- fs_file->name->meta_addr, fs_file->name->meta_seq,
- TSK_FS_NAME_TYPE_REG, TSK_FS_META_TYPE_REG, fs_file->name->flags, meta_flags,
+ type, idx, slackNamej,
+ fs_file->name->meta_addr, (uint64_t)fs_file->name->meta_seq,
+ fs_file->name->type, meta_type, fs_file->name->flags, meta_flags,
slackSize,
(unsigned long long)crtime, (unsigned long long)ctime, (unsigned long long) atime, (unsigned long long) mtime,
- meta_mode, gid, uid, known,
- escaped_path, extension);
+ meta_mode, gid, uid, // md5TextPtr, known,
+ pathj, extj);
+ int64_t slackObjId = (int64_t)objIdj;
- if (attempt_exec(zSQL, "TskDbSqlite::addFile: Error adding data to tsk_files table: %s\n")) {
- free(name);
- free(escaped_path);
- sqlite3_free(zSQL);
- return 1;
+ if (slackObjId < 0) {
+ return TSK_ERR;
}
}
- sqlite3_free(zSQL);*/
-
free(name);
free(escaped_path);
@@ -898,10 +861,25 @@ TskAutoDbJava::findParObjId(const TSK_FS_FILE* fs_file, const char* parentPath,
return -1;
}
- // TODO TODO DATABASE CALL
- printf("#### SKIPPING PAR OBJ ID DATABASE LOOKUP TODO \n");
+ int64_t parObjId;
+
+ if (m_getParentIdMethodID == NULL) {
+ printf("#### Yikes m_addFileSystemMethodID is null...\n");
+ return TSK_ERR;
+ }
+
+ jstring jpath = m_jniEnv->NewStringUTF(parent_path); // TODO free?
+ jstring jname = m_jniEnv->NewStringUTF(parent_name); // TODO free?
+
+ jlong objIdj = m_jniEnv->CallLongMethod(m_javaDbObj, m_getParentIdMethodID,
+ fs_file->name->par_addr, fsObjId, jpath, jname);
+ int64_t objId = (int64_t)objIdj;
+ printf("#### Looked up parent object ID: %lld\n", objId);
fflush(stdout);
- int64_t parObjId = 2;
+
+ if (objId < 0) {
+ return -1;
+ }
return parObjId;
}
diff --git a/bindings/java/jni/auto_db_java.h b/bindings/java/jni/auto_db_java.h
index 1837c987b07e093c892eed82e592255422073286..b8049de22a1ce97f81e34bb9ce22f6b6ccef7ddd 100644
--- a/bindings/java/jni/auto_db_java.h
+++ b/bindings/java/jni/auto_db_java.h
@@ -161,6 +161,7 @@ class TskAutoDbJava :public TskAuto {
jmethodID m_addPoolMethodID = NULL;
jmethodID m_addFileSystemMethodID = NULL;
jmethodID m_addFileMethodID = NULL;
+ jmethodID m_getParentIdMethodID = NULL;
// prevent copying until we add proper logic to handle it
diff --git a/bindings/java/src/org/sleuthkit/datamodel/JniDbHelper.java b/bindings/java/src/org/sleuthkit/datamodel/JniDbHelper.java
index 2e413c2bccae1548e43ae279b73ddfcfaa0d7802..f5589f93988a4302a6378e386635746e8b029a0c 100644
--- a/bindings/java/src/org/sleuthkit/datamodel/JniDbHelper.java
+++ b/bindings/java/src/org/sleuthkit/datamodel/JniDbHelper.java
@@ -136,7 +136,7 @@ long addFile(long parentObjId,
try {
return caseDb.addFileSystemFileJNI(parentObjId,
fsObjId, dataSourceObjId,
- fsType, // TSK_DB_FILES_TYPE_FS,
+ fsType,
attrType, attrId, name,
metaAddr, metaSeq,
dirType, metaType, dirFlags, metaFlags,
@@ -151,4 +151,13 @@ long addFile(long parentObjId,
}
}
+ long findParentObjId(long metaAddr, long fsobjId, String path, String name) {
+ try {
+ return caseDb.findParentObjIdJNI(metaAddr, fsobjId, path, name, trans);
+ } catch (TskCoreException ex) {
+ ex.printStackTrace();
+ return -1;
+ }
+ }
+
}
diff --git a/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java b/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
index 16df7aac0b93f54361520171479ff4f725c44ca5..8e070c0c342b25cb8dfdc9e18de5a78ea0e9f12f 100644
--- a/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
+++ b/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
@@ -10983,7 +10983,6 @@ long addImageJNI(TskData.TSK_IMG_TYPE_ENUM type, long sectorSize, long size,
String deviceId,
CaseDbTransaction transaction) throws TskCoreException {
acquireSingleUserCaseWriteLock();
- Statement statement = null;
try {
// Insert a row for the Image into the tsk_objects table.
CaseDbConnection connection = transaction.getConnection();
@@ -11008,7 +11007,6 @@ long addImageJNI(TskData.TSK_IMG_TYPE_ENUM type, long sectorSize, long size,
// Add a row to data_source_info
preparedStatement = connection.getPreparedStatement(PREPARED_STATEMENT.INSERT_DATA_SOURCE_INFO);
- statement = connection.createStatement();
preparedStatement.setLong(1, newObjId);
preparedStatement.setString(2, deviceId);
preparedStatement.setString(3, timezone);
@@ -11018,7 +11016,6 @@ long addImageJNI(TskData.TSK_IMG_TYPE_ENUM type, long sectorSize, long size,
} catch (SQLException ex) {
throw new TskCoreException(String.format("Error adding image to database"), ex);
} finally {
- closeStatement(statement);
releaseSingleUserCaseWriteLock();
}
}
@@ -11026,7 +11023,6 @@ long addImageJNI(TskData.TSK_IMG_TYPE_ENUM type, long sectorSize, long size,
void addImageNameJNI(long objId, String name, long sequence,
CaseDbTransaction transaction) throws TskCoreException {
acquireSingleUserCaseWriteLock();
- Statement statement = null;
try {
CaseDbConnection connection = transaction.getConnection();
PreparedStatement preparedStatement = connection.getPreparedStatement(PREPARED_STATEMENT.INSERT_IMAGE_NAME);
@@ -11038,14 +11034,38 @@ void addImageNameJNI(long objId, String name, long sequence,
} catch (SQLException ex) {
throw new TskCoreException(String.format("Error adding image name %s to image with object ID %d", name, objId), ex);
} finally {
- closeStatement(statement);
releaseSingleUserCaseWriteLock();
}
}
+ long findParentObjIdJNI(long metaAddr, long fsObjId, String path, String name, CaseDbTransaction transaction) throws TskCoreException {
+ acquireSingleUserCaseReadLock();
+ ResultSet resultSet = null;
+ try {
+ CaseDbConnection connection = transaction.getConnection();
+ PreparedStatement preparedStatement = connection.getPreparedStatement(PREPARED_STATEMENT.SELECT_OBJ_ID_BY_META_ADDR_AND_PATH);
+ preparedStatement.clearParameters();
+ preparedStatement.setLong(1, metaAddr);
+ preparedStatement.setLong(2, fsObjId);
+ preparedStatement.setString(3, path);
+ preparedStatement.setString(4, name);
+ resultSet = connection.executeQuery(preparedStatement);
+ if (resultSet.next()) {
+ return resultSet.getLong("obj_id");
+ } else {
+ throw new TskCoreException(String.format("Error looking up parent meta addr %d", metaAddr));
+ }
+ } catch (SQLException ex) {
+ throw new TskCoreException(String.format("Error looking up parent meta addr %d", metaAddr), ex);
+ } finally {
+ closeResultSet(resultSet);
+ releaseSingleUserCaseReadLock();
+ }
+ }
+
long addFileSystemFileJNI(long parentObjId,
long fsObjId, long dataSourceObjId,
- int fsType, // TSK_DB_FILES_TYPE_FS,
+ int fsType,
int attrType, int attrId, String name,
long metaAddr, long metaSeq,
int dirType, int metaType, int dirFlags, int metaFlags,
@@ -11066,14 +11086,14 @@ long addFileSystemFileJNI(long parentObjId,
// INSERT INTO tsk_files (fs_obj_id, obj_id, data_source_obj_id, type, attr_type, attr_id, name, meta_addr, meta_seq,
// dir_type, meta_type, dir_flags, meta_flags, size, crtime, ctime, atime, mtime,
- // mode, gid, uid, md5, known, parent_path, extension
+ // mode, gid, uid, md5, known, parent_path, extension)
PreparedStatement statement = connection.getPreparedStatement(PREPARED_STATEMENT.INSERT_FILE_SYSTEM_FILE_All_FIELDS);
statement.clearParameters();
- statement.setLong(1, fsObjId); // fs_obj_id
- statement.setLong(2, objectId); // obj_id
- statement.setLong(3, dataSourceObjId); // data_source_obj_id
- statement.setShort(4, TskData.TSK_DB_FILES_TYPE_ENUM.FS.getFileType()); // type
- statement.setShort(5, (short) attrType); // attr_type
+ statement.setLong(1, fsObjId); // fs_obj_id
+ statement.setLong(2, objectId); // obj_id
+ statement.setLong(3, dataSourceObjId); // data_source_obj_id
+ statement.setShort(4, (short)fsType); // type
+ statement.setShort(5, (short)attrType); // attr_type
statement.setInt(6, attrId); // attr_id
statement.setString(7, name); // name
statement.setLong(8, metaAddr); // meta_addr
@@ -11096,6 +11116,19 @@ long addFileSystemFileJNI(long parentObjId,
statement.setString(25, extension); // extension
connection.executeUpdate(statement);
+ if (TskData.TSK_DB_FILES_TYPE_ENUM.SLACK.getFileType() != fsType
+ && (!name.equals(".")) && (!name.equals(".."))) {
+ TimelineManager timelineManager = getTimelineManager();
+ DerivedFile derivedFile = new DerivedFile(this, objectId, dataSourceObjId, name,
+ TSK_FS_NAME_TYPE_ENUM.valueOf((short)dirType),
+ TSK_FS_META_TYPE_ENUM.valueOf((short)metaType),
+ TSK_FS_NAME_FLAG_ENUM.valueOf(dirFlags),
+ (short)metaFlags,
+ size, ctime, crtime, atime, mtime, null, null, escaped_path, null, parentObjId, null, null, extension);
+
+ timelineManager.addEventsForNewFile(derivedFile, connection);
+ }
+
return objectId;
} catch (SQLException ex) {
throw new TskCoreException("Failed to add file system file", ex);
@@ -11318,7 +11351,8 @@ private enum PREPARED_STATEMENT {
INSERT_VS_PART_POSTGRESQL("INSERT INTO tsk_vs_parts (obj_id, addr, start, length, descr, flags) VALUES (?, ?, ?, ?, ?, ?)"),
INSERT_POOL_INFO("INSERT INTO tsk_pool_info (obj_id, pool_type) VALUES (?, ?)"),
INSERT_FS_INFO("INSERT INTO tsk_fs_info (obj_id, img_offset, fs_type, block_size, block_count, root_inum, first_inum, last_inum, display_name)"
- + "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
+ + "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"),
+ SELECT_OBJ_ID_BY_META_ADDR_AND_PATH("SELECT obj_id FROM tsk_files WHERE meta_addr = ? AND fs_obj_id = ? AND parent_path = ? AND name = ?");
private final String sql;