diff --git a/API-CHANGES.txt b/API-CHANGES.txt
index a9b69c351b3c613300d3f33eea0b62fece2c3dbe..a7e27b061071642596307752afebaefae6e7bf86 100644
--- a/API-CHANGES.txt
+++ b/API-CHANGES.txt
@@ -5,4 +5,5 @@ Changes to make once we are ready to do a backwards incompatible change.
- Java SleuthkitCase.findFilesWhere should return AbstractFile liek findFiles
- getUniquePath() should not throw exception.
- findFilesInImage should return an enum like TskDB methods differentiating if any data was found or not.
+- remove addImageInfo in db_Sqlite that does not take MD5, and/oor make it take IMG_INFO as argument
diff --git a/NEWS.txt b/NEWS.txt
index dc5900964970400a3f7276e43a280c3855e1af66..ea035b46876900578f540009fd7fac02fef47483 100644
--- a/NEWS.txt
+++ b/NEWS.txt
@@ -4,6 +4,7 @@ Numbers refer to SourceForge.net tracker IDs:
---------------- VERSION 4.1.3 --------------
Core:
- fixed bug that could crash UFS/ExtX in inode_lookup.
+- Updated sqlite database to have image size and md5 (schema v3)
---------------- VERSION 4.1.2 --------------
Core:
diff --git a/tsk/auto/auto_db.cpp b/tsk/auto/auto_db.cpp
index 716d2f37bf3e77b4ba78aca2f59173f3406cebe6..355c72b41d8f4a1e7273550a75b170593acd7859 100644
--- a/tsk/auto/auto_db.cpp
+++ b/tsk/auto/auto_db.cpp
@@ -14,6 +14,7 @@
*/
#include "tsk_case_db.h"
+#include "tsk/img/ewf.h"
#include <string.h>
#include <algorithm>
@@ -190,8 +191,16 @@ uint8_t
uint8_t
TskAutoDb::addImageDetails(const char *const img_ptrs[], int a_num)
{
+ string md5 = "";
+ if (m_img_info->itype == TSK_IMG_TYPE_EWF_EWF) {
+ IMG_EWF_INFO *ewf_info = (IMG_EWF_INFO *)m_img_info;
+ if (ewf_info->md5hash_isset) {
+ md5 = ewf_info->md5hash;
+ }
+ }
+
if (m_db->addImageInfo(m_img_info->itype, m_img_info->sector_size,
- m_curImgId, m_curImgTZone)) {
+ m_curImgId, m_curImgTZone, m_img_info->size, md5)) {
return 1;
}
diff --git a/tsk/auto/db_sqlite.cpp b/tsk/auto/db_sqlite.cpp
index c98586ec7e15a35ff50e2172749a1739ee39322f..39a1c132a1079425b7a0aeeedc88150a859e564a 100644
--- a/tsk/auto/db_sqlite.cpp
+++ b/tsk/auto/db_sqlite.cpp
@@ -26,7 +26,7 @@ using std::sort;
using std::for_each;
-#define TSK_SCHEMA_VER 2
+#define TSK_SCHEMA_VER 3
/**
* Set the locations and logging object. Must call
@@ -238,7 +238,7 @@ int
"Error creating tsk_objects table: %s\n")
||
attempt_exec
- ("CREATE TABLE tsk_image_info (obj_id INTEGER PRIMARY KEY, type INTEGER, ssize INTEGER, tzone TEXT);",
+ ("CREATE TABLE tsk_image_info (obj_id INTEGER PRIMARY KEY, type INTEGER, ssize INTEGER, tzone TEXT, size INTEGER, md5 TEXT);",
"Error creating tsk_image_info table: %s\n")
||
attempt_exec
@@ -395,11 +395,20 @@ void
}
}
+/**
+ * deprecated
+ */
+int
+ TskDbSqlite::addImageInfo(int type, int size, int64_t & objId, const string & timezone)
+{
+ return addImageInfo(type, size, objId, timezone, 0, "");
+}
+
/**
* @returns 1 on error, 0 on success
*/
int
- TskDbSqlite::addImageInfo(int type, int size, int64_t & objId, const string & timezone)
+ TskDbSqlite::addImageInfo(int type, int ssize, int64_t & objId, const string & timezone, TSK_OFF_T size, const string &md5)
{
char
stmt[1024];
@@ -413,8 +422,8 @@ int
objId = sqlite3_last_insert_rowid(m_db);
snprintf(stmt, 1024,
- "INSERT INTO tsk_image_info (obj_id, type, ssize, tzone) VALUES (%lld, %d, %d, '%s');",
- objId, type, size, timezone.c_str());
+ "INSERT INTO tsk_image_info (obj_id, type, ssize, tzone, size, md5) VALUES (%lld, %d, %d, '%s', %"PRIuOFF", '%s');",
+ objId, type, ssize, timezone.c_str(), size, md5.c_str());
return attempt_exec(stmt,
"Error adding data to tsk_image_info table: %s\n");
}
diff --git a/tsk/auto/tsk_db_sqlite.h b/tsk/auto/tsk_db_sqlite.h
index 5bfd8a12cfa091f27c76d0c37858dfe9ba9b5f48..03b17e8573a9acf92882e10ac403efd376851bf7 100755
--- a/tsk/auto/tsk_db_sqlite.h
+++ b/tsk/auto/tsk_db_sqlite.h
@@ -166,6 +166,7 @@ class TskDbSqlite {
int open(bool);
int close();
int addImageInfo(int type, int size, int64_t & objId, const string & timezone);
+ int addImageInfo(int type, int size, int64_t & objId, const string & timezone, TSK_OFF_T, const string &md5);
int addImageName(int64_t objId, char const *imgName, int sequence);
int addVsInfo(const TSK_VS_INFO * vs_info, int64_t parObjId,
int64_t & objId);
diff --git a/tsk/tsk_config.h.in b/tsk/tsk_config.h.in
index fead5d74101c50d6a843327956ca457d0b86e9db..d9d4e98910b19641b404e2f67f50393bc33dbc8f 100644
--- a/tsk/tsk_config.h.in
+++ b/tsk/tsk_config.h.in
@@ -57,19 +57,37 @@
/* Define to 1 if you have the <libewf.h> header file. */
#undef HAVE_LIBEWF_H
+/* Define to 1 if you have the `stdc++' library (-lstdc++). */
+#undef HAVE_LIBSTDC__
+
/* Define to 1 if you have the `z' library (-lz). */
#undef HAVE_LIBZ
+/* Define to 1 if you have the <list> header file. */
+#undef HAVE_LIST
+
/* Define to 1 if `lstat' has the bug that it succeeds when given the
zero-length file name argument. */
#undef HAVE_LSTAT_EMPTY_STRING_BUG
+/* Define to 1 if you have the <map> header file. */
+#undef HAVE_MAP
+
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define if you have POSIX threads libraries and header files. */
#undef HAVE_PTHREAD
+/* Define to 1 if you have the <queue> header file. */
+#undef HAVE_QUEUE
+
+/* Define to 1 if you have the <set> header file. */
+#undef HAVE_SET
+
+/* Define to 1 if you have the <stack> header file. */
+#undef HAVE_STACK
+
/* Define to 1 if stdbool.h conforms to C99. */
#undef HAVE_STDBOOL_H
@@ -79,6 +97,12 @@
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
+/* Define to 1 if you have the <streambuf> header file. */
+#undef HAVE_STREAMBUF
+
+/* Define to 1 if you have the <string> header file. */
+#undef HAVE_STRING
+
/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
@@ -115,6 +139,9 @@
/* Define to 1 if you have the `vasprintf' function. */
#undef HAVE_VASPRINTF
+/* Define to 1 if you have the <vector> header file. */
+#undef HAVE_VECTOR
+
/* Define to 1 if you have the `vprintf' function. */
#undef HAVE_VPRINTF