Skip to content
Snippets Groups Projects
Commit c98358fc authored by Brian Carrier's avatar Brian Carrier
Browse files

Merge pull request #277 from SynapticNulship/develop

Add more detail to hashDbCreateIndexNat error message.
parents 94af36df b559edb4
Branches
Tags
No related merge requests found
......@@ -1686,11 +1686,31 @@ Java_org_sleuthkit_datamodel_SleuthkitJNI_hashDbCreateIndexNat (JNIEnv * env,
}
// [Re]create the hash information and file
if (tsk_hdb_regenerate_index(db, dbType, (overwrite ? 1 : 0)) == 0) {
setThrowTskCoreError(env, "Error: index regeneration");
uint8_t err = tsk_hdb_regenerate_index(db, dbType, (overwrite ? 1 : 0));
// Make an error message
if (err > 0) {
char c_db_type[32];
snprintf(c_db_type, 32, "%" PRIttocTSK, dbType);
std::string dbTypeStr(c_db_type);
std::string msg("Error: index regeneration (db_type = " + dbTypeStr + "): ");
switch (err) {
case 1:
msg += "delete old failed.";
break;
case 2:
msg += "delete old (2nd pass) failed.";
break;
case 3:
msg += "tsk_hdb_makeindex failed.";
break;
}
setThrowTskCoreError(env, msg.c_str());
return;
}
// success
return;
}
}
......
......@@ -74,9 +74,10 @@ public enum ARTIFACT_TYPE implements SleuthkitVisitableItem {
TSK_GPS_LAST_KNOWN_LOCATION(30, "TSK_GPS_LAST_KNOWN_LOCATION", "GPS Last Known Location"), // GPS Last known location
TSK_GPS_SEARCH(31, "TSK_GPS_SEARCH", "GPS Searches"), // GPS Searches
TSK_PROG_RUN(32, "TSK_PROG_RUN", "Run Programs"), ///< Application run information
TSK_INTERESTING_ARTIFACT(33, "TSK_INTERESTING_ARTIFACT", "Interesting Results"), // Any artifact that should be called out
TSK_ENCRYPTION_DETECTED(33, "TSK_ENCRYPTION_DETECTED", "Encryption Detected"), ///< Encrypted File
TSK_EXT_MISMATCH_DETECTED(34, "TSK_EXT_MISMATCH_DETECTED", "Extension Mismatch Detected."), ///< Extension Mismatch
TSK_INTERESTING_ARTIFACT(35, "TSK_INTERESTING_ARTIFACT", "Interesting Results"), // Any artifact that should be called out
;
/* SEE ABOVE -- KEEP C++ CODE IN SYNC */
private String label;
......
......@@ -134,6 +134,7 @@ public enum ATTRIBUTE_TYPE {
TSK_PHONE_NUMBER(35, "TSK_PHONE_NUMBER", "Phone Number"),
TSK_PATH_ID(36, "TSK_PATH_ID", "Path ID"),
TSK_SET_NAME(37, "TSK_SET_NAME", "Set Name"),
@Deprecated
TSK_ENCRYPTION_DETECTED(38, "TSK_ENCRYPTION_DETECTED", "Encryption Detected"),
TSK_MALWARE_DETECTED(39, "TSK_MALWARE_DETECTED", "Malware Detected"),
TSK_STEG_DETECTED(40, "TSK_STEG_DETECTED", "Steganography Detected"),
......
......@@ -44,6 +44,8 @@ map<int, TskArtifactNames> initializeArtifactTypeMap(){
retval.insert(pair<int, TskArtifactNames>(TSK_GPS_LAST_KNOWN_LOCATION, TskArtifactNames("TSK_GPS_LAST_KNOWN_LOCATION", "GPS Last Known Location")));
retval.insert(pair<int, TskArtifactNames>(TSK_GPS_SEARCH, TskArtifactNames("TSK_GPS_SEARCH", "GPS Searches")));
retval.insert(pair<int, TskArtifactNames>(TSK_PROG_RUN, TskArtifactNames("TSK_PROG_RUN", "Run Programs")));
retval.insert(pair<int, TskArtifactNames>(TSK_ENCRYPTION_DETECTED, TskArtifactNames("TSK_ENCRYPTION_DETECTED", "Encryption Detected")));
retval.insert(pair<int, TskArtifactNames>(TSK_EXT_MISMATCH_DETECTED, TskArtifactNames("TSK_EXT_MISMATCH_DETECTED", "Extension Mismatch Detected")));
retval.insert(pair<int, TskArtifactNames>(TSK_INTERESTING_ARTIFACT, TskArtifactNames("TSK_INTERESTING_ARTIFACT", "Interesting Results")));
return retval;
......@@ -143,7 +145,6 @@ map<int, TskAttributeNames> initializeAttributeTypeMap(){
retval.insert(pair<int, TskAttributeNames>(TSK_MIN_COUNT, TskAttributeNames("TSK_MIN_COUNT", "Minimum Count")));
retval.insert(pair<int, TskAttributeNames>(TSK_PATH_SOURCE, TskAttributeNames("TSK_PATH_SOURCE", "Path Source")));
retval.insert(pair<int, TskAttributeNames>(TSK_PERMISSIONS, TskAttributeNames("TSK_PERMISSIONS", "Permissions")));
retval.insert(pair<int, TskAttributeNames>(TSK_PROG_LAUNCHED, TskAttributeNames("TSK_PROG_LAUNCHED", "Program Launched")));
retval.insert(pair<int, TskAttributeNames>(TSK_ASSOCIATED_ARTIFACT, TskAttributeNames("TSK_ASSOCIATED_ARTIFACT", "Associated Artifact")));
return retval;
......
......@@ -78,9 +78,9 @@ enum TSK_ARTIFACT_TYPE {
TSK_GPS_LAST_KNOWN_LOCATION = 30, ///< GPS Last known location
TSK_GPS_SEARCH = 31, ///< GPS Searches
TSK_PROG_RUN = 32, ///< Application run information
TSK_INTERESTING_ARTIFACT = 33, ///< Any artifact interesting enough that it should be called out in the UI.
TSK_ENCRYPTION_DETECTED = 33, ///< Encrypted File
TSK_EXT_MISMATCH_DETECTED = 34, ///< Extension Mismatch
TSK_INTERESTING_ARTIFACT = 35, ///< Any artifact interesting enough that it should be called out in the UI.
/* SEE ABOVE:
* - KEEP JAVA CODE IN SYNC
......@@ -136,7 +136,7 @@ enum TSK_ATTRIBUTE_TYPE {
TSK_PHONE_NUMBER = 35,///<String of phone number
TSK_PATH_ID = 36,///< Object ID from database that a TSK_PATH attribute corresponds to. Set to -1 if path is for a file that is not in database (i.e. deleted).
TSK_SET_NAME = 37,///< STRING: The name of a set that was used to find this artifact (to be used for hash hits, keyword hits, interesting files, etc.)
TSK_ENCRYPTION_DETECTED = 38,///< STRING: The type of encryption that is believed to have been used on the file.
//TSK_ENCRYPTION_DETECTED = 38,///< \deprecated STRING: The type of encryption that is believed to have been used on the file.
TSK_MALWARE_DETECTED = 39,///< STRING: The name of the malware that was detected in this file.
TSK_STEG_DETECTED = 40,///< STRING: The name of the steganography technique that was detected in this file.
TSK_EMAIL_TO = 41, ///< String of an e-mail address that a message is being sent to directly (not cc:).
......
......@@ -596,7 +596,8 @@ tsk_hdb_delete_old(TSK_HDB_INFO * hdb_info)
* @param hdb_info Hash database to consider
* @param htype Hash type that index should be of
*
* @return 1 if index was created; 0 if failed
* @return 0 if index was created; 1 if failed on delete;
* 2 if failed on 2nd pass delete; 3 if failed on tsk_hdb_makeindex()
*/
uint8_t
tsk_hdb_regenerate_index(TSK_HDB_INFO * hdb_info, TSK_TCHAR * db_type, uint8_t overwrite)
......@@ -620,12 +621,12 @@ tsk_hdb_regenerate_index(TSK_HDB_INFO * hdb_info, TSK_TCHAR * db_type, uint8_t o
}
if (tsk_hdb_delete_old(hdb_info) != 0) {
return 0; //error
return 1; //error
}
// Run a second pass in case there were two indices
if (tsk_hdb_delete_old(hdb_info) != 0) {
return 0; //error
return 2; //error
}
} else {
......@@ -635,10 +636,10 @@ tsk_hdb_regenerate_index(TSK_HDB_INFO * hdb_info, TSK_TCHAR * db_type, uint8_t o
// Create, initialize, and fill in the new index from the src db
if (tsk_hdb_makeindex(hdb_info, db_type)) {
return 0; //error
return 3; //error
}
return 1; //success
return 0; //success
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment