Made index encodings a user specified parameter

darcs-hash:20060303043938-0996e-08bcdcf11c2deb665dd22d5370cc71692cc3b7b2.gz
anarchivist · Mar 3, 2006 · 1572d20 · 1572d20
1 parent 541c93d
commit 1572d20
Show file tree

Hide file tree

Showing 7 changed files with 19 additions and 7 deletions.
diff --git a/data/magic.mime b/data/magic.mime
@@ -15,5 +15,5 @@
 0       string          \037\213        	 application/x-gzip; foobar
 
 # A better RFC2822 detector
-0     search/1024     MIME-Version:	      message/rfc822
+0      string	     MIME-Version:	      message/rfc822
 20    regex/c	      ^From:.+<.+@.+>	      message/rfc822
diff --git a/examples/extract_images.py b/examples/extract_images.py
@@ -6,7 +6,7 @@
 import pyflag.pyflagsh as pyflagsh
 
 ## First we load the filesystem in:
-pyflagsh.shell_execv('load','demo.test')
+pyflagsh.shell_execv('load','demo')
 
 #Do a big find over the filesystem to recover all the files
 for file in pyflagsh.shell_execv_iter('find_dict','/'):

diff --git a/pyflagrc.in b/pyflagrc.in
@@ -91,3 +91,6 @@ PYFLAG_MSN_PORTS=1863
 ## Maximum age (in packets) for a session before it will be considered
 ## terminated.
 PYFLAG_MAX_SESSION_AGE=100
+
+## The encodings that will be searched on in the index scanner
+PYFLAG_INDEX_ENCODINGS=UTF-8,UTF-16LE
diff --git a/src/plugins/CaseManagement.py b/src/plugins/CaseManagement.py
@@ -61,7 +61,7 @@ def display(self,query,result):
 
         #Get handle to the case db
         case_dbh = self.DBO(query['create_case'])
-        case_dbh.execute("Create table if not exists meta(`time` timestamp(14) NOT NULL,property varchar(50), value text, KEY property(property), KEY value(value(10)))",())
+        case_dbh.execute("Create table if not exists meta(`time` timestamp(14) NOT NULL,property varchar(50), value text, KEY property(property), KEY joint(property,value(20)))",())
 
         case_dbh.execute("create table if not exists bookmarks (id int(11) auto_increment, canon text, url text,  description text,  bookmark text ,  PRIMARY KEY  (id),  KEY id (id))",())
 

diff --git a/src/plugins/DiskForensics/FileSystems/Sleuthkit.py b/src/plugins/DiskForensics/FileSystems/Sleuthkit.py
@@ -14,13 +14,17 @@
 import bisect
 import pyflag.conf
 config=pyflag.conf.ConfObject()
+import os.path
 
 class AutoFS(DBFS):
     """ This allows SK to determine automatically the filesystem type. """
     sk_type = "auto"
     name = "Auto FS"
 
     def load(self, mount_point, iosource_name):
+        ## Ensure that mount point is normalised:
+        mount_point = os.path.normpath(mount_point)
+
         DBFS.load(self, mount_point, iosource_name)
 
         # run sleuthkit
@@ -40,6 +44,9 @@ class Ext2(AutoFS):
     name = "Linux ext2"
 
     def load(self, mount_point, iosource_name):
+        ## Ensure that mount point is normalised:
+        mount_point = os.path.normpath(mount_point)
+
         DBFS.load(self, mount_point, iosource_name)
 
         # run sleuthkit

diff --git a/src/plugins/DiskForensics/LogicalIndex.py b/src/plugins/DiskForensics/LogicalIndex.py
@@ -119,9 +119,11 @@ def prepare(self):
         # extensively in windows (e.g word documents). We can easily
         # add more encodings here as necessary.
         pydbh.execute("select word,id from dictionary where type='word'")
+        encodings = pyflag.conf.parse_value("INDEX_ENCONDINGS")
+        word = row['word'].decode("UTF-8")
         for row in pydbh:
-            self.index.add_word(row['word'],row['id'])
-            self.index.add_word(row['word'].decode("UTF-8").encode("UTF-16LE"),row['id'])
+            for e in encodings:
+                self.index.add_word(word.encode(e),row['id'])
 
         logging.log(logging.DEBUG,"Index Scanner: Done in %s seconds..." % (time.time()-start_time))
 
@@ -430,7 +432,7 @@ def reset(self,query):
             pass
 
     def progress(self,query,result):
-        result.heading("Searching for '%s' in image %s" % ('\',\''.join(query.getarray('keyword')),query['fsimage']))
+        result.heading("Searching for '%s'" % ('\',\''.join(query.getarray('keyword'))))
 
     def analyse(self,query):
         dbh = DB.DBO(query['case'])

diff --git a/src/plugins/LoadData.py b/src/plugins/LoadData.py
@@ -319,7 +319,7 @@ def process_directory(root):
                     fd=fsfd.open(inode=stat['inode'])
                     Scanner.scanfile(fsfd,fd,scanners)
                 except IOError,e:
-                    logging.log(logging.WARNINGS,"Unable to open file %s/%s: %s" % (stat['path'],stat['name'],e))
+                    logging.log(logging.WARNINGS,"Unable to open file %s%s: %s" % (stat['path'],stat['name'],e))
                 except Exception,e:
                     logging.log(logging.ERRORS,"Error scanning inode %s: %s" % (stat['inode'],e))