Beispiel #1
0
 private void CheckSignature()
 {
     if (HeaderSignature.Where((t, i) => t != OleCFSSignature[i]).Any())
     {
         throw new CFFileFormatException("Invalid OLE structured storage file");
     }
 }
        /// <summary>
        /// Determines whether the specified folder contains files with
        /// file extensions that do not match the content.
        /// </summary>
        /// <param name="folderPath">The folder path.</param>
        /// <param name="recursive">if set to <c>true</c> [recursive].</param>
        /// <returns>
        ///     <c>true</c> if [contains folder prohibited content]
        /// [the specified folder path]; otherwise, <c>false</c>.
        /// </returns>
        public void ContainsFolderVerifyContent(
            Delimon.Win32.IO.DirectoryInfo folderPath,
            bool recursive,
            ref List <FileResult> verifiedFiles,
            ref List <FileResult> unVerifiedFiles,
            ref List <FileResult> unknownFiles,
            ref List <FileResult> ProhibitedFiles,
            ref bool blShuttingDown,
            string excludeFolders,
            System.Data.DataTable dtSignatures,
            bool blValidateZipFiles,
            bool blHeaderVerificationIgnoreFileExtensions,
            bool blProhibitedFilesIgnoreFileExtensions
            )
        {
            WriteError(
                string.Format(
                    @"Audit Folder ContentDetectorEngine: Checking folder '{0}'.",
                    folderPath.FullName), System.Diagnostics.EventLogEntryType.Information, 6000, 60, true);

            HeaderSignature[] sigs = null;
            try
            {
                if (dtSignatures == null)
                {
                    sigs = HeaderSignature.StockSignatures;
                }
                else if (dtSignatures.Rows.Count == 0)
                {
                    sigs = HeaderSignature.StockSignatures;
                }
                else
                {
                    sigs = HeaderSignature.CustomSignatures(dtSignatures);
                }
            }
            catch (Exception)
            {
                sigs = null;
            }

            if (sigs != null)
            {
                containsFolderVerifyContent(folderPath, recursive, ref verifiedFiles, ref unVerifiedFiles, ref unknownFiles, ref ProhibitedFiles, ref blShuttingDown, excludeFolders, sigs, blValidateZipFiles, blHeaderVerificationIgnoreFileExtensions, blProhibitedFilesIgnoreFileExtensions);
            }
            else
            {
                WriteError(
                    string.Format(
                        @"Audit Folder ContentDetectorEngine: Error Checking folder '{0}' Error loading signatures.",
                        folderPath.FullName), System.Diagnostics.EventLogEntryType.Error, 6000, 60, false);
            }
        }
Beispiel #3
0
    public override int GetHashCode()
    {
        int hash = 1;

        if (Header.Length != 0)
        {
            hash ^= Header.GetHashCode();
        }
        if (HeaderSignature.Length != 0)
        {
            hash ^= HeaderSignature.GetHashCode();
        }
        hash ^= batches_.GetHashCode();
        if (_unknownFields != null)
        {
            hash ^= _unknownFields.GetHashCode();
        }
        return(hash);
    }
Beispiel #4
0
    public override int GetHashCode()
    {
        int hash = 1;

        if (Header.Length != 0)
        {
            hash ^= Header.GetHashCode();
        }
        if (HeaderSignature.Length != 0)
        {
            hash ^= HeaderSignature.GetHashCode();
        }
        hash ^= transactions_.GetHashCode();
        if (Trace != false)
        {
            hash ^= Trace.GetHashCode();
        }
        if (_unknownFields != null)
        {
            hash ^= _unknownFields.GetHashCode();
        }
        return(hash);
    }
        /// <summary>
        /// Determines whether the specified folder contains files with
        /// file extensions that do not match the content.
        /// </summary>
        /// <param name="folderPath">The folder path.</param>
        /// <param name="recursive">if set to <c>true</c> [recursive].</param>
        /// <returns>
        ///     <c>true</c> if [contains folder prohibited content]
        /// [the specified folder path]; otherwise, <c>false</c>.
        /// </returns>
        private void containsFolderVerifyContent(
            Delimon.Win32.IO.DirectoryInfo folderPath,
            bool recursive,
            ref List <FileResult> verifiedFiles,
            ref List <FileResult> unVerifiedFiles,
            ref List <FileResult> unknownFiles,
            ref List <FileResult> ProhibitedFiles,
            ref bool blShuttingDown,
            string excludeFolders,
            HeaderSignature[] sigs,
            bool blValidateZipFiles,
            bool blHeaderVerificationIgnoreFileExtensions,
            bool blProhibitedFilesIgnoreFileExtensions
            )
        {
            WriteError(
                string.Format(
                    @"Audit Folder ContentDetectorEngine: Checking folder '{0}'.",
                    folderPath.FullName), System.Diagnostics.EventLogEntryType.Information, 6000, 60, true);



            if (sigs == null)
            {
                sigs = HeaderSignature.StockSignatures;
            }



            Delimon.Win32.IO.FileInfo[] filePaths = folderPath.GetFiles();

            int index = 0;

            //Load either default signatures or custom for determining ExtensionSupported?



            foreach (Delimon.Win32.IO.FileInfo filePath in filePaths)
            {
                if (blShuttingDown)
                {
                    WriteError(
                        string.Format(
                            @"Audit Folder ContentDetectorEngine: Shutting Down: was about to check file '{0}'.",
                            filePath.FullName), System.Diagnostics.EventLogEntryType.Information, 6000, 60, true);
                    break;
                }
                try
                {
                    WriteError(
                        string.Format(
                            @"Audit Folder ContentDetectorEngine: [{0}/{1}] Checking file '{2}' ({3:0,0} bytes).",
                            index + 1, filePaths.Length,
                            filePath.FullName,
                            filePath.Length), System.Diagnostics.EventLogEntryType.Information, 6000, 60, true);

                    bool blVerifiedContent = false;

                    blVerifiedContent = DoVerifyFileHeader(filePath, sigs, blHeaderVerificationIgnoreFileExtensions);

                    //Verify File Headers
                    if (!HeaderSignature.ExtensionSupported(filePath.Extension, sigs))
                    {
                        unknownFiles.Add(new FileResult(filePath));
                    }
                    else if (!blVerifiedContent)
                    {
                        if (blValidateZipFiles && HeaderSignature.ZipRelatedExtension(filePath.Extension))
                        {
                            using (Stream filestream1 = filePath.Open(Delimon.Win32.IO.FileMode.Open, Delimon.Win32.IO.FileAccess.Read, Delimon.Win32.IO.FileShare.ReadWrite))
                            {
                                try
                                {
                                    if (ZipFile.IsZipFile(filestream1, true) == false)
                                    {
                                        unVerifiedFiles.Add(new FileResult(filePath, "Error: Zip File is Corrupted or Encrypted!"));
                                    }
                                    try
                                    {
                                        filestream1.Close();
                                    }
                                    catch (Exception)
                                    {
                                    }
                                }
                                catch (Exception ex)
                                {
                                    WriteError(
                                        string.Format(
                                            @"Audit Folder ContentDetectorEngine: [{0}/{1}] Error Zip Checking file '{2}' ({3:0,0} bytes). " + ex.Message,
                                            index + 1, filePaths.Length,
                                            filePath.FullName,
                                            filePath.Length), System.Diagnostics.EventLogEntryType.Error, 6000, 60, false);
                                    unknownFiles.Add(new FileResult(filePath, "Error checking the file"));
                                }
                            }
                        }
                        else
                        {
                            unVerifiedFiles.Add(new FileResult(filePath, "Extension and file header for the file does not match any expected file signature."));
                        }
                    }
                    else
                    {
                        if (blValidateZipFiles && blVerifiedContent && HeaderSignature.IsZipRelatedFile(filePath))
                        {
                            if (ZipFile.IsZipFile(filePath.OpenRead(), true) == false)
                            {
                                unVerifiedFiles.Add(new FileResult(filePath, "Error: Zip File is Corrupted or Encrypted!"));
                            }
                            else
                            {
                                verifiedFiles.Add(new FileResult(filePath, "Zip File Verified"));
                            }
                        }
                        else
                        {
                            verifiedFiles.Add(new FileResult(filePath));
                        }
                    }

                    //check for prohibited files
                    if (ContainsProhibitedFileContent(filePath, sigs, blProhibitedFilesIgnoreFileExtensions))
                    {
                        ProhibitedFiles.Add(new FileResult(filePath));
                    }
                }
                catch (Exception)
                {
                    WriteError(
                        string.Format(
                            @"Audit Folder ContentDetectorEngine: [{0}/{1}] Error Checking file '{2}' ({3:0,0} bytes).",
                            index + 1, filePaths.Length,
                            filePath.FullName,
                            filePath.Length), System.Diagnostics.EventLogEntryType.Error, 6000, 60, false);
                    unknownFiles.Add(new FileResult(filePath, "Error checking the file"));
                }


                index++;
            }



            // --

            if (recursive)
            {
                Delimon.Win32.IO.DirectoryInfo[] folderPaths = folderPath.GetDirectories();

                foreach (Delimon.Win32.IO.DirectoryInfo childFolderPath in folderPaths)
                {
                    bool blIgnoreDirectory = false;
                    if (blShuttingDown)
                    {
                        WriteError(
                            string.Format(
                                @"Audit Folder ContentDetectorEngine: Shutting Down: was about to check folder '{0}'.",
                                childFolderPath.FullName), System.Diagnostics.EventLogEntryType.Information, 6000, 60, true);
                        break;
                    }

                    try
                    {
                        char[]   delimiters             = new char[] { ';' };
                        string[] strArr_excludedfolders = excludeFolders.Split(delimiters, StringSplitOptions.RemoveEmptyEntries);

                        if (!(strArr_excludedfolders == null || strArr_excludedfolders.Length == 0))
                        {
                            //loop through excluded folders
                            foreach (string strExclude in strArr_excludedfolders)
                            {
                                if (childFolderPath.Name.ToLower() == strExclude.ToLower())
                                {
                                    blIgnoreDirectory = true;
                                }
                            }
                        }
                    }
                    catch (Exception)
                    {
                    }

                    if (!blIgnoreDirectory)
                    {
                        containsFolderVerifyContent(childFolderPath, recursive, ref verifiedFiles, ref unVerifiedFiles, ref unknownFiles, ref ProhibitedFiles, ref blShuttingDown, excludeFolders, sigs, blValidateZipFiles, blHeaderVerificationIgnoreFileExtensions, blProhibitedFilesIgnoreFileExtensions);
                    }
                }
            }
        }