private void ProcessPropertyViewDefault(byte[] rawBytes)
{
FriendlyName = "Variable: Users property view";
var index = 10;
var shellPropertySheetListSize = BitConverter.ToInt16(rawBytes, index);
index += 2;
var identifiersize = BitConverter.ToInt16(rawBytes, index);
index += 2;
var identifierData = new byte[identifiersize];
Array.Copy(rawBytes, index, identifierData, 0, identifiersize);
index += identifiersize;
if (shellPropertySheetListSize > 0)
{
var propBytes = rawBytes.Skip(index).Take(shellPropertySheetListSize).ToArray();
var propStore = new PropertyStore(propBytes);
PropertyStore = propStore;
var p = propStore.Sheets.Where(t => t.PropertyNames.ContainsKey("32"));
if (p.Any())
{
//we can now look thry prop bytes for extension blocks
//TODO this is a hack until we can process vectors natively
var extOffsets = new List <int>();
try
{
var regexObj = new Regex("([0-9A-F]{2})-00-EF-BE", RegexOptions.IgnoreCase);
var matchResult = regexObj.Match(BitConverter.ToString(propBytes));
while (matchResult.Success)
{
extOffsets.Add(matchResult.Index);
matchResult = matchResult.NextMatch();
}
foreach (var extOffset in extOffsets)
{
var binaryOffset = extOffset / 3 - 4;
var exSize = BitConverter.ToInt16(propBytes, binaryOffset);
var exBytes = propBytes.Skip(binaryOffset).Take(exSize).ToArray();
var signature1 = BitConverter.ToUInt32(exBytes, 4);
//Debug.WriteLine(" 0x1f bag sig: " + signature1.ToString("X8"));
var block1 = Utils.GetExtensionBlockFromBytes(signature1, exBytes);
ExtensionBlocks.Add(block1);
}
}
catch (ArgumentException ex)
{
throw ex;
// Syntax error in the regular expression
}
// Debug.WriteLine("Found 32 key");
}
}
else
{
// Debug.Write("Oh no! No property sheets!");
// SiAuto.Main.LogWarning("Oh no! No property sheets!");
if (rawBytes[0x28] == 0x2f ||
(rawBytes[0x24] == 0x4e && rawBytes[0x26] == 0x2f && rawBytes[0x28] == 0x41))
{
//we have a good date
var zip = new ShellBagZipContents(rawBytes);
FriendlyName = zip.FriendlyName;
LastAccessTime = zip.LastAccessTime;
Value = zip.Value;
return;
}
//41-75-67-4D is AugM
if (rawBytes[4] == 0x41 && rawBytes[5] == 0x75 && rawBytes[6] == 0x67 && rawBytes[7] == 0x4D)
{
var cdb = new ShellBagCDBurn(rawBytes);
Value = cdb.Value;
FriendlyName = cdb.FriendlyName;
CreatedOnTime = cdb.CreatedOnTime;
LastModificationTime = cdb.LastModificationTime;
LastAccessTime = cdb.LastAccessTime;
return;
}
Debug.Write("Oh no! No property sheets!");
Value = "!!! Unable to determine Value !!!";
}
index += shellPropertySheetListSize;
index += 2; //move past end of property sheet terminator
if (shellPropertySheetListSize > 0 && index < rawBytes.Length)
{
var extBlockSize = BitConverter.ToInt16(rawBytes, index);
if (extBlockSize > 0)
{
//process extension blocks
while (extBlockSize > 0)
{
var extBytes = rawBytes.Skip(index).Take(extBlockSize).ToArray();
index += extBlockSize;
var signature1 = BitConverter.ToUInt32(extBytes, 4);
var block1 = Utils.GetExtensionBlockFromBytes(signature1, extBytes);
ExtensionBlocks.Add(block1);
if (index >= rawBytes.Length)
{
break;
}
extBlockSize = BitConverter.ToInt16(rawBytes, index);
}
}
// int terminator = BitConverter.ToInt16(rawBytes, index);
//
// if (terminator > 0)
// {
// throw new Exception($"Expected terminator of 0, but got {terminator}");
// }
}
var valuestring = (from propertySheet in PropertyStore.Sheets
from propertyName in propertySheet.PropertyNames
where propertyName.Key == "10"
select propertyName.Value).FirstOrDefault();
if (valuestring == null)
{
var namesList =
(from propertySheet in PropertyStore.Sheets
from propertyName in propertySheet.PropertyNames
select propertyName.Value)
.ToList();
valuestring = string.Join("::", namesList.ToArray());
}
if (valuestring == "")
{
valuestring = "No Property sheet value found";
}
Value = valuestring;
}
private void ProcessPropertyViewDefault(byte[] rawBytes)
{
FriendlyName = "Variable: Users property view";
var index = 10;
var shellPropertySheetListSize = BitConverter.ToInt16(rawBytes, index);
index += 2;
var identifiersize = BitConverter.ToInt16(rawBytes, index);
index += 2;
var identifierData = new byte[identifiersize];
Array.Copy(rawBytes, index, identifierData, 0, identifiersize);
index += identifiersize;
if (shellPropertySheetListSize > 0)
{
var propBytes = rawBytes.Skip(index).Take(shellPropertySheetListSize).ToArray();
var propStore = new PropertyStore(propBytes);
PropertyStore = propStore;
var p = propStore.Sheets.Where(t => t.PropertyNames.ContainsKey("32"));
if (p.Any())
{
//we can now look thry prop bytes for extension blocks
//TODO this is a hack until we can process vectors natively
var extOffsets = new List<int>();
try
{
var regexObj = new Regex("([0-9A-F]{2})-00-EF-BE", RegexOptions.IgnoreCase);
var matchResult = regexObj.Match(BitConverter.ToString(propBytes));
while (matchResult.Success)
{
extOffsets.Add(matchResult.Index);
matchResult = matchResult.NextMatch();
}
foreach (var extOffset in extOffsets)
{
var binaryOffset = extOffset/3 - 4;
var exSize = BitConverter.ToInt16(propBytes, binaryOffset);
var exBytes = propBytes.Skip(binaryOffset).Take(exSize).ToArray();
var signature1 = BitConverter.ToUInt32(exBytes, 4);
//Debug.WriteLine(" 0x1f bag sig: " + signature1.ToString("X8"));
var block1 = Utils.GetExtensionBlockFromBytes(signature1, exBytes);
ExtensionBlocks.Add(block1);
}
}
catch (ArgumentException ex)
{
throw ex;
// Syntax error in the regular expression
}
// Debug.WriteLine("Found 32 key");
}
}
else
{
// Debug.Write("Oh no! No property sheets!");
// SiAuto.Main.LogWarning("Oh no! No property sheets!");
if (rawBytes[0x28] == 0x2f ||
(rawBytes[0x24] == 0x4e && rawBytes[0x26] == 0x2f && rawBytes[0x28] == 0x41))
{
//we have a good date
var zip = new ShellBagZipContents(rawBytes);
FriendlyName = zip.FriendlyName;
LastAccessTime = zip.LastAccessTime;
Value = zip.Value;
return;
}
//41-75-67-4D is AugM
if (rawBytes[4] == 0x41 && rawBytes[5] == 0x75 && rawBytes[6] == 0x67 && rawBytes[7] == 0x4D)
{
var cdb = new ShellBagCDBurn(rawBytes);
Value = cdb.Value;
FriendlyName = cdb.FriendlyName;
CreatedOnTime = cdb.CreatedOnTime;
LastModificationTime = cdb.LastModificationTime;
LastAccessTime = cdb.LastAccessTime;
return;
}
Debug.Write("Oh no! No property sheets!");
Value = "!!! Unable to determine Value !!!";
}
index += shellPropertySheetListSize;
index += 2; //move past end of property sheet terminator
if (shellPropertySheetListSize > 0 && index < rawBytes.Length)
{
var extBlockSize = BitConverter.ToInt16(rawBytes, index);
if (extBlockSize > 0)
{
//process extension blocks
while (extBlockSize > 0)
{
var extBytes = rawBytes.Skip(index).Take(extBlockSize).ToArray();
index += extBlockSize;
var signature1 = BitConverter.ToUInt32(extBytes, 4);
var block1 = Utils.GetExtensionBlockFromBytes(signature1, extBytes);
ExtensionBlocks.Add(block1);
if (index >= rawBytes.Length)
{
break;
}
extBlockSize = BitConverter.ToInt16(rawBytes, index);
}
}
// int terminator = BitConverter.ToInt16(rawBytes, index);
//
// if (terminator > 0)
// {
// throw new Exception($"Expected terminator of 0, but got {terminator}");
// }
}
var valuestring = (from propertySheet in PropertyStore.Sheets
from propertyName in propertySheet.PropertyNames
where propertyName.Key == "10"
select propertyName.Value).FirstOrDefault();
if (valuestring == null)
{
var namesList =
(from propertySheet in PropertyStore.Sheets
from propertyName in propertySheet.PropertyNames
select propertyName.Value)
.ToList();
valuestring = string.Join("::", namesList.ToArray());
}
if (valuestring == "")
{
valuestring = "No Property sheet value found";
}
Value = valuestring;
}
