开发者

Problems parsing a Microsoft compound document

I'm having a bit of a struggle wrestling with the compound document format.

I'm working in C at the moment but am having problems with locating the directory sector. I can obtain the compound doc header which is trivial and I know the formula for finding a file offset of a sector id (secid + 1 << sec_size), but whenever I use this formula to convert the secid to fileoffset for the directory I get random values.

Can someone help me understand how I resolve secid offsets properly and maybe also how to develop secid chains from the sector allocation table in a compound document?

Here is an example of what I've tried:

  comp_doc_header* cdh((comp_doc_header*)buffer);
  printf("cdoc header:%d\n", sizeof(cd_dir_entry));
  if(cdh->rev_num == 0x003E)printf("rev match\n");
  //check magic number
  if(cdh->comp_doc_id[0] != (unsigned char)0xD0 ||
     cdh->comp_doc_id[1] != (unsigned char)0xCF ||
     cdh->comp_doc_id[2] != (unsigned char)0x11 ||
     cdh->comp_doc_id[3] != (unsigned 开发者_开发问答char)0xE0 ||
     cdh->comp_doc_id[4] != (unsigned char)0xA1 ||
     cdh->comp_doc_id[5] != (unsigned char)0xB1 ||
     cdh->comp_doc_id[6] != (unsigned char)0x1A ||
     cdh->comp_doc_id[7] != (unsigned char)0xE1)
    return 0;

  buffer += 512;

  //here i try and get the first directory entry
  cd_dir_entry* cde((cd_dir_entry*)&buffer[(cdh->first_sector_id + 1) << 512]);


EDIT: (secid + 1) * 512 should be (secid + 1) * sec_size


Is this C? I can't parse your first or last posted lines

cd_dir_entry* cde((cd_dir_entry*)&buffer[(cdh->first_sector_id + 1) << 512]);

It appears you're declaring cde as a function that returns a pointer to a cd_dir_entry; but the parameter prototype is all wrong ... so you're calling the function and multiplying the result by cd_dir_entry and promptly ignoring the result of the multiplication.


Edit

My simplification trying to understand the line

cd_dir_entry* cde(<cast>&buffer[(cdh->first_sector_id + 1) << 512]);
cd_dir_entry* cde(<cast>&buffer[<elem>]);
cd_dir_entry* cde(<parameter>);
/* this is either a function prototype */
/* or a multiplication with `cd_dir_entry` and the value returned from cde() */
/* in either case it does nothing (no side-effects present), */
/* unless cde messes with global variables */
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜