PhotoRec: stricter check for .prc - extract the modification date

1 files changed, 20 insertions, 1 deletions

diff --git a/src/file_prc.c b/src/file_prc.c
index b2e59b3..bd383f9 100644
--- a/src/file_prc.c
+++ b/src/file_prc.c
@@ -29,6 +29,7 @@
 #include <stdio.h>
 #include "types.h"
 #include "filegen.h"
+#include "common.h"
 
 static void register_header_check_prc(file_stat_t *file_stat);
 static int header_check_prc(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new);
@@ -50,12 +51,30 @@ static void register_header_check_prc(file_stat_t *file_stat)
   register_header_check(0x30, prc_header,sizeof(prc_header), &header_check_prc, file_stat);
 }
 
+typedef struct DatabaseHdrType_s {
+  unsigned char name[32];
+  uint16_t 	attributes;		/* 0x20 */
+  uint32_t      creationDate;		/* 0x22 */
+  uint32_t      modificationDate;	/* 0x26 */
+  uint32_t      lastBackupDate;		/* 0x2a */
+  uint32_t      modificationNumber;	/* 0x2e */
+  unsigned char appInfoID[5];		/* 0x32 */
+  unsigned char sortInfoID[5];
+  uint32_t      type;			/* 0x3c */
+  uint32_t      creator;		/* 0x40 */
+  uint32_t      uniqueIDSeed;		/* 0x44 */
+  /*  RecordListType recordList; */
+} __attribute__ ((__packed__));
+
 static int header_check_prc(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
 {
-  if(memcmp(&buffer[0x30],prc_header,sizeof(prc_header))==0)
+  const struct DatabaseHdrType_s *prc=(const struct DatabaseHdrType_s *)buffer;
+  if(memcmp(&buffer[0x30],prc_header,sizeof(prc_header))==0 &&
+      be32(prc->uniqueIDSeed)==0)
   {
     reset_file_recovery(file_recovery_new);
     file_recovery_new->extension=file_hint_prc.extension;
+    file_recovery_new->time=be32(prc->modificationDate);
     return 1;
   }
   return 0;