/**
* Returns a List of FsContent objects from TSK based on sql query.
*
* @param image is a Image object that denotes which image to get the files from
* @param query is a sql string query that is to be run
* @return FFSqlitedb is a List of FsContent objects
*/
@SuppressWarnings("deprecation")
public List<FsContent> extractFiles(Image image, String query) {
Collection<FileSystem> imageFS = tskCase.getFileSystems(image);
List<String> fsIds = new LinkedList<String>();
for (FileSystem img : imageFS) {
Long tempID = img.getId();
fsIds.add(tempID.toString());
}
String allFS = new String();
for (int i = 0; i < fsIds.size(); i++) {
if (i == 0) {
allFS += " AND (0";
}
allFS += " OR fs_obj_id = '" + fsIds.get(i) + "'";
if (i == fsIds.size() - 1) {
allFS += ")";
}
}
List<FsContent> FFSqlitedb = null;
ResultSet rs = null;
try {
rs = tskCase.runQuery(query + allFS);
FFSqlitedb = tskCase.resultSetToFsContents(rs);
} catch (SQLException ex) {
logger.log(
Level.SEVERE, "Error while trying to extract files for:" + this.getClass().getName(), ex);
this.addErrorMessage(this.getName() + ": Error while trying to extract files to analyze.");
} finally {
if (rs != null) {
try {
tskCase.closeRunQuery(rs);
} catch (SQLException ex) {
logger.log(
Level.SEVERE,
"Error while trying to close result set after extract files for:"
+ this.getClass().getName(),
ex);
}
}
}
return FFSqlitedb;
}
