How to use the minidump.constants.MINIDUMP_STREAM_TYPE function in minidump
To help you get started, we’ve selected a few minidump examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
skelsec / minidump / minidump / directory.py View on Github 
def parse(buff):
raw_stream_type_value = MINIDUMP_DIRECTORY.get_stream_type_value(buff)
# StreamType value that are over 0xffff are considered MINIDUMP_USER_STREAM streams
# and their format depends on the client used to create the minidump.
# As per the documentation, this stream should be ignored : https://docs.microsoft.com/en-us/windows/win32/api/minidumpapiset/ne-minidumpapiset-minidumminidump_dirp_stream_type#remarks
is_user_stream = raw_stream_type_value > MINIDUMP_STREAM_TYPE.LastReservedStream.value
is_stream_supported = raw_stream_type_value in MINIDUMP_STREAM_TYPE._value2member_map_
if is_user_stream and not is_stream_supported:
return None
md = MINIDUMP_DIRECTORY()
md.StreamType = MINIDUMP_STREAM_TYPE(raw_stream_type_value)
md.Location = MINIDUMP_LOCATION_DESCRIPTOR.parse(buff)
return mddef create_streams(self):
sysinfo = self.sysreader.get_sysinfo()
self.streams[MINIDUMP_STREAM_TYPE.SystemInfoStream] = sysinfo
print(str(sysinfo))
moduleinfo = self.sysreader.get_modules()
self.streams[MINIDUMP_STREAM_TYPE.ModuleListStream] = moduleinfo
sections = self.sysreader.get_sections()
self.streams[MINIDUMP_STREAM_TYPE.MemoryInfoListStream] = sections
self.finalize_header()
memory = self.sysreader.get_memory()elif dir.StreamType == MINIDUMP_STREAM_TYPE.MemoryListStream:
logging.debug('Found MemoryListStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.memory_segments = MinidumpMemoryList.parse(dir, self.file_handle)
#logging.debug(str(self.memory_segments))
continue
elif dir.StreamType == MINIDUMP_STREAM_TYPE.SystemInfoStream:
logging.debug('Found SystemInfoStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.sysinfo = MinidumpSystemInfo.parse(dir, self.file_handle)
#logging.debug(str(self.sysinfo))
continue
elif dir.StreamType == MINIDUMP_STREAM_TYPE.ThreadExListStream:
logging.debug('Found ThreadExListStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.threads_ex = MinidumpThreadExList.parse(dir, self.file_handle)
#logging.debug(str(self.threads_ex))
continue
elif dir.StreamType == MINIDUMP_STREAM_TYPE.Memory64ListStream:
logging.debug('Found Memory64ListStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.memory_segments_64 = MinidumpMemory64List.parse(dir, self.file_handle)
#logging.debug(str(self.memory_segments_64))
continue
elif dir.StreamType == MINIDUMP_STREAM_TYPE.CommentStreamA:
logging.debug('Found CommentStreamA @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.comment_a = CommentStreamA.parse(dir, self.file_handle)
#logging.debug(str(self.comment_a))
continue
elif dir.StreamType == MINIDUMP_STREAM_TYPE.CommentStreamW:
logging.debug('Found CommentStreamW @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.comment_w = CommentStreamW.parse(dir, self.file_handle)
#logging.debug(str(self.comment_w))
continue
elif dir.StreamType == MINIDUMP_STREAM_TYPE.ExceptionStream:
logging.debug('Found ExceptionStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))def parse(buff):
raw_stream_type_value = MINIDUMP_DIRECTORY.get_stream_type_value(buff)
# StreamType value that are over 0xffff are considered MINIDUMP_USER_STREAM streams
# and their format depends on the client used to create the minidump.
# As per the documentation, this stream should be ignored : https://docs.microsoft.com/en-us/windows/win32/api/minidumpapiset/ne-minidumpapiset-minidumminidump_dirp_stream_type#remarks
is_user_stream = raw_stream_type_value > MINIDUMP_STREAM_TYPE.LastReservedStream.value
is_stream_supported = raw_stream_type_value in MINIDUMP_STREAM_TYPE._value2member_map_
if is_user_stream and not is_stream_supported:
return None
md = MINIDUMP_DIRECTORY()
md.StreamType = MINIDUMP_STREAM_TYPE(raw_stream_type_value)
md.Location = MINIDUMP_LOCATION_DESCRIPTOR.parse(buff)
return mddef __parse_directories(self):
for dir in self.directories:
if dir.StreamType == MINIDUMP_STREAM_TYPE.UnusedStream:
logging.debug('Found UnusedStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
continue # Reserved. Do not use this enumeration value.
elif dir.StreamType == MINIDUMP_STREAM_TYPE.ReservedStream0:
logging.debug('Found ReservedStream0 @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
continue # Reserved. Do not use this enumeration value.
elif dir.StreamType == MINIDUMP_STREAM_TYPE.ReservedStream1:
logging.debug('Found ReservedStream1 @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
continue # Reserved. Do not use this enumeration value.
elif dir.StreamType == MINIDUMP_STREAM_TYPE.ThreadListStream:
logging.debug('Found ThreadListStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.threads = MinidumpThreadList.parse(dir, self.file_handle)
continue
elif dir.StreamType == MINIDUMP_STREAM_TYPE.ModuleListStream:
logging.debug('Found ModuleListStream @%x Size: %d' % (dir.Location.Rva, dir.Location.DataSize))
self.modules = MinidumpModuleList.parse(dir, self.file_handle)
#logging.debug(str(modules_list))def create_streams(self):
sysinfo = self.sysreader.get_sysinfo()
self.streams[MINIDUMP_STREAM_TYPE.SystemInfoStream] = sysinfo
print(str(sysinfo))
moduleinfo = self.sysreader.get_modules()
self.streams[MINIDUMP_STREAM_TYPE.ModuleListStream] = moduleinfo
sections = self.sysreader.get_sections()
self.streams[MINIDUMP_STREAM_TYPE.MemoryInfoListStream] = sections
self.finalize_header()
memory = self.sysreader.get_memory()def parse(buff):
raw_stream_type_value = MINIDUMP_DIRECTORY.get_stream_type_value(buff)
# StreamType value that are over 0xffff are considered MINIDUMP_USER_STREAM streams
# and their format depends on the client used to create the minidump.
# As per the documentation, this stream should be ignored : https://docs.microsoft.com/en-us/windows/win32/api/minidumpapiset/ne-minidumpapiset-minidumminidump_dirp_stream_type#remarks
is_user_stream = raw_stream_type_value > MINIDUMP_STREAM_TYPE.LastReservedStream.value
is_stream_supported = raw_stream_type_value in MINIDUMP_STREAM_TYPE._value2member_map_
if is_user_stream and not is_stream_supported:
return None
md = MINIDUMP_DIRECTORY()
md.StreamType = MINIDUMP_STREAM_TYPE(raw_stream_type_value)
md.Location = MINIDUMP_LOCATION_DESCRIPTOR.parse(buff)
return mdminidump
Python library to parse Windows minidump file format
Package Health Score
77 / 100Popular minidump functions
- minidump.constants.MINIDUMP_STREAM_TYPE
- minidump.directory.MINIDUMP_DIRECTORY
- minidump.directory.MINIDUMP_DIRECTORY.get_stream_type_value
- minidump.header.MinidumpHeader
- minidump.minidumpfile.MinidumpFile
- minidump.minidumpfile.MinidumpFile.parse
- minidump.minidumpfile.MinidumpFile.parse_bytes
- minidump.minidumpreader.MinidumpBufferedMemorySegment
- minidump.StreamDirectory
- minidump.streams.HandleDataStream.MinidumpHandleDescriptor
- minidump.streams.MemoryListStream.MINIDUMP_MEMORY_DESCRIPTOR.parse
- minidump.streams.MiscInfoStream.MinidumpMiscInfo2Flags1
- minidump.streams.MiscInfoStream.MinidumpMiscInfoFlags1
- minidump.streams.ModuleListStream.VS_FIXEDFILEINFO
- minidump.streams.SystemInfoStream.PROCESSOR_ARCHITECTURE
- minidump.streams.SystemInfoStream.PROCESSOR_ARCHITECTURE.AMD64
- minidump.streams.SystemInfoStream.PROCESSOR_ARCHITECTURE.INTEL
- minidump.streamType
- minidump.utils.winapi.defines.Structure
- minidump.win_datatypes.POINTER