Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
self.is_fulldump = True
else:
self.memory_segments = minidumpfile.memory_segments.memory_segments
self.is_fulldump = False
self.filename = minidumpfile.filename
self.file_handle = minidumpfile.file_handle
#reader params
self.sizeof_long = 4
self.unpack_long = '
t += self.BuildNumber.to_bytes(4, byteorder = 'little', signed = False)
t += self.PlatformId.to_bytes(4, byteorder = 'little', signed = False)
if data_buffer is None:
t += self.CSDVersionRva.to_bytes(4, byteorder = 'little', signed = False)
else:
pos = data_buffer.tell()
data_buffer.write(100*b'\x00')
self.CSDVersionRva = data_buffer.tell()
data_buffer.write(self.CSDVersion.encode('ascii') + b'\x00')
pos_end = data_buffer.tell()
data_buffer.seek(pos,0)
t += self.CSDVersionRva.to_bytes(4, byteorder = 'little', signed = False)
#missing filed here?
t += self.SuiteMask.to_bytes(2, byteorder = 'little', signed = False)
t += self.Reserved2.to_bytes(2, byteorder = 'little', signed = False)
if self.ProcessorArchitecture == PROCESSOR_ARCHITECTURE.INTEL:
for vid in self.VendorId:
t += vid.to_bytes(4, byteorder = 'little', signed = False)
t += self.VersionInformation.value.to_bytes(4, byteorder = 'little', signed = False)
t += self.FeatureInformation.value.to_bytes(4, byteorder = 'little', signed = False)
t += self.AMDExtendedCpuFeatures.value.to_bytes(4, byteorder = 'little', signed = False)
else:
for pf in self.ProcessorFeatures:
t += pf.to_bytes(8, byteorder = 'little', signed = False)
if data_buffer is None:
return t
else:
data_buffer.write(t)
def from_minidump(minidump):
sysinfo = KatzSystemInfo()
if minidump.sysinfo.ProcessorArchitecture == PROCESSOR_ARCHITECTURE.AMD64:
sysinfo.architecture = KatzSystemArchitecture.X64
elif minidump.sysinfo.ProcessorArchitecture == PROCESSOR_ARCHITECTURE.INTEL:
sysinfo.architecture = KatzSystemArchitecture.X86
sysinfo.operating_system = minidump.sysinfo.OperatingSystem
sysinfo.buildnumber = minidump.sysinfo.BuildNumber
sysinfo.msv_dll_timestamp = 0
for module in minidump.modules.modules:
if module.name.find('lsasrv.dll') != -1:
sysinfo.msv_dll_timestamp = module.timestamp
return sysinfo
#sysinfo.Reserved0 = None
sysinfo.NumberOfProcessors = sysinfo_raw.dwNumberOfProcessors
sysinfo.ProductType = PRODUCT_TYPE(version_raw.wProductType)
sysinfo.MajorVersion = version_raw.dwMajorVersion
sysinfo.MinorVersion = version_raw.dwMinorVersion
sysinfo.BuildNumber = version_raw.dwBuildNumber
sysinfo.PlatformId = version_raw.dwPlatformId
sysinfo.CSDVersionRva = 0
#sysinfo.Reserved1 = None
sysinfo.SuiteMask = version_raw.wSuiteMask
#sysinfo.Reserved2 = None
sysinfo.CSDVersion = version_raw.szCSDVersion
#below todo, keeping all zeroes for now..
if sysinfo.ProcessorArchitecture == PROCESSOR_ARCHITECTURE.INTEL:
sysinfo.VendorId = [0,0,0]
sysinfo.VersionInformation = 0
sysinfo.FeatureInformation = 0
sysinfo.AMDExtendedCpuFeatures = 0
else:
sysinfo.ProcessorFeatures = [0,0]
self.sysinfo_raw = sysinfo_raw
return sysinfo