def test_freelists(self):
''' List all free blocks '''
# TODO test 0x0061a000 for overflow
#self.skipTest('known ok')
self.assertNotEqual(self._mappings, None)
heap_sums = dict([(heap, list())
for heap in self._mappings.getHeaps()])
child_heaps = dict()
# append addr and size to each mmaps
for heap in self._mappings.getHeaps():
log.debug('==== walking heap num: %0.2d @ %0.8x' %
(win7heapwalker.readHeap(heap).ProcessHeapsListIndex,
heap.start))
walker = win7heapwalker.Win7HeapWalker(self._mappings, heap, 0)
for x, s in walker._get_freelists():
m = self._mappings.getMmapForAddr(x)
#Found new mmap outside of heaps mmaps
if m not in heap_sums:
heap_sums[m] = []
heap_sums[m].append((x, s))
#self.assertEquals( free_size, walker.HEAP().TotalFreeSize)
# save mmap hierarchy
child_heaps[heap] = walker.get_heap_children_mmaps()
# calcul cumulates
for heap, children in child_heaps.items():
# for each heap, look at all children
freeblocks = map(lambda x: x[0], heap_sums[heap])
free_size = sum(map(lambda x: x[1], heap_sums[heap]))
cheap = win7heapwalker.readHeap(heap)
log.debug('-- heap 0x%0.8x \t free:%0.5x \texpected: %0.5x' %
(heap.start, free_size, cheap.TotalFreeSize))
total = free_size
for child in children:
freeblocks = map(lambda x: x[0], heap_sums[child])
self.assertEquals(len(freeblocks), len(set(freeblocks)))
#print heap_sums[child]
free_size = sum(map(lambda x: x[1], heap_sums[child]))
log.debug(' \_ mmap 0x%0.8x\t free:%0.5x ' %
(child.start, free_size))
self.assertEquals(len(freeblocks), len(set(freeblocks)))
total += free_size
log.debug(' \= total: \t\t free:%0.5x ' % (total))
maxlen = len(heap)
cheap = win7heapwalker.readHeap(heap)
self.assertEquals(cheap.TotalFreeSize, total)
log.debug(
'heap: 0x%0.8x free: %0.5x \texpected: %0.5x \tmmap len:%0.5x'
% (heap.start, total, cheap.TotalFreeSize, maxlen))
return
def test_freelists(self):
''' List all free blocks '''
# TODO test 0x0061a000 for overflow
#self.skipTest('known ok')
self.assertNotEqual( self._mappings, None )
heap_sums = dict([(heap,list()) for heap in self._mappings.getHeaps()])
child_heaps = dict()
# append addr and size to each mmaps
for heap in self._mappings.getHeaps():
log.debug( '==== walking heap num: %0.2d @ %0.8x'%(win7heapwalker.readHeap(heap).ProcessHeapsListIndex, heap.start))
walker = win7heapwalker.Win7HeapWalker(self._mappings, heap, 0)
for x,s in walker._get_freelists():
m = self._mappings.getMmapForAddr(x)
#Found new mmap outside of heaps mmaps
if m not in heap_sums:
heap_sums[m] = []
heap_sums[m].append( (x,s) )
#self.assertEquals( free_size, walker.HEAP().TotalFreeSize)
# save mmap hierarchy
child_heaps[heap] = walker.get_heap_children_mmaps()
# calcul cumulates
for heap, children in child_heaps.items():
# for each heap, look at all children
freeblocks = map(lambda x: x[0], heap_sums[heap])
free_size = sum(map(lambda x: x[1], heap_sums[heap]))
cheap = win7heapwalker.readHeap(heap)
log.debug('-- heap 0x%0.8x \t free:%0.5x \texpected: %0.5x'%(heap.start, free_size, cheap.TotalFreeSize))
total = free_size
for child in children:
freeblocks = map(lambda x: x[0], heap_sums[child])
self.assertEquals( len(freeblocks), len(set(freeblocks)))
#print heap_sums[child]
free_size = sum(map(lambda x: x[1], heap_sums[child]))
log.debug(' \_ mmap 0x%0.8x\t free:%0.5x '%(child.start, free_size))
self.assertEquals( len(freeblocks), len(set(freeblocks)))
total += free_size
log.debug(' \= total: \t\t free:%0.5x '%(total) )
maxlen = len(heap)
cheap = win7heapwalker.readHeap(heap)
self.assertEquals(cheap.TotalFreeSize, total)
log.debug( 'heap: 0x%0.8x free: %0.5x \texpected: %0.5x \tmmap len:%0.5x'%(heap.start, total, cheap.TotalFreeSize, maxlen ) )
return
def test_sorted_heaps(self):
''' check if memory_mapping gives heaps sorted by index. '''
#self.skipTest('known_ok')
for i, m in enumerate(self._mappings.getHeaps()):
#print '%d @%0.8x'%(win7heapwalker.readHeap(m).ProcessHeapsListIndex, m.start)
self.assertEquals(win7heapwalker.readHeap(m).ProcessHeapsListIndex, i+1, 'ProcessHeaps should have correct indexes')
return
def test_sorted_heaps(self):
''' check if memory_mapping gives heaps sorted by index. '''
#self.skipTest('known_ok')
for i, m in enumerate(self._mappings.getHeaps()):
#print '%d @%0.8x'%(win7heapwalker.readHeap(m).ProcessHeapsListIndex, m.start)
self.assertEquals(
win7heapwalker.readHeap(m).ProcessHeapsListIndex, i + 1,
'ProcessHeaps should have correct indexes')
return
def search_win_heaps(self):
# TODO move in haystack.reverse.heapwalker
from haystack.reverse.win32 import win7heapwalker # FIXME win7, winxp...
heaps = list()
for mapping in self.mappings:
if win7heapwalker.is_heap(self, mapping):
heaps.append(mapping)
log.debug('%s is a Heap'%(mapping))
mapping._children = win7heapwalker.Win7HeapWalker(self, mapping, 0).get_heap_children_mmaps()
# order by ProcessHeapsListIndex
heaps.sort(key=lambda m: win7heapwalker.readHeap(m).ProcessHeapsListIndex)
return heaps
def search_win_heaps(self):
# TODO move in haystack.reverse.heapwalker
from haystack.reverse.win32 import win7heapwalker # FIXME win7, winxp...
heaps = list()
for mapping in self.mappings:
if win7heapwalker.is_heap(self, mapping):
heaps.append(mapping)
log.debug('%s is a Heap' % (mapping))
mapping._children = win7heapwalker.Win7HeapWalker(
self, mapping, 0).get_heap_children_mmaps()
# order by ProcessHeapsListIndex
heaps.sort(
key=lambda m: win7heapwalker.readHeap(m).ProcessHeapsListIndex)
return heaps