Example #1
0
def fileHeader(self):
    yield filesizeHandler(
        UInt32(self, "compressed_size", "Size of the compressed file"))
    yield filesizeHandler(
        UInt32(self, "uncompressed_size", "Uncompressed file size"))
    yield TimeDateMSDOS32(self, "ftime", "Date and time (MS DOS format)")
    if self["/header/host_os"].value in (OS_MSDOS, OS_WIN32):
        yield MSDOSFileAttr32(self, "file_attr", "File attributes")
    else:
        yield textHandler(UInt32(self, "file_attr", "File attributes"),
                          hexadecimal)
    yield textHandler(
        UInt32(self, "file_crc32", "CRC32 checksum over the compressed file)"),
        hexadecimal)
    yield Enum(UInt8(self, "compression_type", "Type of compression"),
               COMPRESSION_TYPE)
    yield Enum(UInt8(self, "compression_mode", "Quality of compression"),
               COMPRESSION_MODE)
    yield textHandler(UInt16(self, "parameters", "Compression parameters"),
                      hexadecimal)
    yield textHandler(UInt16(self, "reserved", "Reserved data"), hexadecimal)
    # Filename
    yield PascalString16(self, "filename", "Filename")
    # Comment
    if self["flags/has_comment"].value:
        yield filesizeHandler(
            UInt16(self, "comment_size", "Size of the compressed comment"))
        if self["comment_size"].value > 0:
            yield RawBytes(self, "comment_data", self["comment_size"].value,
                           "Comment data")
Example #2
0
 def createFields(self):
     yield Enum(Bits(self, "compression_method", 4), {
         8: "deflate",
         15: "reserved"
     })  # CM
     yield Bits(self, "compression_info", 4,
                "base-2 log of the window size")  # CINFO
     yield Bits(self, "flag_check_bits", 5)  # FCHECK
     yield Bit(self, "flag_dictionary_present")  # FDICT
     yield Enum(
         Bits(self, "flag_compression_level", 2),  # FLEVEL
         {
             0: "Fastest",
             1: "Fast",
             2: "Default",
             3: "Maximum, Slowest"
         })
     if self["flag_dictionary_present"].value:
         yield textHandler(
             UInt32(self, "dict_checksum",
                    "ADLER32 checksum of dictionary information"),
             hexadecimal)
     yield DeflateData(self,
                       "data",
                       self.stream,
                       description="Compressed Data")
     yield textHandler(
         UInt32(self, "data_checksum",
                "ADLER32 checksum of compressed data"), hexadecimal)
Example #3
0
 def createFields(self):
     yield String(self, "header", 2, "File header (MZ)", charset="ASCII")
     yield UInt16(self, "size_mod_512", "File size in bytes modulo 512")
     yield UInt16(self, "size_div_512", "File size in bytes divide by 512")
     yield UInt16(self, "reloc_entries", "Number of relocation entries")
     yield UInt16(self, "code_offset",
                  "Offset to the code in the file (divided by 16)")
     yield UInt16(self, "needed_memory",
                  "Memory needed to run (divided by 16)")
     yield UInt16(self, "max_memory",
                  "Maximum memory needed to run (divided by 16)")
     yield textHandler(
         UInt32(self, "init_ss_sp", "Initial value of SP:SS registers"),
         hexadecimal)
     yield UInt16(self, "checksum", "Checksum")
     yield textHandler(
         UInt32(self, "init_cs_ip", "Initial value of CS:IP registers"),
         hexadecimal)
     yield UInt16(self, "reloc_offset",
                  "Offset in file to relocation table")
     yield UInt16(self, "overlay_number", "Overlay number")
     yield PaddingBytes(self, "reserved[]", 8, "Reserved")
     yield UInt16(self, "oem_id", "OEM id")
     yield UInt16(self, "oem_info", "OEM info")
     yield PaddingBytes(self, "reserved[]", 20, "Reserved")
     yield UInt32(self, "next_offset", "Offset to next header (PE or NE)")
Example #4
0
 def createFields(self):
     yield String(self, "magic", 4)
     yield String(self, "version", 4, strip='\0')
     yield textHandler(UInt32(self, "checksum"), hexadecimal)
     yield RawBytes(self, "signature", 20, description="SHA1 sum over all subsequent data")
     yield filesizeHandler(UInt32(self, "filesize"))
     yield UInt32(self, "size", description="Header size")
     self._size = self['size'].value * 8
     yield textHandler(UInt32(self, "endian"), hexadecimal)
     yield UInt32(self, "link_count")
     yield UInt32(self, "link_offset")
     yield UInt32(self, "map_offset", description="offset to map footer")
     yield UInt32(self, "string_count", description="number of entries in string table")
     yield UInt32(self, "string_offset", description="offset to string table")
     yield UInt32(self, "type_desc_count", description="number of entries in type descriptor table")
     yield UInt32(self, "type_desc_offset", description="offset to type descriptor table")
     yield UInt32(self, "meth_desc_count", description="number of entries in method descriptor table")
     yield UInt32(self, "meth_desc_offset", description="offset to method descriptor table")
     yield UInt32(self, "field_count", description="number of entries in field table")
     yield UInt32(self, "field_offset", description="offset to field table")
     yield UInt32(self, "method_count", description="number of entries in method table")
     yield UInt32(self, "method_offset", description="offset to method table")
     yield UInt32(self, "class_count", description="number of entries in class table")
     yield UInt32(self, "class_offset", description="offset to class table")
     yield UInt32(self, "data_size", description="size of data region")
     yield UInt32(self, "data_offset", description="offset to data region")
Example #5
0
    def createFields(self):
        while self.stream.readBytes(self.absolute_address + self.current_size, 1) == '%':
            size = getLineEnd(self, 4)
            if size == 2:
                yield String(self, "crc32_comment", 1)
                yield textHandler(UInt16(self, "crc32"), hexadecimal)
            elif size == 4:
                yield String(self, "crc32_comment", 1)
                yield textHandler(UInt32(self, "crc32"), hexadecimal)
            elif self.stream.readBytes(self.absolute_address + self.current_size, size).isalpha():
                yield String(self, "comment[]", size)
            else:
                RawBytes(self, "unknown_data[]", size)
            yield LineEnd(self, "line_end[]")

        # abs_offset = self.current_size // 8
        # TODO: yield objects that read offsets and deduce size from
        # "/cross_ref_table/sub_section[]/entries/item[]"
        offsets = []
        for subsection in self.array("/cross_ref_table/sub_section"):
            for obj in subsection.array("entries/item"):
                if "byte_offset" in obj:
                    # Could be inserted already sorted
                    offsets.append(obj["byte_offset"].value)

        offsets.append(self["/cross_ref_table"].absolute_address // 8)
        offsets.sort()
        for index in xrange(len(offsets) - 1):
            yield Catalog(self, "object[]", size=offsets[index + 1] - offsets[index])
Example #6
0
 def createFields(self):
     yield String(self, "name", 22, strip='\0')
     yield UInt16(self, "sample_count")
     yield textHandler(UInt8(self, "fine_tune"), getFineTune)
     yield textHandler(UInt8(self, "volume"), getVolume)
     yield UInt16(self, "loop_start", "Loop start offset in samples")
     yield UInt16(self, "loop_len", "Loop length in samples")
Example #7
0
    def createFields(self):
        # Version 2 (12 bytes)
        yield UInt32(self, "header_size", "Header size")
        yield UInt32(self, "width", "Width (pixels)")
        yield UInt32(self, "height", "Height (pixels)")
        yield UInt16(self, "nb_plan", "Number of plan (=1)")
        yield UInt16(self, "bpp",
                     "Bits per pixel")  # may be zero for PNG/JPEG picture

        # Version 3 (40 bytes)
        if self["header_size"].value < 40:
            return
        yield Enum(UInt32(self, "compression", "Compression method"),
                   BmpFile.COMPRESSION_NAME)
        yield UInt32(self, "image_size", "Image size (bytes)")
        yield UInt32(self, "horizontal_dpi", "Horizontal DPI")
        yield UInt32(self, "vertical_dpi", "Vertical DPI")
        yield UInt32(self, "used_colors", "Number of color used")
        yield UInt32(self, "important_color", "Number of import colors")

        # Version 4 (108 bytes)
        if self["header_size"].value < 108:
            return
        yield textHandler(UInt32(self, "red_mask"), hexadecimal)
        yield textHandler(UInt32(self, "green_mask"), hexadecimal)
        yield textHandler(UInt32(self, "blue_mask"), hexadecimal)
        yield textHandler(UInt32(self, "alpha_mask"), hexadecimal)
        yield Enum(UInt32(self, "color_space"), self.color_space_name)
        yield CIEXYZ(self, "red_primary")
        yield CIEXYZ(self, "green_primary")
        yield CIEXYZ(self, "blue_primary")
        yield UInt32(self, "gamma_red")
        yield UInt32(self, "gamma_green")
        yield UInt32(self, "gamma_blue")
Example #8
0
    def createFields(self):
        if self._m2ts:
            yield Bits(self, "c", 2)
            yield Bits(self, "ats", 32 - 2)
        yield textHandler(UInt8(self, "sync", 8), hexadecimal)
        if self["sync"].value != 0x47:
            raise ParserError("MPEG-2 TS: Invalid synchronization byte")
        yield Bit(self, "has_error")
        yield Bit(self, "payload_unit_start")
        yield Bit(self, "priority")
        yield Enum(
            textHandler(Bits(self, "pid", 13, "Program identifier"),
                        hexadecimal), self.PID)
        yield Bits(self, "scrambling_control", 2)
        yield Bit(self, "has_adaptation")
        yield Bit(self, "has_payload")
        yield Bits(self, "counter", 4)

        if self["has_adaptation"].value:
            yield AdaptationField(self, "adaptation_field")
        if self["has_payload"].value:
            size = 188
            if self._m2ts:
                size += 4
            size -= (self.current_size // 8)
            yield RawBytes(self, "payload", size)
        if self["has_error"].value:
            yield RawBytes(self, "error_correction", 16)
Example #9
0
 def createFields(self):
     yield UInt32(self, "size")
     self._size = (self['size'].value + 4) * 8
     yield RawBytes(self, "unknown[]", 10)
     yield textHandler(UInt16(self, "video_pid", "PID of video data in stream file"), hexadecimal)
     yield AVCHDMPLS_StreamAttribs(self, "video_attribs")
     yield textHandler(UInt16(self, "audio_pid", "PID of audio data in stream file"), hexadecimal)
     yield AVCHDMPLS_StreamAttribs(self, "audio_attribs")
Example #10
0
 def createFields(self):
     yield UInt32(self, "unknown[]")
     yield UInt32(self, "index")
     yield UInt32(self, "unknown[]")
     yield textHandler(UInt32(self, "unknown_id"), hexadecimal)
     yield UInt32(self, "unknown[]")
     yield textHandler(UInt32(self, "playlist_id"), lambda field: '%05d' % field.value)
     yield UInt32(self, "unknown[]")
Example #11
0
    def createFields(self):
        # Gzip header
        yield Bytes(self, "signature", 2, r"GZip file signature (\x1F\x8B)")
        yield Enum(UInt8(self, "compression", "Compression method"),
                   self.COMPRESSION_NAME)

        # Flags
        yield Bit(self, "is_text", "File content is probably ASCII text")
        yield Bit(self, "has_crc16", "Header CRC16")
        yield Bit(self, "has_extra", "Extra informations (variable size)")
        yield Bit(self, "has_filename", "Contains filename?")
        yield Bit(self, "has_comment", "Contains comment?")
        yield NullBits(self, "reserved[]", 3)
        yield TimestampUnix32(self, "mtime", "Modification time")

        # Extra flags
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "slowest",
                  "Compressor used maximum compression (slowest)")
        yield Bit(self, "fastest", "Compressor used the fastest compression")
        yield NullBits(self, "reserved[]", 5)
        yield Enum(UInt8(self, "os", "Operating system"), self.os_name)

        # Optional fields
        if self["has_extra"].value:
            yield UInt16(self, "extra_length", "Extra length")
            yield RawBytes(self, "extra", self["extra_length"].value, "Extra")
        if self["has_filename"].value:
            yield CString(self, "filename", "Filename", charset="ISO-8859-1")
        if self["has_comment"].value:
            yield CString(self, "comment", "Comment")
        if self["has_crc16"].value:
            yield textHandler(UInt16(self, "hdr_crc16", "CRC16 of the header"),
                              hexadecimal)

        if self._size is None:  # TODO: is it possible to handle piped input?
            raise NotImplementedError()

        # Read file
        size = (self._size - self.current_size) // 8 - 8  # -8: crc32+size
        if 0 < size:
            if self["has_filename"].value:
                filename = self["filename"].value
            else:
                for tag, filename in self.stream.tags:
                    if tag == "filename" and filename.endswith(".gz"):
                        filename = filename[:-3]
                        break
                else:
                    filename = None
            yield Deflate(SubFile(self, "file", size, filename=filename))

        # Footer
        yield textHandler(
            UInt32(self, "crc32", "Uncompressed data content CRC32"),
            hexadecimal)
        yield filesizeHandler(UInt32(self, "size", "Uncompressed size"))
Example #12
0
 def createFields(self):
     yield textHandler(UInt32(self, "class", description="Class being described"), classIndex)
     yield AccessFlags(self, "flags")
     yield textHandler(UInt32(self, "superclass", description="Superclass"), classIndex)
     yield UInt32(self, "interfaces_offset", description="Offset to interface list")
     yield textHandler(UInt32(self, "filename", description="Filename"), stringIndex)
     yield UInt32(self, "annotations_offset")
     yield UInt32(self, "class_data_offset")
     yield UInt32(self, "static_values_offset")
Example #13
0
 def createFields(self):
     yield textHandler(
         UInt32(self, "signature",
                "Placeable Metafiles signature (0x9AC6CDD7)"), hexadecimal)
     yield UInt16(self, "handle")
     yield RECT16(self, "rect")
     yield UInt16(self, "inch")
     yield NullBytes(self, "reserved", 4)
     yield textHandler(UInt16(self, "checksum"), hexadecimal)
Example #14
0
 def createFields(self):
     yield Enum(UInt32(self, "type", "Segment type"),
                ProgramHeader32.TYPE_NAME)
     yield ProgramFlags(self, "flags")
     yield UInt64(self, "offset", "Offset")
     yield textHandler(UInt64(self, "vaddr", "V. address"), hexadecimal)
     yield textHandler(UInt64(self, "paddr", "P. address"), hexadecimal)
     yield UInt64(self, "file_size", "File size")
     yield UInt64(self, "mem_size", "Memory size")
     yield UInt64(self, "align", "Alignment padding")
Example #15
0
 def createFields(self):
     yield textHandler(Int32(self, "ns"), stringIndex)
     yield textHandler(Int32(self, "name"), stringIndex)
     yield textHandler(Int32(self, "value_string"), stringIndex)
     yield UInt16(self, "unk[]")
     yield UInt8(self, "unk[]")
     yield Enum(UInt8(self, "value_type"), self.TYPE_NAME)
     func = self.TYPE_FUNC.get(self['value_type'].value, None)
     if not func:
         func = UInt32
     yield func(self, "value_data")
Example #16
0
def TagStart(self):
    yield UInt32(self, "lineno", "Line number from original XML file")
    yield Int32(self, "unk[]", "Always -1")
    yield textHandler(Int32(self, "ns"), stringIndex)
    yield textHandler(Int32(self, "name"), stringIndex)
    yield UInt32(self, "flags")
    yield UInt16(self, "attrib_count")
    yield UInt16(self, "attrib_id")
    yield UInt16(self, "attrib_class")
    yield UInt16(self, "attrib_style")
    for i in xrange(self['attrib_count'].value):
        yield XMLAttribute(self, "attrib[]")
Example #17
0
    def createFields(self):
        yield Bytes(self, "signature", 2, "New executable signature (NE)")
        yield UInt8(self, "link_ver", "Linker version number")
        yield UInt8(self, "link_rev", "Linker revision number")
        yield UInt16(self, "entry_table_ofst", "Offset to the entry table")
        yield UInt16(self, "entry_table_size", "Length (in bytes) of the entry table")
        yield PaddingBytes(self, "reserved[]", 4)

        yield Bit(self, "is_dll", "Is a dynamic-link library (DLL)?")
        yield Bit(self, "is_win_app", "Is a Windows application?")
        yield PaddingBits(self, "reserved[]", 9)
        yield Bit(self, "first_seg_code", "First segment contains code that loads the application?")
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "link_error", "Load even if linker detects errors?")
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "is_lib", "Is a library module?")

        yield UInt16(self, "auto_data_seg", "Automatic data segment number")
        yield filesizeHandler(UInt16(self, "local_heap_size", "Initial size (in bytes) of the local heap"))
        yield filesizeHandler(UInt16(self, "stack_size", "Initial size (in bytes) of the stack"))
        yield textHandler(UInt32(self, "cs_ip", "Value of CS:IP"), hexadecimal)
        yield textHandler(UInt32(self, "ss_sp", "Value of SS:SP"), hexadecimal)

        yield UInt16(self, "nb_entry_seg_tab", "Number of entries in the segment table")
        yield UInt16(self, "nb_entry_modref_tab", "Number of entries in the module-reference table")
        yield filesizeHandler(UInt16(self, "size_nonres_name_tab", "Number of bytes in the nonresident-name table"))
        yield UInt16(self, "seg_tab_ofs", "Segment table offset")
        yield UInt16(self, "rsrc_ofs", "Resource offset")

        yield UInt16(self, "res_name_tab_ofs", "Resident-name table offset")
        yield UInt16(self, "mod_ref_tab_ofs", "Module-reference table offset")
        yield UInt16(self, "import_tab_ofs", "Imported-name table offset")

        yield UInt32(self, "non_res_name_tab_ofs", "Nonresident-name table offset")
        yield UInt16(self, "nb_mov_ent_pt", "Number of movable entry points")
        yield UInt16(self, "log2_sector_size", "Log2 of the segment sector size")
        yield UInt16(self, "nb_rsrc_seg", "Number of resource segments")

        yield Bit(self, "unknown_os_format", "Operating system format is unknown")
        yield PaddingBits(self, "reserved[]", 1)
        yield Bit(self, "os_windows", "Operating system is Microsoft Windows")
        yield NullBits(self, "reserved[]", 6)
        yield Bit(self, "is_win20_prot", "Is Windows 2.x application running in version 3.x protected mode")
        yield Bit(self, "is_win20_font", "Is Windows 2.x application supporting proportional fonts")
        yield Bit(self, "fast_load", "Contains a fast-load area?")
        yield NullBits(self, "reserved[]", 4)

        yield UInt16(self, "fastload_ofs", "Fast-load area offset (in sector)")
        yield UInt16(self, "fastload_size", "Fast-load area length (in sector)")

        yield NullBytes(self, "reserved[]", 2)
        yield textHandler(UInt16(self, "win_version", "Expected Windows version number"), hexadecimal)
Example #18
0
def parseSoundHeader(parent, size):
    yield Bit(parent, "playback_is_stereo")
    yield Bit(parent, "playback_is_16bit")
    yield textHandler(Bits(parent, "playback_rate", 2), bit2hertz)
    yield NullBits(parent, "reserved", 4)

    yield Bit(parent, "sound_is_stereo")
    yield Bit(parent, "sound_is_16bit")
    yield textHandler(Bits(parent, "sound_rate", 2), bit2hertz)
    yield Enum(Bits(parent, "codec", 4), SOUND_CODEC)

    yield UInt16(parent, "sample_count")

    if parent["codec"].value == 2:
        yield UInt16(parent, "latency_seek")
Example #19
0
 def createFields(self):
     yield UInt16(self, "signature",
                  "PE optional header signature (0x010b)")
     # TODO: Support PE32+ (signature=0x020b)
     if self["signature"].value != 0x010b:
         raise ParserError("Invalid PE optional header signature")
     yield UInt8(self, "maj_lnk_ver", "Major linker version")
     yield UInt8(self, "min_lnk_ver", "Minor linker version")
     yield filesizeHandler(UInt32(self, "size_code", "Size of code"))
     yield filesizeHandler(
         UInt32(self, "size_init_data", "Size of initialized data"))
     yield filesizeHandler(
         UInt32(self, "size_uninit_data", "Size of uninitialized data"))
     yield textHandler(
         UInt32(self, "entry_point",
                "Address (RVA) of the code entry point"), hexadecimal)
     yield textHandler(UInt32(self, "base_code", "Base (RVA) of code"),
                       hexadecimal)
     yield textHandler(UInt32(self, "base_data", "Base (RVA) of data"),
                       hexadecimal)
     yield textHandler(UInt32(self, "image_base", "Image base (RVA)"),
                       hexadecimal)
     yield filesizeHandler(UInt32(self, "sect_align", "Section alignment"))
     yield filesizeHandler(UInt32(self, "file_align", "File alignment"))
     yield UInt16(self, "maj_os_ver", "Major OS version")
     yield UInt16(self, "min_os_ver", "Minor OS version")
     yield UInt16(self, "maj_img_ver", "Major image version")
     yield UInt16(self, "min_img_ver", "Minor image version")
     yield UInt16(self, "maj_subsys_ver", "Major subsystem version")
     yield UInt16(self, "min_subsys_ver", "Minor subsystem version")
     yield NullBytes(self, "reserved", 4)
     yield filesizeHandler(UInt32(self, "size_img", "Size of image"))
     yield filesizeHandler(UInt32(self, "size_hdr", "Size of headers"))
     yield textHandler(UInt32(self, "checksum"), hexadecimal)
     yield Enum(UInt16(self, "subsystem"), self.SUBSYSTEM_NAME)
     yield UInt16(self, "dll_flags")
     yield filesizeHandler(UInt32(self, "size_stack_reserve"))
     yield filesizeHandler(UInt32(self, "size_stack_commit"))
     yield filesizeHandler(UInt32(self, "size_heap_reserve"))
     yield filesizeHandler(UInt32(self, "size_heap_commit"))
     yield UInt32(self, "loader_flags")
     yield UInt32(self, "nb_directory", "Number of RVA and sizes")
     for index in xrange(self["nb_directory"].value):
         try:
             name = self.DIRECTORY_NAME[index]
         except KeyError:
             name = "data_dir[%u]" % index
         yield DataDirectory(self, name)
Example #20
0
    def createFields(self):
        # File data
        self.signature = None
        self.central_directory = []
        while not self.eof:
            skip = 0
            while True:
                try:
                    header = self.stream.readBits(
                        self.absolute_address + self.current_size + skip, 32,
                        self.endian)
                    if header in self.CHUNK_TYPES:
                        break
                    skipdelta = self.stream.searchBytes(
                        b'PK',
                        self.absolute_address + self.current_size + skip + 8)
                    if skipdelta is None:
                        if not self.current_size:
                            raise ParserError("Failed to find any zip headers")
                        return
                    skip = skipdelta - (self.absolute_address +
                                        self.current_size)
                except ReadStreamError:
                    if not self.current_size:
                        raise ParserError("Failed to read stream")
                    return
            if skip:
                yield RawBytes(self, "unparsed[]", skip // 8)

            yield textHandler(UInt32(self, "header[]", "Header"), hexadecimal)

            ftype, fname, fdesc = self.CHUNK_TYPES[header]
            yield ftype(self, fname, fdesc)
Example #21
0
    def createFields(self):
        yield Bytes(self, "signature", 4, r'ELF signature ("\x7fELF")')
        yield Enum(UInt8(self, "class", "Class"), self.CLASS_NAME)
        if self["class"].value == 1:
            ElfLongWord = UInt32
        else:
            ElfLongWord = UInt64
        yield Enum(UInt8(self, "endian", "Endian"), self.ENDIAN_NAME)
        yield UInt8(self, "file_version", "File version")
        yield Enum(UInt8(self, "osabi_ident", "OS/syscall ABI identification"),
                   self.OSABI_NAME)
        yield UInt8(self, "abi_version", "syscall ABI version")
        yield String(self, "pad", 7, "Pad")

        yield Enum(UInt16(self, "type", "File type"), self.TYPE_NAME)
        yield Enum(UInt16(self, "machine", "Machine type"), self.MACHINE_NAME)
        yield UInt32(self, "version", "ELF format version")
        yield textHandler(ElfLongWord(self, "entry", "Entry point"),
                          hexadecimal)
        yield ElfLongWord(self, "phoff", "Program header file offset")
        yield ElfLongWord(self, "shoff", "Section header file offset")
        yield UInt32(self, "flags", "Architecture-specific flags")
        yield UInt16(self, "ehsize", "Elf header size (this header)")
        yield UInt16(self, "phentsize", "Program header entry size")
        yield UInt16(self, "phnum", "Program header entry count")
        yield UInt16(self, "shentsize", "Section header entry size")
        yield UInt16(self, "shnum", "Section header entry count")
        yield UInt16(self, "shstrndx", "Section header string table index")
Example #22
0
    def createFields(self):
        yield Unsigned(self, 'track')
        yield Int16(self, 'timecode')

        if self.parent._name == 'Block':
            yield NullBits(self, 'reserved[]', 4)
            yield Bit(self, 'invisible')
            yield self.lacing()
            yield NullBits(self, 'reserved[]', 1)
        elif self.parent._name.startswith('SimpleBlock'):
            yield Bit(self, 'keyframe')
            yield NullBits(self, 'reserved', 3)
            yield Bit(self, 'invisible')
            yield self.lacing()
            yield Bit(self, 'discardable')
        else:
            yield NullBits(self, 'reserved', 8)
            return

        size = (self._size - self.current_size) // 8
        lacing = self['lacing'].value
        if lacing:
            yield textHandler(GenericInteger(self, 'n_frames', False, 8),
                              lambda chunk: str(chunk.value + 1))
            yield Lace(self, lacing - 1, size - 1)
        else:
            yield RawBytes(self, 'frame', size)
Example #23
0
 def createFields(self):
     yield textHandler(UInt32(self, "crc32"), hexadecimal)
     yield UInt16(self, "size")
     yield UInt16(
         self, "uncompressed_size",
         "If this is 0, this block is continued in a subsequent cabinet")
     if self["/flags/has_reserved"].value and self[
             "/reserved_data_size"].value:
         yield RawBytes(self, "reserved_data",
                        self["/reserved_data_size"].value,
                        "Per-datablock reserved area")
     compr_method = self.parent.folder["compr_method"].value
     if compr_method == 0:  # Uncompressed
         yield RawBytes(self, "data", self["size"].value, "Folder Data")
         self.parent.uncompressed_data += self["data"].value
     elif compr_method == 1:  # MSZIP
         yield String(self, "mszip_signature", 2, "MSZIP Signature (CK)")
         yield DeflateBlock(self, "deflate_block",
                            self.parent.uncompressed_data)
         padding = paddingSize(self.current_size, 8)
         if padding:
             yield PaddingBits(self, "padding[]", padding)
         self.parent.uncompressed_data = self["deflate_block"].uncomp_data
     elif compr_method == 2:  # Quantum
         yield RawBytes(self, "compr_data", self["size"].value,
                        "Compressed Folder Data")
     elif compr_method == 3:  # LZX
         group = getattr(self.parent.folder, "lzx_group", None)
         field = CustomFragment(self, "data", self["size"].value * 8,
                                LZXStream, "LZX data fragment", group)
         if group is None:
             field.group.args["compr_level"] = self.parent.folder[
                 "compr_level"].value
         self.parent.folder.lzx_group = field.group
         yield field
Example #24
0
    def createFields(self):
        yield Enum(UInt16(self, "src"), self.port_name)
        yield Enum(UInt16(self, "dst"), self.port_name)
        yield UInt32(self, "seq_num")
        yield UInt32(self, "ack_num")

        yield Bits(self, "hdrlen", 6, "Header lenght")
        yield NullBits(self, "reserved", 2, "Reserved")

        yield Bit(self, "cgst", "Congestion Window Reduced")
        yield Bit(self, "ecn-echo", "ECN-echo")
        yield Bit(self, "urg", "Urgent")
        yield Bit(self, "ack", "Acknowledge")
        yield Bit(self, "psh", "Push mmode")
        yield Bit(self, "rst", "Reset connection")
        yield Bit(self, "syn", "Synchronize")
        yield Bit(self, "fin", "Stop the connection")

        yield UInt16(self, "winsize", "Windows size")
        yield textHandler(UInt16(self, "checksum"), hexadecimal)
        yield UInt16(self, "urgent")

        size = self["hdrlen"].value * 8 - self.current_size
        while 0 < size:
            option = TCP_Option(self, "option[]")
            yield option
            size -= option.size
Example #25
0
def newRecoveryHeader(self):
    """
    This header is described nowhere
    """
    if self["flags/extend"].value:
        yield filesizeHandler(
            UInt32(self, "body_size", "Size of the unknown body following"))
        self.body_size = self["body_size"].value
    yield textHandler(UInt32(self, "unknown[]", "Unknown field, probably 0"),
                      hexadecimal)
    yield String(self, "signature", 7, "Signature, normally '**ACE**'")
    yield textHandler(
        UInt32(self, "relative_start",
               "Offset (=crc16's) of this block in the file"), hexadecimal)
    yield textHandler(UInt32(self, "unknown[]", "Unknown field, probably 0"),
                      hexadecimal)
Example #26
0
 def createFields(self):
     yield Bytes(self, "signature", 6, "Signature Header")
     yield UInt8(self, "major_ver", "Archive major version")
     yield UInt8(self, "minor_ver", "Archive minor version")
     yield textHandler(UInt32(self, "start_hdr_crc", "Start header CRC"),
                       hexadecimal)
     yield StartHeader(self, "start_hdr", "Start header")
Example #27
0
    def createFields(self):
        yield Bits(self, "version", 4, "Version")
        yield Bits(self, "hdr_size", 4, "Header size divided by 5")

        # Type of service
        yield Enum(Bits(self, "precedence", 3, "Precedence"),
                   self.precedence_name)
        yield Bit(self, "low_delay", "If set, low delay, else normal delay")
        yield Bit(self, "high_throu",
                  "If set, high throughput, else normal throughput")
        yield Bit(self, "high_rel", "If set, high relibility, else normal")
        yield NullBits(self, "reserved[]", 2, "(reserved for future use)")

        yield UInt16(self, "length")
        yield UInt16(self, "id")

        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "df", "Don't fragment")
        yield Bit(self, "more_frag",
                  "There are more fragments? if not set, it's the last one")
        yield Bits(self, "frag_ofst_lo", 5)
        yield UInt8(self, "frag_ofst_hi")
        yield UInt8(self, "ttl", "Type to live")
        yield Enum(UInt8(self, "protocol"), self.PROTOCOL_NAME)
        yield textHandler(UInt16(self, "checksum"), hexadecimal)
        yield IPv4_Address(self, "src")
        yield IPv4_Address(self, "dst")

        size = (self.size - self.current_size) // 8
        if size:
            yield RawBytes(self, "options", size)
Example #28
0
 def createFields(self):
     yield textHandler(UInt8(self, "unknown", description="0x1E"), hexadecimal)
     yield textHandler(UInt8(self, "century"), hexadecimal)
     yield textHandler(UInt8(self, "year"), hexadecimal)
     yield textHandler(UInt8(self, "month"), hexadecimal)
     yield textHandler(UInt8(self, "day"), hexadecimal)
     yield textHandler(UInt8(self, "hour"), hexadecimal)
     yield textHandler(UInt8(self, "minute"), hexadecimal)
     yield textHandler(UInt8(self, "second"), hexadecimal)
Example #29
0
 def createFields(self):
     yield NullBytes(self, "zero", 1)
     yield textHandler(
         String(self,
                "length",
                self._size // 8 - 1,
                "Length in ms",
                charset="ASCII"), self.computeLength)
Example #30
0
    def createFields(self):
        yield Enum(UInt8(self, "type"), self.TYPE_DESC)
        yield UInt8(self, "code")
        yield textHandler(UInt16(self, "checksum"), hexadecimal)

        if self['type'].value in (self.ECHO_REQUEST, self.ECHO_REPLY):
            yield UInt16(self, "id")
            yield UInt16(self, "sequence")