def parseProductInfo(parent, size):
yield Int32(parent, "product_id")
yield Int32(parent, "edition")
yield UInt8(parent, "major_version")
yield UInt8(parent, "minor_version")
yield Int64(parent, "build_number")
yield Int64(parent, "compilation_date")
def createFields(self):
yield textHandler(Int32(self, "ns"), stringIndex)
yield textHandler(Int32(self, "name"), stringIndex)
yield textHandler(Int32(self, "value_string"), stringIndex)
yield UInt16(self, "unk[]")
yield UInt8(self, "unk[]")
yield Enum(UInt8(self, "value_type"), self.TYPE_NAME)
func = self.TYPE_FUNC.get(self['value_type'].value, None)
if not func:
func = UInt32
yield func(self, "value_data")
def TagStart(self):
yield UInt32(self, "lineno", "Line number from original XML file")
yield Int32(self, "unk[]", "Always -1")
yield textHandler(Int32(self, "ns"), stringIndex)
yield textHandler(Int32(self, "name"), stringIndex)
yield UInt32(self, "flags")
yield UInt16(self, "attrib_count")
yield UInt16(self, "attrib_id")
yield UInt16(self, "attrib_class")
yield UInt16(self, "attrib_style")
for i in xrange(self['attrib_count'].value):
yield XMLAttribute(self, "attrib[]")
def createFields(self):
yield Bytes(self, "id", 4, "Tcpdump identifier")
yield UInt16(self, "maj_ver", "Major version")
yield UInt16(self, "min_ver", "Minor version")
yield Int32(self, "this_zone", "GMT to local time zone correction")
yield Int32(self, "sigfigs", "accuracy of timestamps")
yield UInt32(self, "snap_len", "max length saved portion of each pkt")
yield Enum(UInt32(self, "link_type", "data link type"),
self.LINK_TYPE_DESC)
link = self["link_type"].value
if link not in self.LINK_TYPE:
raise ParserError("Unknown link type: %s" % link)
name, parser = self.LINK_TYPE[link]
while self.current_size < self.size:
yield Packet(self, "packet[]", parser, name)
def createFields(self):
yield String(self,
"header_id",
4,
"DataBase Header Markup (\"mhbd\")",
charset="ISO-8859-1")
yield UInt32(self, "header_length", "Header Length")
yield UInt32(self, "entry_length", "Entry Length")
yield UInt32(self, "unknown[]")
yield UInt32(self, "version_number", "Version Number")
yield UInt32(self, "child_number", "Number of Children")
yield UInt64(self, "id", "ID for this database")
yield UInt16(self, "unknown[]")
yield UInt32(self, "unknown[]")
yield UInt64(self, "unknown[]")
yield UInt16(self, "unknown[]")
yield UInt16(self, "hashing_scheme[]",
"Algorithm used to calculate the database hash")
yield NullBytes(self, "unknown[]", 20)
yield String(self, "language_id", 2, "Language ID")
yield UInt64(self, "persistent_id", "Library Persistent ID")
yield UInt32(self, "unknown[]")
yield UInt32(self, "unknown[]")
yield RawBytes(self, "hash[]", 20)
yield Int32(self, "timezone_offset[]", "Timezone offset in seconds")
yield UInt16(self, "unknown[]")
yield RawBytes(self, "iphone_hash[]", 45)
size = self["header_length"].value - self.current_size / 8
if size > 0:
yield NullBytes(self, "padding", size)
for i in xrange(self["child_number"].value):
yield DataSet(self, "dataset[]")
padding = self.seekByte(self["entry_length"].value, "entry padding")
if padding:
yield padding
def createFields(self):
yield Enum(UInt8(self, "typecode"), TYPECODE_NAMES)
self.root.newHandle(self)
yield Int32(self, "proxyInterfaceName_count")
for i in range(self['proxyInterfaceName_count'].value):
yield PascalString16(self, "proxyInterfaceName[]", charset="UTF-8")
yield ClassAnnotation(self, "classAnnotation")
yield SerializedContent(self, "superClassDesc")
def createFields(self):
yield Enum(UInt8(self, "typecode"), TYPECODE_NAMES)
yield SerializedContent(self, "classDesc")
self.root.newHandle(self)
yield Int32(self, "size")
klass = VALUE_CLASS_MAP[
self.classDesc.className[1]] # className is [<elementType>
for i in xrange(self['size'].value):
yield klass(self, "value[]")
def createFields(self):
yield textHandler(UInt32(self, "magic"), hexadecimal)
yield UInt32(self, "dir_start", "Directory start")
yield Int32(self, "first_free_block", "First free block")
yield UInt32(self, "filesize", "File size in bytes")
yield self.seekByte(self["dir_start"].value)
yield FileEntry(self, "file[]")
size = (self.size - self.current_size) // 8
if size:
yield RawBytes(self, "end", size)
def parseBrushIndirect(parser):
yield UInt32(parser, "ihBrush")
yield UInt32(parser, "style")
yield RGBA(parser, "color")
yield Int32(parser, "hatch")
def parseXY32(parser):
yield Int32(parser, "x")
yield Int32(parser, "y")
def parseEmfMappingMode(parser):
yield Enum(Int32(parser, "mapping_mode"), EMF_MAPPING_MODE)
def parseLong(parent):
yield Int32(parent, "digit_count")
for index in xrange(abs(parent["digit_count"].value)):
yield UInt16(parent, "digit[]")
def NamespaceTag(self):
yield UInt32(self, "lineno", "Line number from original XML file")
yield Int32(self, "unk[]", "Always -1")
yield textHandler(Int32(self, "prefix"), stringIndex)
yield textHandler(Int32(self, "uri"), stringIndex)
def TextChunk(self):
# TODO
yield UInt32(self, "lineno", "Line number from original XML file")
yield Int32(self, "unk[]", "Always -1")
def TagEnd(self):
yield UInt32(self, "lineno", "Line number from original XML file")
yield Int32(self, "unk[]", "Always -1")
yield textHandler(Int32(self, "ns"), stringIndex)
yield textHandler(Int32(self, "name"), stringIndex)
def IntTextHandler(func):
return lambda *args, **kwargs: textHandler(Int32(*args, **kwargs), func)
def createFields(self):
yield Enum(UInt8(self, "typecode"), TYPECODE_NAMES)
yield Int32(self, "handle")
def parseInt32(parent):
yield Int32(parent, "value")