def test_file_object(tmpdir):
"""Tests the mwcp.FileObject class"""
output_dir = str(tmpdir)
reporter = mwcp.Reporter(tempdir=output_dir, outputdir=output_dir)
file_object = mwcp.FileObject(b'This is some test data!', reporter)
assert file_object.file_name == u'fb843efb2ffec987db12e72ca75c9ea2.bin'
assert file_object.file_data == b'This is some test data!'
assert file_object.md5 == u'fb843efb2ffec987db12e72ca75c9ea2'
assert file_object.resources is None
assert file_object.pe is None
assert file_object.file_path.startswith(
os.path.join(output_dir, 'mwcp-managed_tempdir-'))
with file_object as fo:
assert fo.read() == b'This is some test data!'
assert not reporter.outputfiles
file_object.output()
file_path = os.path.join(output_dir,
'fb843efb2ffec987db12e72ca75c9ea2.bin')
assert file_object.file_name in reporter.outputfiles
assert reporter.outputfiles[file_object.file_name] == {
'data': b'This is some test data!',
'path': file_path,
'description': '',
'md5': 'fb843efb2ffec987db12e72ca75c9ea2'
}
assert os.path.exists(file_path)
def run_parser(self, name, file_path=None, data=b"", **kwargs):
"""
Runs specified parser on file
:param str name: name of parser module to run (use ":" notation to specify source if necessary e.g. "mwcp-acme:Foo")
:param str file_path: file to parse
:param bytes data: use data as file instead of loading data from filename
"""
self.__reset()
if file_path:
with open(file_path, 'rb') as f:
self.input_file = mwcp.FileObject(
f.read(),
self,
file_name=os.path.basename(file_path),
output_file=False)
self.input_file.file_path = file_path
else:
self.input_file = mwcp.FileObject(data, self, output_file=False)
try:
with self.__redirect_stdout():
found = False
for parser_name, source, parser_class in mwcp.iter_parsers(
name):
found = True
with self.input_file as fo:
self._handle = fo
try:
parser = parser_class(reporter=self)
parser.run(**kwargs)
except (Exception, SystemExit) as e:
if file_path:
identifier = file_path
else:
identifier = hashlib.md5(data).hexdigest()
self.error(
"Error running parser {}:{} on {}: {}".format(
source, parser_name, identifier,
traceback.format_exc()))
if not found:
self.error(
'Could not find parsers with name: {}'.format(name))
finally:
self.__cleanup()
def run_parser(self, name, file_path=None, data=b"", **kwargs):
"""
Runs specified parser on file
:param str name: name of parser module to run (use ":" notation to specify source if necessary e.g. "mwcp-acme:Foo")
:param str file_path: file to parse
:param bytes data: use data as file instead of loading data from filename
"""
self.__reset()
# TODO: Remove all traces of the input file in the reporter!!
# (kept around for now because tool.py uses it for pulling file info)
if file_path:
with open(file_path, "rb") as f:
self.input_file = mwcp.FileObject(
f.read(),
self,
file_name=os.path.basename(file_path),
output_file=False)
self.input_file.file_path = file_path
else:
self.input_file = mwcp.FileObject(data, self, output_file=False)
try:
with self.__redirect_stdout():
found = False
for source, parser in mwcp.iter_parsers(name):
found = True
try:
parser.parse(self.input_file, self)
except (Exception, SystemExit):
logger.exception(
"Error running parser {}:{} on {}".format(
source.name, parser.name, file_path
or self.input_file.md5))
if not found:
logger.error(
"Could not find parsers with name: {}".format(name))
finally:
self.__cleanup()
def components():
"""
Setup for testing some of the dispatcher components.
(Set it as a fixture so we can reuse the variables without having to remake)
"""
reporter = mwcp.Reporter()
file_A = mwcp.FileObject(b'This is file A',
reporter,
file_name='A_match.txt',
output_file=False)
file_B = mwcp.FileObject(b'This is file B',
reporter,
file_name='B_match.txt',
output_file=False)
file_C = mwcp.FileObject(b'This is file C',
reporter,
file_name='no_match.txt',
output_file=False)
class A(mwcp.Parser):
DESCRIPTION = 'A Component'
@classmethod
def identify(cls, file_object):
return file_object.file_name == 'A_match.txt'
def run(self):
self.dispatcher.add_to_queue(file_B)
self.dispatcher.add_to_queue(file_C)
class B(mwcp.Parser):
DESCRIPTION = 'B Component'
@classmethod
def identify(cls, file_object):
return file_object.file_name == 'B_match.txt'
dispatcher = mwcp.Dispatcher('my_dispatcher', parsers=[A, B])
return locals()
def test_file_object(tmpdir):
"""Tests the mwcp.FileObject class"""
reporter = mwcp.Reporter(tempdir=str(tmpdir), outputdir=str(tmpdir))
file_object = mwcp.FileObject(b'This is some test data!', reporter)
assert file_object.file_name == u'fb843efb2ffec987db12e72ca75c9ea2.bin'
assert file_object.file_data == b'This is some test data!'
assert file_object.md5 == u'fb843efb2ffec987db12e72ca75c9ea2'
assert file_object.resources is None
assert file_object.pe is None
assert file_object.file_path.startswith(
os.path.join(str(tmpdir), 'mwcp-managed_tempdir-'))
with file_object as fo:
assert fo.read() == b'This is some test data!'
file_object.output()
assert (tmpdir / 'fb843_fb843efb2ffec987db12e72ca75c9ea2.bin').exists()
assert reporter.metadata['outputfile'] == [[
file_object.file_name, '', 'fb843efb2ffec987db12e72ca75c9ea2'
]]