示例#1
0
文件: bmp.py 项目: 070499/Sick-Beard
    def createFields(self):
        # Version 2 (12 bytes)
        yield UInt32(self, "header_size", "Header size")
        yield UInt32(self, "width", "Width (pixels)")
        yield UInt32(self, "height", "Height (pixels)")
        yield UInt16(self, "nb_plan", "Number of plan (=1)")
        yield UInt16(self, "bpp", "Bits per pixel") # may be zero for PNG/JPEG picture

        # Version 3 (40 bytes)
        if self["header_size"].value < 40:
            return
        yield Enum(UInt32(self, "compression", "Compression method"), BmpFile.COMPRESSION_NAME)
        yield UInt32(self, "image_size", "Image size (bytes)")
        yield UInt32(self, "horizontal_dpi", "Horizontal DPI")
        yield UInt32(self, "vertical_dpi", "Vertical DPI")
        yield UInt32(self, "used_colors", "Number of color used")
        yield UInt32(self, "important_color", "Number of import colors")

        # Version 4 (108 bytes)
        if self["header_size"].value < 108:
            return
        yield textHandler(UInt32(self, "red_mask"), hexadecimal)
        yield textHandler(UInt32(self, "green_mask"), hexadecimal)
        yield textHandler(UInt32(self, "blue_mask"), hexadecimal)
        yield textHandler(UInt32(self, "alpha_mask"), hexadecimal)
        yield Enum(UInt32(self, "color_space"), self.color_space_name)
        yield CIEXYZ(self, "red_primary")
        yield CIEXYZ(self, "green_primary")
        yield CIEXYZ(self, "blue_primary")
        yield UInt32(self, "gamma_red")
        yield UInt32(self, "gamma_green")
        yield UInt32(self, "gamma_blue")
示例#2
0
文件: cab.py 项目: 070499/Sick-Beard
    def createFields(self):
        yield String(self, "magic", 4, "Magic (MSCF)", charset="ASCII")
        yield textHandler(UInt32(self, "hdr_checksum", "Header checksum (0 if not used)"), hexadecimal)
        yield filesizeHandler(UInt32(self, "filesize", "Cabinet file size"))
        yield textHandler(UInt32(self, "fld_checksum", "Folders checksum (0 if not used)"), hexadecimal)
        yield UInt32(self, "off_file", "Offset of first file")
        yield textHandler(UInt32(self, "files_checksum", "Files checksum (0 if not used)"), hexadecimal)
        yield textHandler(UInt16(self, "cab_version", "Cabinet version"), hexadecimal)
        yield UInt16(self, "nb_folder", "Number of folders")
        yield UInt16(self, "nb_files", "Number of files")
        yield Flags(self, "flags")
        yield UInt16(self, "setid")
        yield UInt16(self, "number", "Zero-based cabinet number")

        # --- TODO: Support flags
        if self["flags/has_reserved"].value:
            yield Reserved(self, "reserved")
        #(3) Previous cabinet name, if CAB_HEADER.flags & CAB_FLAG_HASPREV
        #(4) Previous disk name, if CAB_HEADER.flags & CAB_FLAG_HASPREV
        #(5) Next cabinet name, if CAB_HEADER.flags & CAB_FLAG_HASNEXT
        #(6) Next disk name, if CAB_HEADER.flags & CAB_FLAG_HASNEXT
        # ----

        for index in xrange(self["nb_folder"].value):
            yield Folder(self, "folder[]")
        for index in xrange(self["nb_files"].value):
            yield File(self, "file[]")

        end = self.seekBit(self.size, "endraw")
        if end:
            yield end
示例#3
0
文件: exif.py 项目: 070499/Sick-Beard
    def createFields(self):
        yield Enum(textHandler(UInt16(self, "tag", "Tag"), hexadecimal), self.TAG_NAME)
        yield Enum(textHandler(UInt16(self, "type", "Type"), hexadecimal), self.TYPE_NAME)
        yield UInt32(self, "count", "Count")
        if self["type"].value not in (self.TYPE_BYTE, self.TYPE_UNDEFINED) \
        and  MAX_COUNT < self["count"].value:
            raise ParserError("EXIF: Invalid count value (%s)" % self["count"].value)
        value_size, array_size = self.getSizes()

        # Get offset/value
        if not value_size:
            yield NullBytes(self, "padding", 4)
        elif value_size <= 32:
            if 1 < array_size:
                name = "value[]"
            else:
                name = "value"
            kw = {}
            cls = self.value_cls
            if cls is String:
                args = (self, name, value_size/8, "Value")
                kw["strip"] = " \0"
                kw["charset"] = "ISO-8859-1"
            elif cls is Bytes:
                args = (self, name, value_size/8, "Value")
            else:
                args = (self, name, "Value")
            for index in xrange(array_size):
                yield cls(*args, **kw)

            size = array_size * value_size
            if size < 32:
                yield NullBytes(self, "padding", (32-size)//8)
        else:
            yield UInt32(self, "offset", "Value offset")
示例#4
0
文件: wmf.py 项目: 070499/Sick-Beard
 def createFields(self):
     yield textHandler(UInt32(self, "signature", "Placeable Metafiles signature (0x9AC6CDD7)"), hexadecimal)
     yield UInt16(self, "handle")
     yield RECT16(self, "rect")
     yield UInt16(self, "inch")
     yield NullBytes(self, "reserved", 4)
     yield textHandler(UInt16(self, "checksum"), hexadecimal)
示例#5
0
文件: rar.py 项目: 070499/Sick-Beard
def specialHeader(s, is_file):
    yield filesizeHandler(UInt32(s, "compressed_size", "Compressed size (bytes)"))
    yield filesizeHandler(UInt32(s, "uncompressed_size", "Uncompressed size (bytes)"))
    yield Enum(UInt8(s, "host_os", "Operating system used for archiving"), OS_NAME)
    yield textHandler(UInt32(s, "crc32", "File CRC32"), hexadecimal)
    yield TimeDateMSDOS32(s, "ftime", "Date and time (MS DOS format)")
    yield textHandler(UInt8(s, "version", "RAR version needed to extract file"), formatRARVersion)
    yield Enum(UInt8(s, "method", "Packing method"), COMPRESSION_NAME)
    yield filesizeHandler(UInt16(s, "filename_length", "File name size"))
    if s["host_os"].value in (OS_MSDOS, OS_WIN32):
        yield MSDOSFileAttr32(s, "file_attr", "File attributes")
    else:
        yield textHandler(UInt32(s, "file_attr", "File attributes"), hexadecimal)

    # Start additional field from unrar
    if s["flags/is_large"].value:
        yield filesizeHandler(UInt64(s, "large_size", "Extended 64bits filesize"))

    # End additional field
    size = s["filename_length"].value
    if size > 0:
        if s["flags/is_unicode"].value:
            charset = "UTF-8"
        else:
            charset = "ISO-8859-15"
        yield String(s, "filename", size, "Filename", charset=charset)
    # Start additional fields from unrar - file only
    if is_file:
        if s["flags/has_salt"].value:
            yield textHandler(UInt8(s, "salt", "Salt"), hexadecimal)
        if s["flags/has_ext_time"].value:
            yield ExtTime(s, "extra_time", "Extra time info")
示例#6
0
文件: mod.py 项目: 070499/Sick-Beard
 def createFields(self):
     yield String(self, "name", 22, strip='\0')
     yield UInt16(self, "sample_count")
     yield textHandler(UInt8(self, "fine_tune"), getFineTune)
     yield textHandler(UInt8(self, "volume"), getVolume)
     yield UInt16(self, "loop_start", "Loop start offset in samples")
     yield UInt16(self, "loop_len", "Loop length in samples")
示例#7
0
 def createFields(self):
     yield Integer(self, "time", "Delta time in ticks")
     yield Enum(textHandler(UInt8(self, "command"), hexadecimal), self.COMMAND_DESC)
     command = self["command"].value
     if command == 0xFF:
         yield Enum(textHandler(UInt8(self, "meta_command"), hexadecimal), self.META_COMMAND_DESC)
         yield UInt8(self, "data_len")
         size = self["data_len"].value
         if size:
             command = self["meta_command"].value
             if command in self.META_COMMAND_PARSER:
                 parser = self.META_COMMAND_PARSER[command]
             else:
                 parser = None
             if parser:
                 for field in parser(self, size):
                     yield field
             else:
                 yield RawBytes(self, "data", size)
     else:
         if command not in self.COMMAND_PARSER:
             raise ParserError("Unknown command: %s" % self["command"].display)
         parser = self.COMMAND_PARSER[command]
         for field in parser(self):
             yield field
示例#8
0
文件: pdf.py 项目: 070499/Sick-Beard
    def createFields(self):
        while self.stream.readBytes(self.absolute_address+self.current_size, 1) == '%':
            size = getLineEnd(self, 4)
            if size == 2:
                yield textHandler(UInt16(self, "crc32"), hexadecimal)
            elif size == 4:
                yield textHandler(UInt32(self, "crc32"), hexadecimal)
            elif self.stream.readBytes(self.absolute_address+self.current_size, size).isalpha():
                yield String(self, "comment[]", size)
            else:
                RawBytes(self, "unknown_data[]", size)
            yield LineEnd(self, "line_end[]")

        #abs_offset = self.current_size//8
        # TODO: yield objects that read offsets and deduce size from
        # "/cross_ref_table/sub_section[]/entries/item[]"
        offsets = []
        for subsection in self.array("/cross_ref_table/sub_section"):
            for obj in subsection.array("entries/item"):
                if "byte_offset" in obj:
                    # Could be inserted already sorted
                    offsets.append(obj["byte_offset"].value)

        offsets.append(self["/cross_ref_table"].absolute_address//8)
        offsets.sort()
        for index in xrange(len(offsets)-1):
            yield Catalog(self, "object[]", size=offsets[index+1]-offsets[index])
示例#9
0
 def createFields(self):
     yield textHandler(UInt32(self, "plugin_id1"), hexadecimal)
     yield textHandler(UInt32(self, "plugin_id2"), hexadecimal)
     yield UInt32(self, "input_routing")
     yield UInt32(self, "output_routing")
     yield GenericVector(self, "routing_info", 4, UInt32, "reserved")
     yield String(self, "name", 32, strip='\0')
     yield String(self, "dll_name", 64, desc="Original DLL name", strip='\0')
示例#10
0
 def createFields(self):
     yield Enum(UInt16(self, "type", "Type"), ProgramHeader32.TYPE_NAME)
     yield UInt16(self, "flags", "Flags")
     yield UInt32(self, "offset", "Offset")
     yield textHandler(UInt32(self, "vaddr", "V. address"), hexadecimal)
     yield textHandler(UInt32(self, "paddr", "P. address"), hexadecimal)
     yield UInt32(self, "file_size", "File size")
     yield UInt32(self, "mem_size", "Memory size")
     yield UInt32(self, "align", "Alignment")
     yield UInt32(self, "xxx", "???")
示例#11
0
 def createFields(self):
     yield UInt32(self, "name", "Name")
     yield Enum(UInt32(self, "type", "Type"), self.TYPE_NAME)
     yield UInt32(self, "flags", "Flags")
     yield textHandler(UInt32(self, "VMA", "Virtual memory address"), hexadecimal)
     yield textHandler(UInt32(self, "LMA", "Logical memory address (in file)"), hexadecimal)
     yield textHandler(UInt32(self, "size", "Size"), hexadecimal)
     yield UInt32(self, "link", "Link")
     yield UInt32(self, "info", "Information")
     yield UInt32(self, "addr_align", "Address alignment")
     yield UInt32(self, "entry_size", "Entry size")
示例#12
0
    def createFields(self):
        yield Bytes(self, "signature", 2, "New executable signature (NE)")
        yield UInt8(self, "link_ver", "Linker version number")
        yield UInt8(self, "link_rev", "Linker revision number")
        yield UInt16(self, "entry_table_ofst", "Offset to the entry table")
        yield UInt16(self, "entry_table_size", "Length (in bytes) of the entry table")
        yield PaddingBytes(self, "reserved[]", 4)

        yield Bit(self, "is_dll", "Is a dynamic-link library (DLL)?")
        yield Bit(self, "is_win_app", "Is a Windows application?")
        yield PaddingBits(self, "reserved[]", 9)
        yield Bit(self, "first_seg_code", "First segment contains code that loads the application?")
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "link_error", "Load even if linker detects errors?")
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "is_lib", "Is a library module?")

        yield UInt16(self, "auto_data_seg", "Automatic data segment number")
        yield filesizeHandler(UInt16(self, "local_heap_size", "Initial size (in bytes) of the local heap"))
        yield filesizeHandler(UInt16(self, "stack_size", "Initial size (in bytes) of the stack"))
        yield textHandler(UInt32(self, "cs_ip", "Value of CS:IP"), hexadecimal)
        yield textHandler(UInt32(self, "ss_sp", "Value of SS:SP"), hexadecimal)

        yield UInt16(self, "nb_entry_seg_tab", "Number of entries in the segment table")
        yield UInt16(self, "nb_entry_modref_tab", "Number of entries in the module-reference table")
        yield filesizeHandler(UInt16(self, "size_nonres_name_tab", "Number of bytes in the nonresident-name table"))
        yield UInt16(self, "seg_tab_ofs", "Segment table offset")
        yield UInt16(self, "rsrc_ofs", "Resource offset")

        yield UInt16(self, "res_name_tab_ofs", "Resident-name table offset")
        yield UInt16(self, "mod_ref_tab_ofs", "Module-reference table offset")
        yield UInt16(self, "import_tab_ofs", "Imported-name table offset")

        yield UInt32(self, "non_res_name_tab_ofs", "Nonresident-name table offset")
        yield UInt16(self, "nb_mov_ent_pt", "Number of movable entry points")
        yield UInt16(self, "log2_sector_size", "Log2 of the segment sector size")
        yield UInt16(self, "nb_rsrc_seg", "Number of resource segments")

        yield Bit(self, "unknown_os_format", "Operating system format is unknown")
        yield PaddingBits(self, "reserved[]", 1)
        yield Bit(self, "os_windows", "Operating system is Microsoft Windows")
        yield NullBits(self, "reserved[]", 6)
        yield Bit(self, "is_win20_prot", "Is Windows 2.x application running in version 3.x protected mode")
        yield Bit(self, "is_win20_font", "Is Windows 2.x application supporting proportional fonts")
        yield Bit(self, "fast_load", "Contains a fast-load area?")
        yield NullBits(self, "reserved[]", 4)

        yield UInt16(self, "fastload_ofs", "Fast-load area offset (in sector)")
        yield UInt16(self, "fastload_size", "Fast-load area length (in sector)")

        yield NullBytes(self, "reserved[]", 2)
        yield textHandler(UInt16(self, "win_version", "Expected Windows version number"), hexadecimal)
示例#13
0
    def createFields(self):
        # Gzip header
        yield Bytes(self, "signature", 2, r"GZip file signature (\x1F\x8B)")
        yield Enum(UInt8(self, "compression", "Compression method"), self.COMPRESSION_NAME)

        # Flags
        yield Bit(self, "is_text", "File content is probably ASCII text")
        yield Bit(self, "has_crc16", "Header CRC16")
        yield Bit(self, "has_extra", "Extra informations (variable size)")
        yield Bit(self, "has_filename", "Contains filename?")
        yield Bit(self, "has_comment", "Contains comment?")
        yield NullBits(self, "reserved[]", 3)
        yield TimestampUnix32(self, "mtime", "Modification time")

        # Extra flags
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "slowest", "Compressor used maximum compression (slowest)")
        yield Bit(self, "fastest", "Compressor used the fastest compression")
        yield NullBits(self, "reserved[]", 5)
        yield Enum(UInt8(self, "os", "Operating system"), self.os_name)

        # Optional fields
        if self["has_extra"].value:
            yield UInt16(self, "extra_length", "Extra length")
            yield RawBytes(self, "extra", self["extra_length"].value, "Extra")
        if self["has_filename"].value:
            yield CString(self, "filename", "Filename", charset="ISO-8859-1")
        if self["has_comment"].value:
            yield CString(self, "comment", "Comment")
        if self["has_crc16"].value:
            yield textHandler(UInt16(self, "hdr_crc16", "CRC16 of the header"), hexadecimal)

        if self._size is None:  # TODO: is it possible to handle piped input?
            raise NotImplementedError()

        # Read file
        size = (self._size - self.current_size) // 8 - 8  # -8: crc32+size
        if 0 < size:
            if self["has_filename"].value:
                filename = self["filename"].value
            else:
                for tag, filename in self.stream.tags:
                    if tag == "filename" and filename.endswith(".gz"):
                        filename = filename[:-3]
                        break
                else:
                    filename = None
            yield Deflate(SubFile(self, "file", size, filename=filename))

        # Footer
        yield textHandler(UInt32(self, "crc32", "Uncompressed data content CRC32"), hexadecimal)
        yield filesizeHandler(UInt32(self, "size", "Uncompressed size"))
示例#14
0
文件: ace.py 项目: 070499/Sick-Beard
def newRecoveryHeader(self):
    """
    This header is described nowhere
    """
    if self["flags/extend"].value:
        yield filesizeHandler(UInt32(self, "body_size", "Size of the unknown body following"))
        self.body_size = self["body_size"].value
    yield textHandler(UInt32(self, "unknown[]", "Unknown field, probably 0"),
        hexadecimal)
    yield String(self, "signature", 7, "Signature, normally '**ACE**'")
    yield textHandler(UInt32(self, "relative_start",
        "Offset (=crc16's) of this block in the file"), hexadecimal)
    yield textHandler(UInt32(self, "unknown[]",
        "Unknown field, probably 0"), hexadecimal)
示例#15
0
 def createFields(self):
     yield textHandler(UInt8(self, "sync", 8), hexadecimal)
     if self["sync"].value != 0x47:
         raise ParserError("MPEG-2 TS: Invalid synchronization byte")
     yield Bit(self, "has_error")
     yield Bit(self, "payload_unit_start")
     yield Bit(self, "priority")
     yield Enum(textHandler(Bits(self, "pid", 13, "Program identifier"), hexadecimal), self.PID)
     yield Bits(self, "scrambling_control", 2)
     yield Bit(self, "has_adaptation")
     yield Bit(self, "has_payload")
     yield Bits(self, "counter", 4)
     yield RawBytes(self, "payload", 184)
     if self["has_error"].value:
         yield RawBytes(self, "error_correction", 16)
示例#16
0
def parseFileProperties(self):
    yield UInt32(self, "max_bit_rate", "Maximum bit rate")
    yield UInt32(self, "avg_bit_rate", "Average bit rate")
    yield UInt32(self, "max_pkt_size", "Size of largest data packet")
    yield UInt32(self, "avg_pkt_size", "Size of average data packet")
    yield UInt32(self, "num_pkts", "Number of data packets")
    yield UInt32(self, "duration", "File duration in milliseconds")
    yield UInt32(self, "preroll", "Suggested preroll in milliseconds")
    yield textHandler(UInt32(self, "index_offset", "Absolute offset of first index chunk"), hexadecimal)
    yield textHandler(UInt32(self, "data_offset", "Absolute offset of first data chunk"), hexadecimal)
    yield UInt16(self, "stream_count", "Number of streams in the file")
    yield RawBits(self, "reserved", 13)
    yield Bit(self, "is_live", "Whether file is a live broadcast")
    yield Bit(self, "is_perfect_play", "Whether PerfectPlay can be used")
    yield Bit(self, "is_saveable", "Whether file can be saved")
示例#17
0
文件: swf.py 项目: 070499/Sick-Beard
def parseSoundHeader(parent, size):
    yield Bit(parent, "playback_is_stereo")
    yield Bit(parent, "playback_is_16bit")
    yield textHandler(Bits(parent, "playback_rate", 2), bit2hertz)
    yield NullBits(parent, "reserved", 4)

    yield Bit(parent, "sound_is_stereo")
    yield Bit(parent, "sound_is_16bit")
    yield textHandler(Bits(parent, "sound_rate", 2), bit2hertz)
    yield Enum(Bits(parent, "codec", 4), SOUND_CODEC)

    yield UInt16(parent, "sample_count")

    if parent["codec"].value == 2:
        yield UInt16(parent, "latency_seek")
示例#18
0
文件: jpeg.py 项目: 070499/Sick-Beard
 def createFields(self):
     yield textHandler(UInt8(self, "header", "Header"), hexadecimal)
     if self["header"].value != 0xFF:
         raise ParserError("JPEG: Invalid chunk header!")
     yield textHandler(UInt8(self, "type", "Type"), hexadecimal)
     tag = self["type"].value
     if tag in (self.TAG_SOI, self.TAG_EOI):
         return
     yield UInt16(self, "size", "Size")
     size = (self["size"].value - 2)
     if 0 < size:
         if self._parser:
             yield self._parser(self, "content", "Chunk content", size=size*8)
         else:
             yield RawBytes(self, "data", size, "Data")
示例#19
0
文件: fat.py 项目: 070499/Sick-Beard
 def createFields(self):
     yield Bytes(self, "jmp", 3, "Jump instruction (to skip over header on boot)")
     yield Bytes(self, "oem_name", 8, "OEM Name (padded with spaces)")
     yield UInt16(self, "sector_size", "Bytes per sector")
     yield UInt8 (self, "cluster_size", "Sectors per cluster")
     yield UInt16(self, "reserved_sectors", "Reserved sector count (including boot sector)")
     yield UInt8 (self, "fat_nb", "Number of file allocation tables")
     yield UInt16(self, "max_root", "Maximum number of root directory entries")
     yield UInt16(self, "sectors1", "Total sectors (if zero, use 'sectors2')")
     yield UInt8 (self, "media_desc", "Media descriptor")
     yield UInt16(self, "fat_size", "Sectors per FAT")
     yield UInt16(self, "track_size", "Sectors per track")
     yield UInt16(self, "head_nb", "Number of heads")
     yield UInt32(self, "hidden", "Hidden sectors")
     yield UInt32(self, "sectors2", "Total sectors (if greater than 65535)")
     if self.parent.version == 32:
         yield UInt32(self, "fat32_size", "Sectors per FAT")
         yield UInt16(self, "fat_flags", "FAT Flags")
         yield UInt16(self, "version", "Version")
         yield UInt32(self, "root_start", "Cluster number of root directory start")
         yield UInt16(self, "inf_sector", "Sector number of FS Information Sector")
         yield UInt16(self, "boot_copy", "Sector number of a copy of this boot sector")
         yield NullBytes(self, "reserved[]", 12, "Reserved")
     yield UInt8(self, "phys_drv", "Physical drive number")
     yield NullBytes(self, "reserved[]", 1, 'Reserved ("current head")')
     yield UInt8(self, "sign", "Signature")
     yield textHandler(UInt32(self, "serial", "ID (serial number)"), hexadecimal)
     yield String(self, "label", 11, "Volume Label", strip=' ', charset="ASCII")
     yield String(self, "fs_type", 8, "FAT file system type", strip=' ', charset="ASCII")
     yield Bytes(self, "code", 510-self.current_size/8, "Operating system boot code")
     yield Bytes(self, "trail_sig", 2, "Signature (0x55 0xAA)")
示例#20
0
文件: mov.py 项目: 070499/Sick-Beard
 def createFields(self):
     yield textHandler(UInt8(self, "version"), hexadecimal)
     yield RawBytes(self, "flags", 3)
     yield UInt32(self, "nb_edits")
     yield UInt32(self, "length")
     yield UInt32(self, "start")
     yield QTFloat32(self, "playback_speed")
示例#21
0
 def createFields(self):
     yield Bytes(self, "signature", 6, "Signature Header")
     yield UInt8(self, "major_ver", "Archive major version")
     yield UInt8(self, "minor_ver", "Archive minor version")
     yield textHandler(UInt32(self, "start_hdr_crc",
         "Start header CRC"), hexadecimal)
     yield StartHeader(self, "start_hdr", "Start header")
示例#22
0
文件: zip.py 项目: 070499/Sick-Beard
 def createFields(self):
     # File data
     self.signature = None
     self.central_directory = []
     while not self.eof:
         header = textHandler(UInt32(self, "header[]", "Header"), hexadecimal)
         yield header
         header = header.value
         if header == FileEntry.HEADER:
             yield FileEntry(self, "file[]")
         elif header == ZipDataDescriptor.HEADER:
             yield ZipDataDescriptor(self, "spanning[]")
         elif header == 0x30304b50:
             yield ZipDataDescriptor(self, "temporary_spanning[]")
         elif header == ZipCentralDirectory.HEADER:
             yield ZipCentralDirectory(self, "central_directory[]")
         elif header == ZipEndCentralDirectory.HEADER:
             yield ZipEndCentralDirectory(self, "end_central_directory", "End of central directory")
         elif header == Zip64EndCentralDirectory.HEADER:
             yield Zip64EndCentralDirectory(self, "end64_central_directory", "ZIP64 end of central directory")
         elif header == ZipSignature.HEADER:
             yield ZipSignature(self, "signature", "Signature")
         elif header == Zip64EndCentralDirectoryLocator.HEADER:
             yield Zip64EndCentralDirectoryLocator(self, "end_locator", "ZIP64 Enf of central directory locator")
         else:
             raise ParserError("Error, unknown ZIP header (0x%08X)." % header)
示例#23
0
文件: zip.py 项目: 070499/Sick-Beard
 def createFields(self):
     yield textHandler(UInt32(self, "file_crc32",
         "Checksum (CRC32)"), hexadecimal)
     yield filesizeHandler(UInt32(self, "file_compressed_size",
         "Compressed size (bytes)"))
     yield filesizeHandler(UInt32(self, "file_uncompressed_size",
          "Uncompressed size (bytes)"))
示例#24
0
文件: mkv.py 项目: 070499/Sick-Beard
    def createFields(self):
        yield Unsigned(self, 'track')
        yield Int16(self, 'timecode')

        if self.parent._name == 'Block':
            yield NullBits(self, 'reserved[]', 4)
            yield Bit(self, 'invisible')
            yield self.lacing()
            yield NullBits(self, 'reserved[]', 1)
        elif self.parent._name == 'SimpleBlock[]':
            yield Bit(self, 'keyframe')
            yield NullBits(self, 'reserved', 3)
            yield Bit(self, 'invisible')
            yield self.lacing()
            yield Bit(self, 'discardable')
        else:
            yield NullBits(self, 'reserved', 8)
            return

        size = (self._size - self.current_size) / 8
        lacing = self['lacing'].value
        if lacing:
            yield textHandler(GenericInteger(self, 'n_frames', False, 8),
                lambda chunk: str(chunk.value+1))
            yield Lace(self, lacing - 1, size - 1)
        else:
            yield RawBytes(self,'frame', size)
示例#25
0
文件: mov.py 项目: 070499/Sick-Beard
 def createFields(self):
     yield textHandler(UInt8(self, "version"), hexadecimal)
     yield RawBytes(self, "flags", 3)
     yield TimestampMac32(self, "creation_date")
     yield TimestampMac32(self, "lastmod_date")
     yield UInt32(self, "time_scale")
     yield UInt32(self, "duration")
     yield QTFloat32(self, "play_speed")
     yield UInt16(self, "volume")
     yield PaddingBytes(self, "reserved[]", 10)
     yield QTFloat32(self, "geom_a", "Width scale")
     yield QTFloat32(self, "geom_b", "Width rotate")
     yield QTFloat32(self, "geom_u", "Width angle")
     yield QTFloat32(self, "geom_c", "Height rotate")
     yield QTFloat32(self, "geom_d", "Height scale")
     yield QTFloat32(self, "geom_v", "Height angle")
     yield QTFloat32(self, "geom_x", "Position X")
     yield QTFloat32(self, "geom_y", "Position Y")
     yield QTFloat32(self, "geom_w", "Divider scale")
     yield UInt32(self, "preview_start")
     yield UInt32(self, "preview_length")
     yield UInt32(self, "still_poster")
     yield UInt32(self, "sel_start")
     yield UInt32(self, "sel_length")
     yield UInt32(self, "current_time")
     yield UInt32(self, "next_track")
示例#26
0
文件: mov.py 项目: 070499/Sick-Beard
    def createFields(self):
        yield textHandler(UInt8(self, "version"), hexadecimal)

        # TODO: sum of :
        # TrackEnabled = 1;
        # TrackInMovie = 2;
        # TrackInPreview = 4;
        # TrackInPoster = 8
        yield RawBytes(self, "flags", 3)

        yield TimestampMac32(self, "creation_date")
        yield TimestampMac32(self, "lastmod_date")
        yield UInt32(self, "track_id")
        yield PaddingBytes(self, "reserved[]", 8)
        yield UInt32(self, "duration")
        yield PaddingBytes(self, "reserved[]", 8)
        yield Int16(self, "video_layer", "Middle is 0, negative in front")
        yield PaddingBytes(self, "other", 2)
        yield QTFloat32(self, "geom_a", "Width scale")
        yield QTFloat32(self, "geom_b", "Width rotate")
        yield QTFloat32(self, "geom_u", "Width angle")
        yield QTFloat32(self, "geom_c", "Height rotate")
        yield QTFloat32(self, "geom_d", "Height scale")
        yield QTFloat32(self, "geom_v", "Height angle")
        yield QTFloat32(self, "geom_x", "Position X")
        yield QTFloat32(self, "geom_y", "Position Y")
        yield QTFloat32(self, "geom_w", "Divider scale")
        yield QTFloat32(self, "frame_size_width")
        yield QTFloat32(self, "frame_size_height")
示例#27
0
    def createFields(self):
        yield Bits(self, "version", 4, "Version")
        yield Bits(self, "hdr_size", 4, "Header size divided by 5")

        # Type of service
        yield Enum(Bits(self, "precedence", 3, "Precedence"), self.precedence_name)
        yield Bit(self, "low_delay", "If set, low delay, else normal delay")
        yield Bit(self, "high_throu", "If set, high throughput, else normal throughput")
        yield Bit(self, "high_rel", "If set, high relibility, else normal")
        yield NullBits(self, "reserved[]", 2, "(reserved for future use)")

        yield UInt16(self, "length")
        yield UInt16(self, "id")

        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "df", "Don't fragment")
        yield Bit(self, "more_frag", "There are more fragments? if not set, it's the last one")
        yield Bits(self, "frag_ofst_lo", 5)
        yield UInt8(self, "frag_ofst_hi")
        yield UInt8(self, "ttl", "Type to live")
        yield Enum(UInt8(self, "protocol"), self.PROTOCOL_NAME)
        yield textHandler(UInt16(self, "checksum"), hexadecimal)
        yield IPv4_Address(self, "src")
        yield IPv4_Address(self, "dst")

        size = (self.size - self.current_size) // 8
        if size:
            yield RawBytes(self, "options", size)
示例#28
0
    def createFields(self):
        yield Enum(UInt16(self, "src"), self.port_name)
        yield Enum(UInt16(self, "dst"), self.port_name)
        yield UInt32(self, "seq_num")
        yield UInt32(self, "ack_num")

        yield Bits(self, "hdrlen", 6, "Header lenght")
        yield NullBits(self, "reserved", 2, "Reserved")

        yield Bit(self, "cgst", "Congestion Window Reduced")
        yield Bit(self, "ecn-echo", "ECN-echo")
        yield Bit(self, "urg", "Urgent")
        yield Bit(self, "ack", "Acknowledge")
        yield Bit(self, "psh", "Push mmode")
        yield Bit(self, "rst", "Reset connection")
        yield Bit(self, "syn", "Synchronize")
        yield Bit(self, "fin", "Stop the connection")

        yield UInt16(self, "winsize", "Windows size")
        yield textHandler(UInt16(self, "checksum"), hexadecimal)
        yield UInt16(self, "urgent")

        size = self["hdrlen"].value*8 - self.current_size
        while 0 < size:
            option = TCP_Option(self, "option[]")
            yield option
            size -= option.size
示例#29
0
 def createFields(self):
     byte = UInt8(self, "id_size")
     yield byte
     byte = byte.value
     self.info("ID=%u" % byte)
     size = byte & 0xF
     if size > 0:
         name = self.stream.readBytes(self.absolute_address+self.current_size, size)
         if name in self.CODECS:
             name = self.CODECS[name]
             self.info("Codec is %s" % name)
         else:
             self.info("Undetermined codec %s" % name)
             name = "unknown"
         yield RawBytes(self, name, size)
         #yield textHandler(Bytes(self, "id", size), lambda: name)
     if byte & 0x10:
         yield SZUInt64(self, "num_stream_in")
         yield SZUInt64(self, "num_stream_out")
         self.info("Streams: IN=%u    OUT=%u" % \
                   (self["num_stream_in"].value, self["num_stream_out"].value))
     if byte & 0x20:
         size = SZUInt64(self, "properties_size[]")
         yield size
         if size.value == 5:
             #[email protected]
             yield textHandler(UInt8(self, "parameters"), lzmaParams)
             yield filesizeHandler(UInt32(self, "dictionary_size"))
         elif size.value > 0:
             yield RawBytes(self, "properties[]", size.value)
示例#30
0
文件: wmf.py 项目: 070499/Sick-Beard
    def createFields(self):
        LONG = Int32
        yield UInt32(self, "type", "Record type (always 1)")
        yield UInt32(self, "size", "Size of the header in bytes")
        yield RECT32(self, "Bounds", "Inclusive bounds")
        yield RECT32(self, "Frame", "Inclusive picture frame")
        yield textHandler(UInt32(self, "signature", "Signature ID (always 0x464D4520)"), hexadecimal)
        yield UInt16(self, "min_ver", "Minor version")
        yield UInt16(self, "maj_ver", "Major version")
        yield UInt32(self, "file_size", "Size of the file in bytes")
        yield UInt32(self, "NumOfRecords", "Number of records in the metafile")
        yield UInt16(self, "NumOfHandles", "Number of handles in the handle table")
        yield NullBytes(self, "reserved", 2)
        yield UInt32(self, "desc_size", "Size of description in 16-bit words")
        yield UInt32(self, "desc_ofst", "Offset of description string in metafile")
        yield UInt32(self, "nb_colors", "Number of color palette entries")
        yield LONG(self, "width_px", "Width of reference device in pixels")
        yield LONG(self, "height_px", "Height of reference device in pixels")
        yield LONG(self, "width_mm", "Width of reference device in millimeters")
        yield LONG(self, "height_mm", "Height of reference device in millimeters")

        # Read description (if any)
        offset = self["desc_ofst"].value
        current = (self.absolute_address + self.current_size) // 8
        size = self["desc_size"].value * 2
        if offset == current and size:
            yield String(self, "description", size, charset="UTF-16-LE", strip="\0 ")

        # Read padding (if any)
        size = self["size"].value - self.current_size//8
        if size:
            yield RawBytes(self, "padding", size)
示例#31
0
def recoveryHeader(self):
    yield filesizeHandler(UInt32(self, "rec_blk_size",
                                 "Size of recovery data"))
    self.body_size = self["rec_blk_size"].size
    yield String(self, "signature", 7, "Signature, normally '**ACE**'")
    yield textHandler(
        UInt32(
            self, "relative_start",
            "Relative start (to this block) of the data this block is mode of"
        ), hexadecimal)
    yield UInt32(self, "num_blocks", "Number of blocks the data is split into")
    yield UInt32(self, "size_blocks", "Size of these blocks")
    yield UInt16(self, "crc16_blocks", "CRC16 over recovery data")
    # size_blocks blocks of size size_blocks follow
    # The ultimate data is the xor data of all those blocks
    size = self["size_blocks"].value
    for index in xrange(self["num_blocks"].value):
        yield RawBytes(self, "data[]", size, "Recovery block %i" % index)
    yield RawBytes(self, "xor_data", size,
                   "The XOR value of the above data blocks")
示例#32
0
 def createFields(self):
     yield String(self, "signature", 4, "8BIM signature", charset="ASCII")
     if self["signature"].value != "8BIM":
         raise ParserError(
             "Stream doesn't look like 8BIM item (wrong signature)!")
     yield textHandler(UInt16(self, "tag"), hexadecimal)
     if self.stream.readBytes(self.absolute_address + self.current_size,
                              4) != "\0\0\0\0":
         yield PascalString8(self, "name")
         size = 2 + (self["name"].size // 8) % 2
         yield NullBytes(self, "name_padding", size)
     else:
         yield String(self, "name", 4, strip="\0")
     yield UInt16(self, "size")
     size = alignValue(self["size"].value, 2)
     if not size:
         return
     if self.handler:
         yield self.handler(self, "content", size=size * 8)
     else:
         yield RawBytes(self, "content", size)
示例#33
0
    def createFields(self):
        yield textHandler(
            UInt16(self, "crc16", "Archive CRC16 (from byte 4 on)"),
            hexadecimal)
        yield filesizeHandler(
            UInt16(self, "head_size", "Block size (from byte 4 on)"))
        yield UInt8(self, "block_type", "Block type")

        # Flags
        for flag in self.parseFlags(self):
            yield flag

        # Rest of the header
        for field in self.parseHeader(self):
            yield field
        size = self["head_size"].value - (self.current_size // 8) + (2 + 2)
        if size > 0:
            yield RawBytes(self, "extra_data", size,
                           "Extra header data, unhandled")

        # Body in itself
        for field in self.parseBody(self):
            yield field
    def createFields(self):
        yield displayHandler(UInt32(self, "res_space", "Reserved space"),
                             humanFilesize)
        yield displayHandler(UInt32(self, "used_space", "Used space"),
                             humanFilesize)
        yield Bits(self, "file_flags", 8, "(=4)")

        yield textHandler(UInt16(self, "magic"), hexadecimal)
        yield Bits(self, "flags", 16)
        yield displayHandler(UInt16(self, "page_size", "Page size in bytes"),
                             humanFilesize)
        yield String(self, "structure", 16, strip="\0", charset="ASCII")
        yield NullBytes(self, "zero", 2)
        yield UInt16(self, "nb_page_splits",
                     "Number of page splits B+ tree has suffered")
        yield UInt16(self, "root_page", "Page number of B+ tree root page")
        yield PaddingBytes(self, "one", 2, pattern="\xFF")
        yield UInt16(self, "nb_page", "Number of B+ tree pages")
        yield UInt16(self, "nb_level", "Number of levels of B+ tree")
        yield UInt16(self, "nb_entry", "Number of entries in B+ tree")

        size = (self.size - self.current_size) // 8
        if size:
            yield PaddingBytes(self, "reserved_space", size)
示例#35
0
    def createUnpaddedFields(self):
        yield String(self, "title", 28, strip='\0')
        yield textHandler(UInt8(self, "marker[]"), hexadecimal)
        for field in self.getFileVersionField():
            yield field

        yield UInt16(self, "num_orders")
        yield UInt16(self, "num_instruments")
        yield UInt16(self, "num_patterns")

        for field in self.getFirstProperties():
            yield field
        yield String(self, "marker[]", 4)
        for field in self.getLastProperties():
            yield field

        yield GenericVector(self, "channel_settings", 32,
                            ChannelSettings, "channel")

        # Orders
        yield GenericVector(self, "orders", self.getNumOrders(), UInt8, "order")

        for field in self.getHeaderEndFields():
            yield field
示例#36
0
 def createFields(self):
     yield textHandler(UInt16(self, "minor", "Minor version number"),
                       hexadecimal)
     yield textHandler(UInt16(self, "major", "Major version number"),
                       hexadecimal)
示例#37
0
def readBoolean(self, content_size):
    if content_size != 1:
        raise ParserError("Overlong boolean: got %s bytes, expected 1 byte"%content_size)
    yield textHandler(UInt8(self, "value"), lambda field:str(bool(field.value)))
示例#38
0
def readObjectID(self, content_size):
    yield textHandler(UInt8(self, "first"), formatFirstObjectID)
    while self.current_size < self.size:
        yield OID_Integer(self, "item[]")
    def createFields(self):
        yield Bytes(self, "signature", 2, "New executable signature (NE)")
        yield UInt8(self, "link_ver", "Linker version number")
        yield UInt8(self, "link_rev", "Linker revision number")
        yield UInt16(self, "entry_table_ofst", "Offset to the entry table")
        yield UInt16(self, "entry_table_size",
                     "Length (in bytes) of the entry table")
        yield PaddingBytes(self, "reserved[]", 4)

        yield Bit(self, "is_dll", "Is a dynamic-link library (DLL)?")
        yield Bit(self, "is_win_app", "Is a Windows application?")
        yield PaddingBits(self, "reserved[]", 9)
        yield Bit(self, "first_seg_code",
                  "First segment contains code that loads the application?")
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "link_error", "Load even if linker detects errors?")
        yield NullBits(self, "reserved[]", 1)
        yield Bit(self, "is_lib", "Is a library module?")

        yield UInt16(self, "auto_data_seg", "Automatic data segment number")
        yield filesizeHandler(
            UInt16(self, "local_heap_size",
                   "Initial size (in bytes) of the local heap"))
        yield filesizeHandler(
            UInt16(self, "stack_size", "Initial size (in bytes) of the stack"))
        yield textHandler(UInt32(self, "cs_ip", "Value of CS:IP"), hexadecimal)
        yield textHandler(UInt32(self, "ss_sp", "Value of SS:SP"), hexadecimal)

        yield UInt16(self, "nb_entry_seg_tab",
                     "Number of entries in the segment table")
        yield UInt16(self, "nb_entry_modref_tab",
                     "Number of entries in the module-reference table")
        yield filesizeHandler(
            UInt16(self, "size_nonres_name_tab",
                   "Number of bytes in the nonresident-name table"))
        yield UInt16(self, "seg_tab_ofs", "Segment table offset")
        yield UInt16(self, "rsrc_ofs", "Resource offset")

        yield UInt16(self, "res_name_tab_ofs", "Resident-name table offset")
        yield UInt16(self, "mod_ref_tab_ofs", "Module-reference table offset")
        yield UInt16(self, "import_tab_ofs", "Imported-name table offset")

        yield UInt32(self, "non_res_name_tab_ofs",
                     "Nonresident-name table offset")
        yield UInt16(self, "nb_mov_ent_pt", "Number of movable entry points")
        yield UInt16(self, "log2_sector_size",
                     "Log2 of the segment sector size")
        yield UInt16(self, "nb_rsrc_seg", "Number of resource segments")

        yield Bit(self, "unknown_os_format",
                  "Operating system format is unknown")
        yield PaddingBits(self, "reserved[]", 1)
        yield Bit(self, "os_windows", "Operating system is Microsoft Windows")
        yield NullBits(self, "reserved[]", 6)
        yield Bit(
            self, "is_win20_prot",
            "Is Windows 2.x application running in version 3.x protected mode")
        yield Bit(self, "is_win20_font",
                  "Is Windows 2.x application supporting proportional fonts")
        yield Bit(self, "fast_load", "Contains a fast-load area?")
        yield NullBits(self, "reserved[]", 4)

        yield UInt16(self, "fastload_ofs", "Fast-load area offset (in sector)")
        yield UInt16(self, "fastload_size",
                     "Fast-load area length (in sector)")

        yield NullBytes(self, "reserved[]", 2)
        yield textHandler(
            UInt16(self, "win_version", "Expected Windows version number"),
            hexadecimal)
def parseAnimationRate(self):
    while not self.eof:
        yield textHandler(UInt32(self, "rate[]"), formatJiffie)
 def createFields(self):
     yield textHandler(UInt8(self, "code", "Extension code"), hexadecimal)
     for field in self.parser(self):
         yield field
示例#42
0
    def createFields(self):
        yield UInt32(self, "signature", "Shortcut signature (0x0000004C)")
        yield GUID(self, "guid",
                   "Shortcut GUID (00021401-0000-0000-C000-000000000046)")

        yield Bit(self, "has_shell_id", "Is the Item ID List present?")
        yield Bit(self, "target_is_file", "Is a file or a directory?")
        yield Bit(self, "has_description", "Is the Description field present?")
        yield Bit(self, "has_rel_path",
                  "Is the relative path to the target available?")
        yield Bit(self, "has_working_dir", "Is there a working directory?")
        yield Bit(self, "has_cmd_line_args",
                  "Are there any command line arguments?")
        yield Bit(self, "has_custom_icon", "Is there a custom icon?")
        yield Bit(self, "has_unicode_names", "Are Unicode names used?")
        yield Bit(self, "force_no_linkinfo")
        yield Bit(self, "has_exp_sz")
        yield Bit(self, "run_in_separate")
        yield Bit(self, "has_logo3id", "Is LOGO3 ID info present?")
        yield Bit(self, "has_darwinid", "Is the DarwinID info present?")
        yield Bit(self, "runas_user", "Is the target run as another user?")
        yield Bit(self, "has_exp_icon_sz",
                  "Is custom icon information available?")
        yield Bit(self, "no_pidl_alias")
        yield Bit(self, "force_unc_name")
        yield Bit(self, "run_with_shim_layer")
        yield PaddingBits(self, "reserved[]", 14,
                          "Flag bits reserved for future use")

        yield MSDOSFileAttr32(self, "target_attr")

        yield TimestampWin64(self, "creation_time")
        yield TimestampWin64(self, "modification_time")
        yield TimestampWin64(self, "last_access_time")
        yield filesizeHandler(UInt32(self, "target_filesize"))
        yield UInt32(self, "icon_number")
        yield Enum(UInt32(self, "show_window"), self.SHOW_WINDOW_STATE)
        yield textHandler(
            UInt8(self, "hot_key", "Hot key used for quick access"),
            text_hot_key)
        yield Bit(self, "hot_key_shift", "Hot key: is Shift used?")
        yield Bit(self, "hot_key_ctrl", "Hot key: is Ctrl used?")
        yield Bit(self, "hot_key_alt", "Hot key: is Alt used?")
        yield PaddingBits(self, "hot_key_reserved", 21, "Hot key: (reserved)")
        yield NullBytes(self, "reserved[]", 8)

        if self["has_shell_id"].value:
            yield ItemIdList(self, "item_idlist", "Item ID List")
        if self["target_is_file"].value:
            yield FileLocationInfo(self, "file_location_info",
                                   "File Location Info")
        if self["has_description"].value:
            yield LnkString(self, "description")
        if self["has_rel_path"].value:
            yield LnkString(self, "relative_path", "Relative path to target")
        if self["has_working_dir"].value:
            yield LnkString(self, "working_dir",
                            "Working directory (dir to start target in)")
        if self["has_cmd_line_args"].value:
            yield LnkString(self, "cmd_line_args", "Command Line Arguments")
        if self["has_custom_icon"].value:
            yield LnkString(self, "custom_icon", "Custom Icon Path")

        while not self.eof:
            yield ExtraInfo(self, "extra_info[]")
示例#43
0
 def createFields(self):
     yield textHandler(UInt32(self, "rva"), hexadecimal)
     yield filesizeHandler(UInt32(self, "size"))
     yield UInt32(self, "codepage")
     yield NullBytes(self, "reserved", 4)
 def createFields(self):
     yield textHandler(UInt32(self, "unknown[]", "0x01FE"), hexadecimal)
     yield textHandler(UInt32(self, "unknown[]", "0x0"), hexadecimal)
     yield filesizeHandler(UInt64(self, "file_size"))
     yield textHandler(UInt32(self, "unknown[]", "0x0"), hexadecimal)
     yield textHandler(UInt32(self, "unknown[]", "0x0"), hexadecimal)
示例#45
0
 def createFields(self):
     yield textHandler(UInt8(self, "zip_version", "ZIP version"),
                       ZipRevision)
     yield Enum(UInt8(self, "host_os", "ZIP Host OS"), self.HOST_OS)
示例#46
0
 def createFields(self):
     parent = self.parent
     version = parent.parent.version
     text_handler = parent.text_handler
     while self.current_size < self._size:
         yield textHandler(GenericInteger(self, 'entry[]', False, version), text_handler)
def parseStringRef(parent):
    yield textHandler(UInt32(parent, "ref"), hexadecimal)
示例#48
0
 def createFields(self):
     yield String(self, "filename", 56, truncate="\0", charset="ASCII")
     yield filesizeHandler(UInt32(self, "filesize"))
     yield textHandler(UInt32(self, "crc32"), hexadecimal)
     yield UInt32(self, "offset")
 def createFields(self):
     yield String(self, "tag", 4)
     yield textHandler(UInt32(self, "checksum"), hexadecimal)
     yield UInt32(self, "offset")
     yield filesizeHandler(UInt32(self, "size"))
示例#50
0
def Date(parent):
    return textHandler(
        GenericInteger(parent, 'date', True, parent['size'].value * 8),
        dateToString)
示例#51
0
def parseObjectID32(parser):
    yield textHandler(UInt32(parser, "object_id"), hexadecimal)
示例#52
0
def SeekID(parent):
    return textHandler(
        GenericInteger(parent, 'binary', False, parent['size'].value * 8),
        lambda chunk: segment.get(chunk.value, (hexadecimal(chunk), ))[0])
示例#53
0
def parseTempo(parser, size):
    yield textHandler(UInt24(parser, "microsec_quarter", "Microseconds per quarter note"), formatTempo)
示例#54
0
def Bool(parent):
    return textHandler(
        GenericInteger(parent, 'bool', False, parent['size'].value * 8),
        lambda chunk: str(chunk.value != 0))
示例#55
0
    def createFields(self):
        yield UInt32(self, "length", "Length of this structure")
        if not self["length"].value:
            return

        yield Enum(
            textHandler(
                UInt32(self, "signature",
                       "Signature determining the function of this structure"),
                hexadecimal), self.INFO_TYPE)

        if self["signature"].value == 0xA0000003:
            # Hostname and Other Stuff
            yield UInt32(self, "remaining_length")
            yield UInt32(self, "unknown[]")
            yield String(
                self,
                "hostname",
                16,
                "Computer hostname on which shortcut was last modified",
                strip="\0")
            yield RawBytes(self, "unknown[]", 32)
            yield RawBytes(self, "unknown[]", 32)

        elif self["signature"].value == 0xA0000005:
            # Special Folder Info
            yield Enum(
                UInt32(self, "special_folder_id", "ID of the special folder"),
                self.SPECIAL_FOLDER)
            yield UInt32(self, "offset", "Offset to Item ID entry")

        elif self["signature"].value in (0xA0000001, 0xA0000006, 0xA0000007):
            if self["signature"].value == 0xA0000001:  # Link Target Information
                object_name = "target"
            elif self[
                    "signature"].value == 0xA0000006:  # DarwinID (Windows Installer ID) Information
                object_name = "darwinID"
            else:  # Custom Icon Details
                object_name = "icon_path"
            yield CString(self,
                          object_name,
                          "Data (ASCII format)",
                          charset="ASCII")
            remaining = self[
                "length"].value - self.current_size / 8 - 260 * 2  # 260*2 = size of next part
            if remaining:
                yield RawBytes(self, "slack_space[]", remaining,
                               "Data beyond end of string")
            yield CString(self,
                          object_name + '_unicode',
                          "Data (Unicode format)",
                          charset="UTF-16-LE",
                          truncate="\0")
            remaining = self["length"].value - self.current_size / 8
            if remaining:
                yield RawBytes(self, "slack_space[]", remaining,
                               "Data beyond end of string")

        elif self["signature"].value == 0xA0000002:
            # Console Window Properties
            yield ColorTableIndex(self, "color_text", 4,
                                  "Screen text color index")
            yield ColorTableIndex(self, "color_bg", 4,
                                  "Screen background color index")
            yield NullBytes(self, "reserved[]", 1)
            yield ColorTableIndex(self, "color_popup_text", 4,
                                  "Pop-up text color index")
            yield ColorTableIndex(self, "color_popup_bg", 4,
                                  "Pop-up background color index")
            yield NullBytes(self, "reserved[]", 1)
            yield UInt16(self, "buffer_width",
                         "Screen buffer width (character cells)")
            yield UInt16(self, "buffer_height",
                         "Screen buffer height (character cells)")
            yield UInt16(self, "window_width",
                         "Window width (character cells)")
            yield UInt16(self, "window_height",
                         "Window height (character cells)")
            yield UInt16(self, "position_left",
                         "Window distance from left edge (screen coords)")
            yield UInt16(self, "position_top",
                         "Window distance from top edge (screen coords)")
            yield UInt32(self, "font_number")
            yield UInt32(self, "input_buffer_size")
            yield UInt16(self, "font_width",
                         "Font width in pixels; 0 for a non-raster font")
            yield UInt16(
                self, "font_height",
                "Font height in pixels; equal to the font size for non-raster fonts"
            )
            yield UInt32(self, "font_family")
            yield UInt32(self, "font_weight")
            yield String(self,
                         "font_name_unicode",
                         64,
                         "Font Name (Unicode format)",
                         charset="UTF-16-LE",
                         truncate="\0")
            yield UInt32(self, "cursor_size",
                         "Relative size of cursor (% of character size)")
            yield Enum(
                UInt32(self, "full_screen", "Run console in full screen?"),
                self.BOOL_ENUM)
            yield Enum(
                UInt32(
                    self, "quick_edit",
                    "Console uses quick-edit feature (using mouse to cut & paste)?"
                ), self.BOOL_ENUM)
            yield Enum(
                UInt32(self, "insert_mode", "Console uses insertion mode?"),
                self.BOOL_ENUM)
            yield Enum(
                UInt32(self, "auto_position",
                       "System automatically positions window?"),
                self.BOOL_ENUM)
            yield UInt32(self, "history_size",
                         "Size of the history buffer (in lines)")
            yield UInt32(
                self, "history_count",
                "Number of history buffers (each process gets one up to this limit)"
            )
            yield Enum(
                UInt32(
                    self, "history_no_dup",
                    "Automatically eliminate duplicate lines in the history buffer?"
                ), self.BOOL_ENUM)
            for index in xrange(16):
                yield ColorRef(self, "color[]")

        elif self["signature"].value == 0xA0000004:
            # Console Codepage Information
            yield UInt32(self, "codepage", "Console's code page")

        else:
            yield RawBytes(self, "raw",
                           self["length"].value - self.current_size / 8)
示例#56
0
 def createFields(self):
     yield Enum(UInt16(self, "src"), UDP.port_name)
     yield Enum(UInt16(self, "dst"), UDP.port_name)
     yield UInt16(self, "length")
     yield textHandler(UInt16(self, "checksum"), hexadecimal)
示例#57
0
 def createFields(self):
     yield textHandler(Bits(self, "type", 7), parseChannelType)
     yield Bit(self, "enabled")
示例#58
0
 def createFields(self):
     yield Bytes(self, "sync", 3)
     yield textHandler(UInt8(self, "tag"), hexadecimal)
     if self.parser and self['tag'].value != 0xb7:
         yield self.parser(self, "content")
示例#59
0
 def createFields(self):
     yield Bits(self, "reserved[]", 2)
     yield Bit(self, "byte_big_endian")
     yield Bit(self, "bit_big_endian")
     yield Bits(self, "scan_unit", 2)
     yield textHandler(PaddingBits(self, "reserved[]", 26), hexadecimal)
示例#60
0
 def createFields(self):
     padding = 0
     position = 0
     while True:
         next = ord(
             self.parent.stream.readBytes(
                 self.absolute_address + self.current_size + position, 1))
         if next == 0xff:
             padding += 1
             position += 8
         elif padding:
             yield PaddingBytes(self, "pad[]", padding)
             padding = None
             position = 0
         elif 0x40 <= next <= 0x7f:
             yield Bits(self, "scale_marker", 2)  # 1
             yield Bit(self, "scale")
             scale = self['scale'].value
             if scale:
                 scaleval = 1024
             else:
                 scaleval = 128
             yield textHandler(Bits(self, "size", 13),
                               lambda field: str(field.value * scaleval))
         elif 0x00 <= next <= 0x3f:
             yield Bits(self, "ts_marker", 2)  # 0
             yield Bit(self, "has_pts")
             yield Bit(self, "has_dts")
             if self['has_pts'].value:
                 yield Timestamp(self, "pts")
             if self['has_dts'].value:
                 yield PaddingBits(self, "pad[]", 4)
                 yield Timestamp(self, "dts")
             if self.current_size % 8 == 4:
                 yield PaddingBits(self, "pad[]", 4)
             break
         elif 0x80 <= next <= 0xbf:
             # MPEG-2 extension
             yield PacketElement(self, "pkt")
             break
         else:
             # 0xc0 - 0xfe: unknown
             break
     length = self["../length"].value - self.current_size // 8
     if length:
         tag = self['../tag'].value
         group = self.root.streamgroups[tag]
         parname = self.parent._name
         if parname.startswith('audio'):
             frag = CustomFragment(self,
                                   "data",
                                   length * 8,
                                   MpegAudioFile,
                                   group=group)
         elif parname.startswith('video'):
             frag = CustomFragment(self,
                                   "data",
                                   length * 8,
                                   VideoStream,
                                   group=group)
         else:
             frag = CustomFragment(self,
                                   "data",
                                   length * 8,
                                   None,
                                   group=group)
         self.root.streamgroups[tag] = frag.group
         yield frag