Context Navigation

source: trunk/python/pyregfi/structures.py @ 207

Last change on this file since 207 was 206, checked in by tim, 14 years ago

simplified part of regfi API to move string encoding to the REGFI_FILE object

additional pyregfi implementation

File size: 6.8 KB

Line
1	#!/usr/bin/env python
2
3	import sys
4	import os
5	import traceback
6	import ctypes
7	import ctypes.util
8	from ctypes import *
9
10	# XXX: can we always be sure enums are this size?
11	REGFI_ENCODING = c_uint32
12	REGFI_DATA_TYPE = c_uint32
13
14
15	# Prototype everything first so we don't have to worry about reference order
16	class REGFI_NTTIME(Structure):
17	pass
18
19	class REGFI_VK(Structure):
20	pass
21
22	class REGFI_SK(Structure):
23	pass
24
25	class REGFI_SUBKEY_LIST(Structure):
26	pass
27
28	class REGFI_VALUE_LIST(Structure):
29	pass
30
31	class REGFI_CLASSNAME(Structure):
32	pass
33
34	class REGFI_DATA(Structure):
35	pass
36
37	class REGFI_NK(Structure):
38	pass
39
40	class REGFI_ITERATOR(Structure):
41	pass
42
43	class REGFI_FILE(Structure):
44	pass
45
46	class REGFI_RAW_FILE(Structure):
47	fh = None
48
49	def cb_seek(self, raw_file, offset, whence):
50	try:
51	self.fh.seek(offset, whence)
52	except Exception:
53	traceback.print_exc()
54	# XXX: os.EX_IOERR may not be available on Windoze
55	set_errno(os.EX_IOERR)
56	return -1
57
58	return self.fh.tell()
59
60
61	def cb_read(self, raw_file, buf, count):
62	try:
63	# XXX: anyway to do a readinto() here?
64	tmp = self.fh.read(count)
65	memmove(buf,tmp,len(tmp))
66
67	except Exception:
68	traceback.print_exc()
69	# XXX: os.EX_IOERR may not be available on Windoze
70	set_errno(os.EX_IOERR)
71	return -1
72	return len(tmp)
73
74
75	# XXX: how can we know for sure the size of off_t and size_t?
76	seek_cb_type = CFUNCTYPE(c_int64, POINTER(REGFI_RAW_FILE), c_uint64, c_int, use_errno=True)
77	read_cb_type = CFUNCTYPE(c_int64, POINTER(REGFI_RAW_FILE), POINTER(c_char), c_uint64, use_errno=True)
78
79
80	REGFI_NTTIME._fields_ = [('low', c_uint32),
81	('high', c_uint32)]
82
83	REGFI_VK._fields_ = [('offset', c_uint32),
84	('cell_size', c_uint32),
85	('name', c_char_p),
86	('name_raw', POINTER(c_char)),
87	('name_length', c_uint16),
88	('hbin_off', c_uint32),
89	('data_size', c_uint32),
90	('data_off', c_uint32),
91	('type', REGFI_DATA_TYPE),
92	('magic', c_char * 2),
93	('flags', c_uint16),
94	('unknown1', c_uint16),
95	('data_in_offset', c_bool),
96	]
97
98
99	REGFI_SK._fields_ = [('offset', c_uint32),
100	('cell_size', c_uint32),
101	('sec_desc', c_void_p), #XXX
102	('hbin_off', c_uint32),
103	('prev_sk_off', c_uint32),
104	('next_sk_off', c_uint32),
105	('ref_count', c_uint32),
106	('desc_size', c_uint32),
107	('unknown_tag', c_uint16),
108	('magic', c_char * 2),
109	]
110
111
112	REGFI_NK._fields_ = [('offset', c_uint32),
113	('cell_size', c_uint32),
114	('values', POINTER(REGFI_VALUE_LIST)),
115	('subkeys', POINTER(REGFI_SUBKEY_LIST)),
116	('flags', c_uint16),
117	('magic', c_char * 2),
118	('mtime', REGFI_NTTIME),
119	('name_length', c_uint16),
120	('classname_length', c_uint16),
121	('name', c_char_p),
122	('name_raw', POINTER(c_char)),
123	('parent_off', c_uint32),
124	('classname_off', c_uint32),
125	('max_bytes_subkeyname', c_uint32),
126	('max_bytes_subkeyclassname', c_uint32),
127	('max_bytes_valuename', c_uint32),
128	('max_bytes_value', c_uint32),
129	('unknown1', c_uint32),
130	('unknown2', c_uint32),
131	('unknown3', c_uint32),
132	('unk_index', c_uint32),
133	('num_subkeys', c_uint32),
134	('subkeys_off', c_uint32),
135	('num_values', c_uint32),
136	('values_off', c_uint32),
137	('sk_off', c_uint32),
138	]
139
140
141	REGFI_SUBKEY_LIST._fields_ = [('offset', c_uint32),
142	('cell_size', c_uint32),
143	('num_children', c_uint32),
144	('num_keys', c_uint32),
145	('elements', c_void_p),
146	('magic', c_char * 2),
147	('recursive_type', c_bool),
148	]
149
150
151	REGFI_VALUE_LIST._fields_ = [('offset', c_uint32),
152	('cell_size', c_uint32),
153	('num_children', c_uint32),
154	('num_values', c_uint32),
155	('elements', c_void_p),
156	]
157
158	REGFI_CLASSNAME._fields_ = [('offset', c_uint32),
159	('interpreted', c_char_p),
160	('raw', POINTER(c_char)),
161	('size', c_uint16),
162	]
163
164
165	class REGFI_DATA__interpreted(Union):
166	_fields_ = [('none',POINTER(c_char)),
167	('string', c_char_p),
168	('expand_string', c_char_p),
169	('binary',POINTER(c_char)),
170	('dword', c_uint32),
171	('dword_be', c_uint32),
172	('link', c_char_p),
173	('multiple_string', POINTER(c_char_p)),
174	('qword', c_uint64),
175	('resource_list',POINTER(c_char)),
176	('full_resource_descriptor',POINTER(c_char)),
177	('resource_requirements_list',POINTER(c_char)),
178	]
179	REGFI_DATA._fields_ = [('offset', c_uint32),
180	('type', REGFI_DATA_TYPE),
181	('size', c_uint32),
182	('raw', POINTER(c_char)),
183	('interpreted_size', c_uint32),
184	('interpreted', REGFI_DATA__interpreted),
185	]
186
187
188	REGFI_FILE._fields_ = [('magic', c_char * 4),
189	('sequence1', c_uint32),
190	('sequence2', c_uint32),
191	('mtime', REGFI_NTTIME),
192	('major_version', c_uint32),
193	('minor_version', c_uint32),
194	('type', c_uint32),
195	('format', c_uint32),
196	('root_cell', c_uint32),
197	('last_block', c_uint32),
198	('cluster', c_uint32),
199	]
200
201
202	REGFI_RAW_FILE._fields_ = [('seek', seek_cb_type),
203	('read', read_cb_type),
204	('cur_off', c_uint64),
205	('size', c_uint64),
206	('state', c_void_p),
207	]

Note: See TracBrowser for help on using the repository browser.

Download in other formats: