Skip to content

Commit

Permalink
Fix typing and dependencies - adapt to dnfile breaking changes (#120)
Browse files Browse the repository at this point in the history
Co-authored-by: msm <[email protected]>
  • Loading branch information
msm-cert and msm-code authored Apr 11, 2024
1 parent 7a801b8 commit 714ed03
Show file tree
Hide file tree
Showing 5 changed files with 9 additions and 5 deletions.
2 changes: 1 addition & 1 deletion malduck/dnpe.py
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ def dn_user_string(
return None

try:
us_string = self.dn_user_strings.get_us(index, encoding=encoding)
us_string = self.dn_user_strings.get(index, encoding=encoding)
except UnicodeDecodeError:
return None

Expand Down
4 changes: 2 additions & 2 deletions malduck/procmem/procmemelf.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ def __init__(
image: bool = False,
detect_image: bool = False,
) -> None:
self._elf = None
self._elf: Optional[elftools.elf.elffile.ELFFile] = None
super().__init__(
buf, base=base, regions=regions, image=image, detect_image=detect_image
)
Expand Down Expand Up @@ -107,7 +107,7 @@ def is_image_loaded_as_memdump(self):
@property
def imgend(self) -> int:
"""Address where ELF image ends"""
lastSegment = self.elf.get_segment(self.elf.num_segment() - 1)
lastSegment = self.elf.get_segment(self.elf.num_segments() - 1)
return lastSegment.header["p_vaddr"] + lastSegment.header["p_memsz"]


Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,4 @@ capstone>=4.0.1
yara-python
typing-extensions>=3.7.4.2
cryptography>=3.1
dnfile>=0.11.0
dnfile>=0.15.0
2 changes: 1 addition & 1 deletion tests/test_procmem.py
Original file line number Diff line number Diff line change
Expand Up @@ -271,4 +271,4 @@ def test_procmemdnpe():
assert p.pe is not None
assert p.pe.dn_metadata.struct.Version == b'v4.0.30319\x00\x00'
assert p.pe.dn_metadata.struct.NumberOfStreams == len(p.pe.dn_metadata.streams)

assert p.pe.dn_user_string(1).value == "Hello World!"
4 changes: 4 additions & 0 deletions tests/test_procmemelf.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ def test_hello_static():
assert pelf.elf.elfclass == 64
assert pelf.elf.get_machine_arch() == 'x64'
assert pelf.elf.little_endian
assert pelf.imgend == 7159808


def test_hello_32():
Expand All @@ -26,6 +27,7 @@ def test_hello_32():
assert pelf.elf.elfclass == 32
assert pelf.elf.get_machine_arch() == 'x86'
assert pelf.elf.little_endian
assert pelf.imgend == 8192


def test_hello_32_static():
Expand All @@ -35,6 +37,7 @@ def test_hello_32_static():
assert pelf.elf.elfclass == 32
assert pelf.elf.get_machine_arch() == 'x86'
assert pelf.elf.little_endian
assert pelf.imgend == 135200768


def test_hidden_32_static():
Expand All @@ -48,3 +51,4 @@ def test_hidden_32_static():
b"\x00\xcd\x80\x5a\x59\x5b\x58\x68\x73\x87\x04\x08\xc3\x28\x68\x69\x64\x64\x65\x6e\x20\x63\x6f"\
b"\x64\x65\x21\x29\x0a"
assert pelf.readv(0x80ed200, len(hidden_code)) == hidden_code
assert pelf.imgend == 135200768

0 comments on commit 714ed03

Please sign in to comment.