QuasarApp/pe-parse
4
0
Fork 0
mirror of https://github.com/QuasarApp/pe-parse.git synced 2025-04-29 22:04:33 +00:00
Code Issues Projects Releases Wiki Activity

Implement timedatestamp member.

Browse Source 
While here, DECREF the string used in init. Also, make a note that I really
want to use a bytearray instead of a list for get_bytes().
This commit is contained in:
Wesley Shields 2013-11-29 14:11:01 -05:00
parent 6d8a39ad72
commit ed77443f31
2 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
python/pepy.cpp
View File

@ -39,6 +39,7 @@ typedef struct {
typedef struct { typedef struct {
PyObject_HEAD PyObject_HEAD
PyObject *timedatestamp;
parsed_pe *pe; parsed_pe *pe;
} pepy_parsed; } pepy_parsed;
@ -67,11 +68,15 @@ static int pepy_parsed_init(pepy_parsed *self, PyObject *args, PyObject *kwds) {
return -2; return -2;
} }
Py_DECREF(py_str);
self->timedatestamp = PyInt_FromLong(self->pe->peHeader.nt.FileHeader.TimeDateStamp);
return 0; return 0;
} }
static void pepy_parsed_dealloc(pepy_parsed *self) { static void pepy_parsed_dealloc(pepy_parsed *self) {
DestructParsedPE(self->pe); DestructParsedPE(self->pe);
Py_XDECREF(self->timedatestamp);
self->ob_type->tp_free((PyObject *) self); self->ob_type->tp_free((PyObject *) self);
} }
@ -100,6 +105,11 @@ static PyObject *pepy_parsed_get_bytes(PyObject *self, PyObject *args) {
if (!PyArg_ParseTuple(args, "KK:pepy_parsed_get_bytes", &start, &len)) if (!PyArg_ParseTuple(args, "KK:pepy_parsed_get_bytes", &start, &len))
return NULL; return NULL;
/*
* XXX: I want this to be using PyByteArray_FromStringAndSize(),
* but, I'm not sure how to get what I need out of the parsed PE
* to make it work.
*/
ret = PyList_New(len); ret = PyList_New(len);
if (!ret) { if (!ret) {
PyErr_SetString(pepy_error, "Unable to create new list."); PyErr_SetString(pepy_error, "Unable to create new list.");
@ -165,6 +175,12 @@ static PyObject *pepy_parsed_get_sections(PyObject *self, PyObject *args) {
return ret; return ret;
} }
static PyMemberDef pepy_parsed_members[] = {
{ (char *) "timedatestamp", T_OBJECT, offsetof(pepy_parsed, timedatestamp),
READONLY, (char *) "PE Timestamp" },
{ NULL }
};
static PyMethodDef pepy_parsed_methods[] = { static PyMethodDef pepy_parsed_methods[] = {
{ "get_entry_point", pepy_parsed_get_entry_point, METH_NOARGS, { "get_entry_point", pepy_parsed_get_entry_point, METH_NOARGS,
"Return the entry point address." }, "Return the entry point address." },
@ -205,7 +221,7 @@ static PyTypeObject pepy_parsed_type = {
0, /* tp_iter */ 0, /* tp_iter */
0, /* tp_iternext */ 0, /* tp_iternext */
pepy_parsed_methods, /* tp_methods */ pepy_parsed_methods, /* tp_methods */
0, /* tp_members */ pepy_parsed_members, /* tp_members */
0, /* tp_getset */ 0, /* tp_getset */
0, /* tp_base */ 0, /* tp_base */
0, /* tp_dict */ 0, /* tp_dict */

4
python/test.py
View File

@ -1,12 +1,16 @@
#!/usr/bin/env python #!/usr/bin/env python
import sys import sys
import time
import pepy import pepy
import binascii
from pprint import pprint from pprint import pprint
p = pepy.parse(sys.argv[1]) p = pepy.parse(sys.argv[1])
ep = p.get_entry_point() ep = p.get_entry_point()
byts = p.get_bytes(ep, 8) byts = p.get_bytes(ep, 8)
print "Timedatestamp: %s" % time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(p.timedatestamp))
print "Bytes at 0x%x: %s" % (ep, byts) print "Bytes at 0x%x: %s" % (ep, byts)
for sect in p.get_sections(): for sect in p.get_sections():
pprint(sect) pprint(sect)