Re: [Vol-dev] [patch] Pylint improvements for new_object
22 Sep
2009
22 Sep
'09
3:15 p.m.
Michael Cohen wrote:
Hi Mike,
Hiya Michael! 5:)
Thanks for the patch. I tried to update it in the
spirit of the new
object framework.
My pleasure! Thanks for updating it, that's exactly the kind of
feedback I was after... 5:)
Since adding
and subtracting time is quite common its worth adding a __sub__ method
to this class so you can just do:
return k.SystemTime - k.TimeZoneBias
Which is more readable and easier to understand
That's true and exactly what I wanted to do, but wasn't sure how to
return a WinTimeStamp without creating a BufAddrSpace and somehow
packing the value back into it. Since all the inputs have defaults, I
should've realized you could just insert the value.
also note that this should return a WinTimeStamp
object
Just what I was trying to do! I think, however, there'll still be a
problem. The TimeZoneBias is encoded as a LONG_INTEGER/WinTimeStamp,
but it'll just be a value in hours, and the windows_to_unix_time will (I
think) compress that down to 0 because of the scaling it does, so you'll
lose your timezone information. I guess the best way of dealing with
this is to treat the timezone as a LONG_INTEGER, but then subtraction
could potentially get sticky (given they're different types). I'm not
sure how best to deal with that...
typically with the new command
reorg we try to ensure that we dont pass strings until the very end -
so as not to lose information. Note that expanding a WinTimeStamp into
a string will format it. You should try to use construct like
outfd.write(" Datetime: %s\n" % data['ImageDatetime'])
instead of
outfd.write(" Datetime: " + data['ImageDatetime'])
The latter breaks when data is not a string (which it should not usually be)
Ah cool, thanks, I'll keep that in mind! 5:)
Finally try to return NoneObject( reason) from
functions rather than
None - this allows you to do stuff like:
for task in win32.tasks.pslist(addr_space, self.profile):
if task.Peb.CSDVersion:
instead of
+ for task in win32.tasks.pslist(addr_space, self.profile):
+ if task.Peb is not None:
+ if task.Peb.CSDVersion is not None:
Which is more error prone because you can forget to check for None at
a certain level for a timebomb bug.
Ok, that's good to know too! I'm really liking this new object model,
it feels like you've covered all the issues before I ever hit them! 5:)
Hope this help,
It definitely does, once I'm not so sleepy (sorry, had a long day
today), I'll try and have a go as some of the other internal modules.
I'll post them here for review again, just to make sure I've got the
hang of things. Thanks again for the time you've spent looking over my
stuff, it's much appreciated! 5:)
Mike 5:)