Re: [Libguestfs] [PATCH] hivex/python fix for i386 integer size issue
It worked! I'm ready to rock and roll with hivex for python now!
This is going to mean big things for the digital forensics community
-- up until now our only options have been C or Perl for parsing
registry hives, but a lot of the other tools are written in Python.
This will streamline our code base.
Thanks to Hilko for finding the bug and Richard for writing hivex in
the first place.
Elizabeth
On Thu, Apr 28, 2011 at 12:04 PM, Elizabeth Schweinsberg
<bethlogic(a)gmail.com> wrote:
I am going to have to wait until tomorrow to try it -- the work
firewall is blocking git.annexia.org. I'll try download it at home
tonight. But it makes sense that it would solve it -- I am running on
a i386 and after a little more testing found that at one point py_h
was set, and then the next call it was null.
Fingers crossed for tomorrow!
Elizabeth
On Thu, Apr 28, 2011 at 3:49 AM, Richard W.M. Jones <rjones(a)redhat.com> wrote:
> On Thu, Apr 28, 2011 at 12:20:08AM +0200, Hilko Bengen wrote:
>> Hi,
>>
>> While working on Debian packages of hivex 1.2.5, I came across a test
>> failure for the Python bindings with Python 2.7 on the i386
>> architecture. (The tests ran fine on amd64.)
>>
>> ,----
>> | $ make -C python check
>> | make[1]: Entering directory `/home/bengen/src/deb/hivex/hivex.git/python'
>> | 010-import.py
>> | 020-open.py
>> | 021-close.py
>> | 200-write.py
>> | python: hivex-py.c:52: get_handle: Assertion `obj' failed.
>> `----
>>
>> I narrowed this down to hivex-py.c:py_hivex_node_add_child():
>>
>> The call
>>
>> ,----
>> | PyArg_ParseTuple (args, (char *) "OLs:hivex_node_add_child",
>> | &py_h, &parent, &name)
>> `----
>>
>> results in `py_h' set to NULL, though Python's documentation claims that
>> this cannot happen. I think this happens because `parent' is declared a
>> `long int', but "L" in the format string corresponds to a `long
long'.
>> On amd64, they have the same size, but on i386 they don't, so the
>> PyObject pointer is written to the wrong address.
>>
>> Please consider applying the patch below which just changes the format
>> string. After regenerating hivex-py.c, I have successfully tested the
>> 1.2.5 code base on both architectures.
>>
>> Cheers,
>> -Hilko
>>
>> diff --git a/generator/generator.ml b/generator/generator.ml
>> index 7e706d1..9722312 100755
>> --- a/generator/generator.ml
>> +++ b/generator/generator.ml
>> @@ -2875,7 +2875,7 @@ put_val_type (char *val, size_t len, hive_type t)
>> pr "O"
>> | ANode n
>> | AValue n ->
>> - pr "L"
>> + pr "l"
>> | AString n ->
>> pr "s"
>> | AStringNullable n ->
>
> Elizabeth, can you try this to see if it fixes your problem too?
>
> Rich.
>
> --
> Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
> New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
> programs, test, and build Windows installers. Over 70 libraries supprt'd
> http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw
>