diff --git a/config/dpkg/changelog b/config/dpkg/changelog index c325be3176..d1a6ec5d54 100644 --- a/config/dpkg/changelog +++ b/config/dpkg/changelog @@ -2,4 +2,4 @@ plaso (1.4.1-1) unstable; urgency=low * Auto-generated - -- Log2Timeline Fri, 16 Sep 2016 06:46:44 +0200 \ No newline at end of file + -- Log2Timeline Sat, 17 Sep 2016 19:49:02 +0200 \ No newline at end of file diff --git a/docs/plaso.lib.rst b/docs/plaso.lib.rst index 6a96b27a56..c9bcf0d804 100644 --- a/docs/plaso.lib.rst +++ b/docs/plaso.lib.rst @@ -68,6 +68,14 @@ plaso.lib.pfilter module :undoc-members: :show-inheritance: +plaso.lib.platform_specific module +---------------------------------- + +.. automodule:: plaso.lib.platform_specific + :members: + :undoc-members: + :show-inheritance: + plaso.lib.plist module ---------------------- diff --git a/plaso/__init__.py b/plaso/__init__.py index 393a899d53..e1d89ddb32 100644 --- a/plaso/__init__.py +++ b/plaso/__init__.py @@ -9,7 +9,7 @@ __version__ = '1.4.1' VERSION_DEV = True -VERSION_DATE = '20160916' +VERSION_DATE = '20160917' def GetVersion(): diff --git a/plaso/lib/platform_specific.py b/plaso/lib/platform_specific.py new file mode 100644 index 0000000000..8414ef06e6 --- /dev/null +++ b/plaso/lib/platform_specific.py @@ -0,0 +1,55 @@ +# -*- coding: utf-8 -*- +"""This file contains functions for certain platform specific operations.""" +import sys + + +# Windows-only imports +try: + import msvcrt + import win32api + import win32con +except ImportError: + msvcrt = None + win32api = None + win32con = None + + +def DisableWindowsFileHandleInheritance(file_descriptor): + """Flags a Windows file descriptor so that child processes don't inherit it. + + Args: + file_descriptor (int): file handle descriptor, as returned by fileno() and + similar methods. + """ + if msvcrt and win32api and win32con: + os_handle = msvcrt.get_osfhandle(file_descriptor) + win32api.SetHandleInformation(os_handle, win32con.HANDLE_FLAG_INHERIT, 0) + return + raise RuntimeError + + +def PlatformIsDarwin(): + """Checks if the current platform is Windows. + + Returns: + bool: True if Python is running on Darwin. + """ + return sys.platform.startswith(u'darwin') + + +def PlatformIsLinux(): + """Checks if the current platform is Windows. + + Returns: + bool: True if Python is running on Windows. + """ + return sys.platform.startswith(u'linux') + + +def PlatformIsWindows(): + """Checks if the current platform is Windows. + + Returns: + bool: True if Python is running on Windows. + """ + return sys.platform.startswith(u'win') or sys.platform.startswith(u'cygwin') diff --git a/plaso/lib/utils.py b/plaso/lib/utils.py index f5bedaca07..b5ead3335a 100644 --- a/plaso/lib/utils.py +++ b/plaso/lib/utils.py @@ -57,7 +57,7 @@ def IsText(bytes_in, encoding=None): return True except LookupError: - logging.error(u'Unuppported encoding: {0:s}'.format(encoding)) + logging.error(u'Unsupported encoding: {0:s}'.format(encoding)) except UnicodeDecodeError: pass diff --git a/plaso/multi_processing/task_engine.py b/plaso/multi_processing/task_engine.py index 85b6269b0f..824b96366f 100644 --- a/plaso/multi_processing/task_engine.py +++ b/plaso/multi_processing/task_engine.py @@ -656,8 +656,8 @@ def _UpdateProcessingStatus(self, pid, process_status): try: self._task_manager.RescheduleTaskByIdentifier(task_identifier) except KeyError: - logging.error(u'Worker processing unknown task: {0:s}.'.format( - task_identifier)) + logging.error(u'Worker {0:s} is processing unknown task: {1:s}.'.format( + process.name, task_identifier)) def ProcessSources( self, session_identifier, source_path_specs, storage_writer, diff --git a/plaso/multi_processing/worker_process.py b/plaso/multi_processing/worker_process.py index 6b4c5d453d..976429df03 100644 --- a/plaso/multi_processing/worker_process.py +++ b/plaso/multi_processing/worker_process.py @@ -125,9 +125,7 @@ def _GetStatus(self): last_activity_timestamp = 0.0 processing_status = self._status - task_identifier = u'' - if self._task: - task_identifier = self._task.identifier + task_identifier = getattr(self._task, u'identifier', u'') status = { u'display_name': self._current_display_name, diff --git a/plaso/parsers/bsm.py b/plaso/parsers/bsm.py index 2d7206027c..cbe4cf3522 100644 --- a/plaso/parsers/bsm.py +++ b/plaso/parsers/bsm.py @@ -128,7 +128,7 @@ class BsmParser(interface.FileObjectParser): u'ipv6', construct.UBInt64(u'high'), construct.UBInt64(u'low')) # Tested structures. - # INFO: I have ommited the ID in the structures declaration. + # INFO: I have omitted the ID in the structures declaration. # I used the BSM_TYPE first to read the ID, and then, the structure. # Tokens always start with an ID value that identifies their token # type and subsequent structure. @@ -705,7 +705,7 @@ def ReadBSMEvent(self, parser_mediator, file_object): u'Unable to parse the Token ID at position: {0:d}'.format( file_object.tell())) return - if not token_id in self.BSM_TYPE_LIST: + if token_id not in self.BSM_TYPE_LIST: pending = (offset + length) - file_object.tell() extra_tokens.extend(self.TryWithUntestedStructures( file_object, token_id, pending)) diff --git a/plaso/storage/gzip_file.py b/plaso/storage/gzip_file.py index a7438fdb0c..b5f61d3d8e 100644 --- a/plaso/storage/gzip_file.py +++ b/plaso/storage/gzip_file.py @@ -8,6 +8,7 @@ import os from plaso.lib import definitions +from plaso.lib import platform_specific from plaso.serializer import json_serializer from plaso.storage import interface @@ -245,7 +246,9 @@ def Open(self, path=None, read_only=True, **unused_kwargs): access_mode = 'wb' self._gzip_file = gzip.open(path, access_mode, self._COMPRESSION_LEVEL) - + if platform_specific.PlatformIsWindows(): + file_handle = self._gzip_file.fileno() + platform_specific.DisableWindowsFileHandleInheritance(file_handle) if read_only: self._OpenRead() @@ -300,6 +303,9 @@ def __init__(self, storage_writer, path): super(GZIPStorageMergeReader, self).__init__(storage_writer) self._data_buffer = None self._gzip_file = gzip.open(path, 'rb') + if platform_specific.PlatformIsWindows(): + file_handle = self._gzip_file.fileno() + platform_specific.DisableWindowsFileHandleInheritance(file_handle) self._path = path self._serializer = json_serializer.JSONAttributeContainerSerializer self._serializers_profiler = None diff --git a/plaso/storage/zip_file.py b/plaso/storage/zip_file.py index faf6d700b8..5adb870791 100644 --- a/plaso/storage/zip_file.py +++ b/plaso/storage/zip_file.py @@ -144,6 +144,7 @@ from plaso.containers import sessions from plaso.lib import definitions +from plaso.lib import platform_specific from plaso.serializer import json_serializer from plaso.storage import interface from plaso.storage import gzip_file @@ -594,6 +595,9 @@ def WriteInitialize(self): """ stream_file_path = os.path.join(self._path, self._stream_name) self._file_object = open(stream_file_path, 'wb') + if platform_specific.PlatformIsWindows(): + file_handle = self._file_object.fileno() + platform_specific.DisableWindowsFileHandleInheritance(file_handle) return self._file_object.tell() @@ -1755,6 +1759,9 @@ def _OpenZIPFile(self, path, read_only): zipfile_path, mode=access_mode, compression=zipfile.ZIP_DEFLATED, allowZip64=True) self._zipfile_path = zipfile_path + if platform_specific.PlatformIsWindows(): + file_handle = self._zipfile.fp.fileno() + platform_specific.DisableWindowsFileHandleInheritance(file_handle) except zipfile.BadZipfile as exception: raise IOError(u'Unable to open ZIP file: {0:s} with error: {1:s}'.format( diff --git a/tools/psort.py b/tools/psort.py index 1529c5e493..3d5b485bde 100755 --- a/tools/psort.py +++ b/tools/psort.py @@ -776,6 +776,7 @@ def ProcessStorage(self): self._storage_file_path) self._number_of_analysis_reports = ( storage_reader.GetNumberOfAnalysisReports()) + storage_reader.Close() if analysis_plugins: storage_writer = self._front_end.CreateStorageWriter(