Claude/fix parsers 011 culyv ce9or z wnj6 wfu lf3#8
Open
Antonin-Deniau wants to merge 6 commits into
Open
Conversation
- Created ELF, PE, and Mach-O parsers using the lief library - Fixed import statements to use relative imports throughout the package - Added lief dependency to pyproject.toml - Updated .gitignore to include parser files (no longer auto-generated) The parsers were previously missing (only .ksy files existed), causing import errors. Now using lief library to parse binary formats instead of generating parsers from Kaitai Struct definitions. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed byte comparison in search.py to use integers instead of characters - Removed debug print statements from search_elf function - Fixed lief API usage to use isinstance() for type checking 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Changed string literal to bytes literal in search_pe function - Fixes TypeError when processing PE sections with virtual/raw size differences 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Created comprehensive GitHub Actions workflow for CI/CD testing - Auto-creates PE binaries using MinGW cross-compiler - Auto-creates Mach-O binaries with minimal valid structure - Updated test_parsers.py to auto-generate test binaries - All parsers now tested: ELF, PE, and Mach-O - Tests run on every push and pull request Test Results: - ✅ 4/4 tests passing (Import, ELF, PE, Mach-O) - ✅ 0 failures - ✅ 0 skipped tests 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Enhanced Mach-O binary creation to include 2 sections (__text and __const) - Previously only created a segment with 0 sections - Now properly tests section parsing functionality - Updated test output to display section details (name, address, offset, size) - Applied to both test_parsers.py and GitHub Actions workflow Test Results: ✅ Mach-O parser now shows: - 1 segment (__TEXT) - 2 sections (__text, __const) - Full section details displayed 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
IMPROVEMENTS:
1. Added Mach-O cave search test (was missing!)
2. Enhanced all cave search tests with thorough validation
3. Fixed Mach-O search_macho function to work with bytes
CAVE SEARCH TESTS NOW INCLUDE:
✅ ELF cave search - validates process completion and cave details
✅ PE cave search - validates process completion and cave details
✅ Mach-O cave search - NEW! validates process completion and cave details
VALIDATION CHECKS:
- Process starts successfully ("Starting cave mining process")
- Process completes successfully ("Mining finished")
- Cave count reported
- Cave details validated (section_name, cave_begin, cave_size, vaddress)
- Proper error handling with detailed output on failure
FIXES:
- Mach-O search function: Removed incorrect str type check
- Mach-O search function: Added null check for command.body
- Test binary: Enhanced with larger null byte areas for reliable cave detection
* __text: 176 bytes of nulls (was scattered)
* __const: 64 bytes of nulls (was minimal)
TEST RESULTS:
✅ ELF: Finds 2 caves in /bin/ls
✅ PE: Finds 17 caves in test.exe
✅ Mach-O: Finds 2 caves in test_macho
All three binary format parsers now have complete cave search testing! 🎉
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.