diff --git a/tests/test_alpc.py b/tests/test_alpc.py index d52a783b..0546626a 100644 --- a/tests/test_alpc.py +++ b/tests/test_alpc.py @@ -15,7 +15,7 @@ def generated_test(): time.sleep(0.5) client_function() th.join() - return True + return return generated_test PORT_NAME = r"\RPC Control\PythonForWindowsTestPort" diff --git a/tests/test_crypto.py b/tests/test_crypto.py index aad58b9d..c97510c4 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -227,7 +227,7 @@ def test_crypt_obj(): # TODO: Need some better ideas def test_certificate_from_store(): - return windows.crypto.CertificateStore.from_system_store("Root") + assert windows.crypto.CertificateStore.from_system_store("Root") def test_sign_verify(rawcert, rawpfx): diff --git a/tests/test_process.py b/tests/test_process.py index aea71d42..2552f9a4 100644 --- a/tests/test_process.py +++ b/tests/test_process.py @@ -25,7 +25,7 @@ def test_current_process_ppid(self): assert myself.ppid == windows.current_process.ppid def test_get_current_process_peb(self): - return windows.current_process.peb + assert windows.current_process.peb def test_get_current_process_modules(self): # Use module filename because this executable can be: diff --git a/windows/debug/symbols.py b/windows/debug/symbols.py index d0599b62..472eac4c 100644 --- a/windows/debug/symbols.py +++ b/windows/debug/symbols.py @@ -177,6 +177,10 @@ def _get_type_info(self, typeinfo, ires=None): windows.winproxy.LocalFree(res) return newres + @property + def module(self): + return self.resolver.get_module(self.modbase) + @property def name(self): return self._get_type_info(gdef.TI_GET_SYMNAME) diff --git a/windows/syswow64.py b/windows/syswow64.py index 2f2558c5..8cfd8836 100644 --- a/windows/syswow64.py +++ b/windows/syswow64.py @@ -169,7 +169,9 @@ def get_current_process_syswow_peb(): class CurrentProcessReadSyswow(process.Process): bitness = 64 + def _get_handle(self): + # GetCurrentProcess() is not accepted for NtWow64ReadVirtualMemory64 :( return winproxy.OpenProcess(dwProcessId=windows.current_process.pid) def read_memory(self, addr, size): diff --git a/windows/winobject/event_log.py b/windows/winobject/event_log.py index 6596b5cd..af523c17 100644 --- a/windows/winobject/event_log.py +++ b/windows/winobject/event_log.py @@ -377,6 +377,7 @@ class ImprovedEVT_VARIANT(gdef.EVT_VARIANT): gdef.EvtVarTypeUInt16 + gdef.EVT_VARIANT_TYPE_ARRAY : "UInt16Arr", gdef.EvtVarTypeUInt32 + gdef.EVT_VARIANT_TYPE_ARRAY : "UInt32Arr", gdef.EvtVarTypeUInt64 + gdef.EVT_VARIANT_TYPE_ARRAY : "UInt64Arr", + gdef.EvtVarTypeHexInt64 + gdef.EVT_VARIANT_TYPE_ARRAY : "UInt64Arr", } NoneValue = None diff --git a/windows/winobject/process.py b/windows/winobject/process.py index 3ea231fc..facacd84 100644 --- a/windows/winobject/process.py +++ b/windows/winobject/process.py @@ -520,11 +520,12 @@ def handles(self): return [h for h in windows.system.handles if h.dwProcessId == pid] def __del__(self): - super(Process, self).__del__() - # Same logic that AutoHandle.__del__ for Process.limited_handle - # Assert that Process inherit AutoHandle # sys.path is not None -> check if python shutdown if sys.path is not None and hasattr(self, "_limited_handle") and self._limited_handle: + # Same logic that AutoHandle.__del__ for Process.limited_handle + # Assert that Process inherit AutoHandle + # Call super after check as Process could be None during destruction + super(Process, self).__del__() # Prevent some bug where dbgprint might be None when __del__ is called in a closing process # This line is bad -> it reopens a handle closed by 'super(Process, self).__del__()' ._. dbgprint("Closing limited handle {0} for {1}".format(hex(self._limited_handle), self), "HANDLE") if dbgprint is not None else None