Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Module search :: Class TextPattern
[hide private]
[frames] | no frames]

Class TextPattern

source code

Text pattern.

Instance Methods [hide private]
 
__init__(self, text, encoding='utf-16le', caseSensitive=False)
Class constructor.		 source code
 
read(self, process, address, size)
Reads the requested number of bytes from the process memory at the given address.		 source code
tuple( int, int, str )
found(self, address, size, data)
This method gets called when a match is found.		 source code
 
__len__(self)
Returns the exact length of the pattern. (Inherited from winappdbg.search.BytePattern)		 source code
tuple( int, int )
find(self, buffer, pos=None)
Searches for the pattern in the given buffer, optionally starting at the given position within the buffer. (Inherited from winappdbg.search.BytePattern)		 source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Instance Variables [hide private]
bool caseSensitive
True of the search is case sensitive, False otherwise.
str encoding
Encoding for the text parameter.
bool isUnicode
True if the text to search for is a unicode string, False otherwise.
int length
Length of the byte pattern. (Inherited from winappdbg.search.BytePattern)
str pattern
Byte string to search for. (Inherited from winappdbg.search.BytePattern)
Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

__init__(self, text, encoding='utf-16le', caseSensitive=False)
(Constructor)

source code 

Class constructor.

The only mandatory argument should be the pattern string.

This method MUST be reimplemented by subclasses of Pattern.

Parameters:
  • text (str or unicode) - Text to search for.
  • encoding (str) - (Optional) Encoding for the text parameter. Only used when the text to search for is a Unicode string. Don't change unless you know what you're doing!
  • caseSensitive (bool) - True of the search is case sensitive, False otherwise.
Overrides: object.__init__

read(self, process, address, size)

source code 

Reads the requested number of bytes from the process memory at the given address.

Subclasses of Pattern tipically don't need to reimplement this method.

Overrides: Pattern.read
(inherited documentation)

found(self, address, size, data)

source code 

This method gets called when a match is found.

This allows subclasses of Pattern to filter out unwanted results, or modify the results before giving them to the caller of Search.search_process.

If the return value is None the result is skipped.

Subclasses of Pattern don't need to reimplement this method unless filtering is needed.

Parameters:
  • address - The memory address where the pattern was found.
  • size - The size of the data that matches the pattern.
  • data - The data that matches the pattern.
Returns: tuple( int, int, str )
Tuple containing the following: * The memory address where the pattern was found. * The size of the data that matches the pattern. * The data that matches the pattern.
Overrides: Pattern.found
(inherited documentation)

Instance Variable Details [hide private]

encoding

Encoding for the text parameter. Only used when the text to search for is a Unicode string. Don't change unless you know what you're doing!
Type:
str

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:54:55 2013 http://epydoc.sourceforge.net