Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Module sql :: Class MemoryDTO
[hide private]
[frames] | no frames]

Class MemoryDTO

source code

Database mapping for memory dumps.

Instance Methods [hide private]
 
__init__(self, crash_id, mbi)
Process a win32.MemoryBasicInformation object for database storage.		 source code
 
_to_access(self, protect) source code
win32.MemoryBasicInformation
toMBI(self, getMemoryDump=False)
Returns a win32.MemoryBasicInformation object using the data retrieved from the database.		 source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Static Methods [hide private]
 
_parse_state(state) source code
 
_parse_type(type) source code
 
_parse_access(access) source code
Class Variables [hide private]
  __tablename__ = 'memory'
  id = Column(Integer, Sequence(__tablename__+ '_seq'), primary_...
  crash_id = Column(Integer, ForeignKey('crashes.id', ondelete= ...
  address = Column(BigInteger, nullable= False, index= True)
  size = Column(BigInteger, nullable= False)
  state = Column(MEM_STATE_ENUM, nullable= False)
  access = Column(MEM_ACCESS_ENUM)
  type = Column(MEM_TYPE_ENUM)
  alloc_base = Column(BigInteger)
  alloc_access = Column(MEM_ALLOC_ACCESS_ENUM)
  filename = Column(String)
  content = deferred(Column(LargeBinary))
  __mapper__ = <Mapper at 0x3e51550; MemoryDTO>
  __table__ = Table('memory', MetaData(bind=None), Column('id', ...
  _sa_class_manager = <ClassManager of <class 'winappdbg.sql.Mem...

Inherited from BaseDTO: metadata

Inherited from BaseDTO (private): _decl_class_registry

Inherited from unreachable.BaseDTO: __table_args__

Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

__init__(self, crash_id, mbi)
(Constructor)

source code 

Process a win32.MemoryBasicInformation object for database storage.

Overrides: object.__init__

toMBI(self, getMemoryDump=False)

source code 

Returns a win32.MemoryBasicInformation object using the data retrieved from the database.

Parameters:
  • getMemoryDump (bool) - (Optional) If True retrieve the memory dump. Defaults to False since this may be a costly operation.
Returns: win32.MemoryBasicInformation
Memory block information.

Class Variable Details [hide private]

id

Value:
Column(Integer, Sequence(__tablename__+ '_seq'), primary_key= True, au\
toincrement= True)

crash_id

Value:
Column(Integer, ForeignKey('crashes.id', ondelete= 'CASCADE', onupdate\
= 'CASCADE'), nullable= False)

__table__

Value:
Table('memory', MetaData(bind=None), Column('id', Integer(), table=<me\
mory>, primary_key=True, nullable=False, default=Sequence('memory_seq'\
, metadata=MetaData(bind=None))), Column('crash_id', Integer(), Foreig\
nKey('crashes.id'), table=<memory>, nullable=False), Column('address',\
 BigInteger(), table=<memory>, nullable=False), Column('size', BigInte\
ger(), table=<memory>, nullable=False), Column('state', Enum('Reserved\
', 'Commited', 'Free', 'Unknown', name='MEM_STATE_ENUM'), table=<memor\
y>, nullable=False), Column('access', Enum('--- GNW', '--- GN-', '--- \
...

_sa_class_manager

Value:
<ClassManager of <class 'winappdbg.sql.MemoryDTO'> at 3dee880>

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:54:55 2013 http://epydoc.sourceforge.net