How to use the regipy.structs.LF_LH_SK_ELEMENT.parse_stream function in regipy

To help you get started, we’ve selected a few regipy examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

mkorman90 / regipy / regipy / registry.py View on Github

def _parse_subkeys(stream, signature=None):
        """
        Parse an LI , LF or LH Record
        :param stream: A stream at the header of the LH or LF entry, skipping the signature
        :return:
        """
        if not signature:
            signature = stream.read(2)

        if signature in [HASH_LEAF_SIGNATURE, FAST_LEAF_SIGNATURE]:
            subkeys = LF_LH_SK_ELEMENT.parse_stream(stream)
        elif signature == LEAF_INDEX_SIGNATURE:
            subkeys = INDEX_LEAF.parse_stream(stream)
        else:
            raise RegistryParsingException(f'Expected a known signature, got: {signature} at offset {stream.tell()}')

        for subkey in subkeys.elements:
            stream.seek(REGF_HEADER_SIZE + subkey.key_node_offset)

            # This cell should always be allocated, therefor we expect a negative size
            cell_size = Int32sl.parse_stream(stream) * -1

            # We read to this offset and skip 2 bytes, because that is the cell size we just read
            nk_cell = Cell(cell_type='nk', offset=stream.tell() + 2, size=cell_size)
            nk_record = NKRecord(cell=nk_cell, stream=stream)
            yield nk_record

How to use the regipy.structs.LF_LH_SK_ELEMENT.parse_stream function in regipy

To help you get started, we’ve selected a few regipy examples, based on popular ways it is used in public projects.

regipy

Package Health Score

Popular regipy functions

Similar packages