Merge pull request #1346 from gcmoreira/linux_misc_fixes

Linux - miscellaneous fixes
volatilityfoundation · Nov 12, 2024 · d2ae43c · d2ae43c
2 parents 340bd6d + 3a734fd
commit d2ae43c
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 13 deletions.
diff --git a/volatility3/framework/plugins/linux/pagecache.py b/volatility3/framework/plugins/linux/pagecache.py
@@ -454,7 +454,7 @@ def write_inode_content_to_file(
                     if current_fp + len(page_bytes) > inode_size:
                         vollog.error(
                             "Page out of file bounds: inode 0x%x, inode size %d, page index %d",
-                            inode.vol.object,
+                            inode.vol.offset,
                             inode_size,
                             page_idx,
                         )

diff --git a/volatility3/framework/symbols/linux/extensions/__init__.py b/volatility3/framework/symbols/linux/extensions/__init__.py
@@ -240,7 +240,7 @@ def get_symbols(self):
             for sym in syms:
                 yield sym
 
-    def get_symbols_names_and_addresses(self) -> Tuple[str, int]:
+    def get_symbols_names_and_addresses(self) -> Iterable[Tuple[str, int]]:
         """Get names and addresses for each symbol of the module
 
         Yields:
@@ -287,17 +287,15 @@ def section_symtab(self):
             return self.kallsyms.symtab
         elif self.has_member("symtab"):
             return self.symtab
-        raise AttributeError("module -> symtab: Unable to get symtab")
+        raise AttributeError("Unable to get symtab")
 
     @property
     def num_symtab(self):
         if self.has_member("kallsyms"):
             return int(self.kallsyms.num_symtab)
         elif self.has_member("num_symtab"):
-            return int(self.num_symtab)
-        raise AttributeError(
-            "module -> num_symtab: Unable to determine number of symbols"
-        )
+            return int(self.member("num_symtab"))
+        raise AttributeError("Unable to determine number of symbols")
 
     @property
     def section_strtab(self):
@@ -307,7 +305,7 @@ def section_strtab(self):
         # Older kernels
         elif self.has_member("strtab"):
             return self.strtab
-        raise AttributeError("module -> strtab: Unable to get strtab")
+        raise AttributeError("Unable to get strtab")
 
 
 class task_struct(generic.GenericIntelProcess):
@@ -1098,7 +1096,7 @@ def d_ancestor(self, ancestor_dentry):
             current_dentry = current_dentry.d_parent
         return None
 
-    def get_subdirs(self) -> interfaces.objects.ObjectInterface:
+    def get_subdirs(self) -> Iterable[interfaces.objects.ObjectInterface]:
         """Walks dentry subdirs
 
         Yields:
@@ -2435,7 +2433,7 @@ def get_file_mode(self) -> str:
         """
         return stat.filemode(self.i_mode)
 
-    def get_pages(self) -> interfaces.objects.ObjectInterface:
+    def get_pages(self) -> Iterable[interfaces.objects.ObjectInterface]:
         """Gets the inode's cached pages
 
         Yields:
@@ -2643,7 +2641,7 @@ def idr_find(self, idr_id: int) -> int:
 
         return idr_layer
 
-    def _old_kernel_get_entries(self) -> int:
+    def _old_kernel_get_entries(self) -> Iterable[int]:
         # Kernels < 4.11
         cur = self.cur
         total = next_id = 0
@@ -2655,15 +2653,15 @@ def _old_kernel_get_entries(self) -> int:
 
             next_id += 1
 
-    def _new_kernel_get_entries(self) -> int:
+    def _new_kernel_get_entries(self) -> Iterable[int]:
         # Kernels >= 4.11
         id_storage = linux.IDStorage.choose_id_storage(
             self._context, kernel_module_name="kernel"
         )
         for page_addr in id_storage.get_entries(root=self.idr_rt):
             yield page_addr
 
-    def get_entries(self) -> int:
+    def get_entries(self) -> Iterable[int]:
         """Walks the IDR and yield a pointer associated with each element.
 
         Args: