1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
import os
import mmap
import os.path
import contextlib
import pytest
@pytest.fixture
def system_path():
'''
fetch the file system path of the system.evtx test file.
Returns:
str: the file system path of the test file.
'''
cd = os.path.dirname(__file__)
datadir = os.path.join(cd, 'data')
systempath = os.path.join(datadir, 'system.evtx')
return systempath
@pytest.yield_fixture
def system():
'''
yields the contents of the system.evtx test file.
the returned value is a memory map of the contents,
so it acts pretty much like a byte string.
Returns:
mmap.mmap: the contents of the test file.
'''
p = system_path()
with open(p, 'rb') as f:
with contextlib.closing(mmap.mmap(f.fileno(), 0,
access=mmap.ACCESS_READ)) as buf:
yield buf
@pytest.fixture
def security_path():
'''
fetch the file system path of the security.evtx test file.
Returns:
str: the file system path of the test file.
'''
cd = os.path.dirname(__file__)
datadir = os.path.join(cd, 'data')
secpath = os.path.join(datadir, 'security.evtx')
return secpath
@pytest.yield_fixture
def security():
'''
yields the contents of the security.evtx test file.
the returned value is a memory map of the contents,
so it acts pretty much like a byte string.
Returns:
mmap.mmap: the contents of the test file.
'''
p = security_path()
with open(p, 'rb') as f:
with contextlib.closing(mmap.mmap(f.fileno(), 0,
access=mmap.ACCESS_READ)) as buf:
yield buf
@pytest.fixture
def data_path():
'''
fetch the file system path of the directory containing test files.
Returns:
str: the file system path of the test directory.
'''
cd = os.path.dirname(__file__)
datadir = os.path.join(cd, 'data')
return datadir
|
