dissect.cstruct 4.0.dev3__tar.gz → 4.0.dev5__tar.gz

{dissect_cstruct-4.0.dev3/dissect.cstruct.egg-info → dissect_cstruct-4.0.dev5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.cstruct
-Version: 4.0.dev3
+Version: 4.0.dev5
 Summary: A Dissect module implementing a parser for C-like structures: structure parsing in Python made easy
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Apache License 2.0
@@ -84,12 +84,11 @@ refer to [the development guide](https://docs.dissect.tools/en/latest/contributi
 All you need to do is instantiate a new cstruct instance and load some structure definitions in there. After that you can start using them from your Python code.
 
 ```python
-from dissect import cstruct
+from dissect.cstruct import cstruct
 
 # Default endianness is LE, but can be configured using a kwarg or setting the 'endian' attribute
-# e.g. cstruct.cstruct(endian='>') or cparser.endian = '>'
-cparser = cstruct.cstruct()
-cparser.load("""
+# e.g. cstruct(endian='>') or c_parser.endian = '>'
+parser_def = """
 #define SOME_CONSTANT   5
 
 enum Example : uint16 {
@@ -99,31 +98,35 @@ enum Example : uint16 {
 struct some_struct {
     uint8   field_1;
     char    field_2[SOME_CONSTANT];
-    char    field_3[field_1 & 1 * 5];  // Some random expression to calculate array length
+    char    field_3[(field_1 & 1) * 5];  // Some random expression to calculate array length
     Example field_4[2];
 };
-""")
+"""
+c_parser = cstruct().load(parser_def)
 
-data = b'\x01helloworld\x00\x00\x06\x00'
-result = cparser.some_struct(data)  # Also accepts file-like objects
+data = b"\x01helloworld\x00\x00\x06\x00"
+result = c_parser.some_struct(data)  # Also accepts file-like objects
 assert result.field_1 == 0x01
-assert result.field_2 == b'hello'
-assert result.field_3 == b'world'
-assert result.field_4 == [cparser.Example.A, cparser.Example.C]
+assert result.field_2 == b"hello"
+assert result.field_3 == b"world"
+assert result.field_4 == [c_parser.Example.A, c_parser.Example.C]
 
-assert cparser.Example.A == 0
-assert cparser.Example.C == 6
-assert cparser.Example(5) == cparser.Example.B
+assert c_parser.Example.A == 0
+assert c_parser.Example.C == 6
+assert c_parser.Example(5) == c_parser.Example.B
 
 assert result.dumps() == data
 
 # You can also instantiate structures from Python by using kwargs
 # Note that array sizes are not enforced
-instance = cparser.some_struct(field_1=5, field_2='lorem', field_3='ipsum', field_4=[cparser.Example.B, cparser.Example.A])
-assert instance.dumps() == b'\x05loremipsum\x05\x00\x00\x00'
+instance = c_parser.some_struct(
+    field_1=5, field_2="lorem", field_3="ipsum", field_4=[c_parser.Example.B, c_parser.Example.A]
+)
+assert instance.dumps() == b"\x05loremipsum\x05\x00\x00\x00"
+
 ```
 
-By default, all structures are compiled into classes that provide optimised performance. You can disable this by passing a `compiled=False` keyword argument to the `.load()` call. You can also inspect the resulting source code by accessing the source attribute of the structure: `print(cparser.some_struct.source)`.
+By default, all structures are compiled into classes that provide optimised performance. You can disable this by passing a `compiled=False` keyword argument to the `.load()` call. You can also inspect the resulting source code by accessing the source attribute of the structure: `print(c_parser.some_struct.source)`.
 
 More examples can be found in the `examples` directory.
 
@@ -135,20 +138,23 @@ Write simple C-like structures and use them to parse binary data, as can be seen
 Aside from loading structure definitions, any of the supported types can be used individually for parsing data. For example, the following is all supported:
 
 ```python
-from dissect import cstruct
-cs = cstruct.cstruct()
+from dissect.cstruct import cstruct
+
+cs = cstruct()
 # Default endianness is LE, but can be configured using a kwarg or setting the attribute
-# e.g. cstruct.cstruct(endian='>') or cs.endian = '>'
-assert cs.uint32(b'\x05\x00\x00\x00') == 5
-assert cs.uint24[2](b'\x01\x00\x00\x02\x00\x00') == [1, 2]  # You can also parse arrays using list indexing
-assert cs.char[None](b'hello world!\x00') == b'hello world!'  # A list index of None means null terminated
+# e.g. cstruct(endian='>') or cs.endian = '>'
+assert cs.uint32(b"\x05\x00\x00\x00") == 5
+assert cs.uint24[2](b"\x01\x00\x00\x02\x00\x00") == [1, 2]  # You can also parse arrays using list indexing
+assert cs.char[None](b"hello world!\x00") == b"hello world!"  # A list index of None means null terminated
 ```
 
 ### Unions and nested structures
 Unions and nested structures are supported, both anonymous and named.
 
 ```python
-cdef = """
+from dissect.cstruct import cstruct
+
+c_def = """
 struct test_union {
     char magic[4];
     union {
@@ -173,58 +179,61 @@ struct test_anonymous {
     };
 };
 """
-c = cstruct.cstruct()
-c.load(cdef)
+# Default endianness is LE, but can be configured using a kwarg or setting the attribute
+# e.g. cstruct(endian='>') or cs.endian = '>'
+c = cstruct().load(c_def)
 
 assert len(c.test_union) == 12
 
-a = c.test_union(b'ohaideadbeef')
-assert a.magic == b'ohai'
+a = c.test_union(b"ohaideadbeef")
+assert a.magic == b"ohai"
 assert a.c.a.a == 0x64616564
 assert a.c.a.b == 0x66656562
-assert a.c.b.b == b'deadbeef'
+assert a.c.b.b == b"deadbeef"
 
-assert a.dumps() == b'ohaideadbeef'
+assert a.dumps() == b"ohaideadbeef"
 
-b = c.test_anonymous(b'ohai\x39\x05\x00\x00\x28\x23\x00\x00deadbeef')
-assert b.magic == b'ohai'
+b = c.test_anonymous(b"ohai\x39\x05\x00\x00\x28\x23\x00\x00deadbeef")
+assert b.magic == b"ohai"
 assert b.a == 1337
 assert b.b == 9000
-assert b.c == b'deadbeef'
+assert b.c == b"deadbeef"
+
 ```
 
 ### Parse bit fields
 Bit fields are supported as part of structures. They are properly aligned to their boundaries.
 
 ```python
-bitdef = """
+from dissect.cstruct import cstruct
+
+bit_def = """
 struct test {
     uint16  a:1;
-    uint16  b:1;  # Read 2 bits from an uint16
-    uint32  c;    # The next field is properly aligned
+    uint16  b:1;  // Read 2 bits from an uint16
+    uint32  c;    // The next field is properly aligned
     uint16  d:2;
     uint16  e:3;
 };
 """
-bitfields = cstruct.cstruct()
-bitfields.load(bitdef)
+bitfields = cstruct().load(bit_def)
 
-d = b'\x03\x00\xff\x00\x00\x00\x1f\x00'
+d = b"\x03\x00\xff\x00\x00\x00\x1f\x00"
 a = bitfields.test(d)
 
 assert a.a == 0b1
 assert a.b == 0b1
-assert a.c == 0xff
+assert a.c == 0xFF
 assert a.d == 0b11
 assert a.e == 0b111
 assert a.dumps() == d
 ```
 
-### Enums
-The API to access enum members and their values is similar to that of the native Enum type in Python 3. Functionally, it's best comparable to the IntEnum type.
+### Enums and Flags
+The API to access enum and flag members and their values in the same way as the native Enum types in Python 3. Functionally, it's best comparable to the IntEnum or IntFlag type.
 
 ### Custom types
-You can implement your own types by subclassing `BaseType` or `RawType`, and adding them to your cstruct instance with `add_type(name, type)`
+You can implement your own types by subclassing `BaseType`, and adding them to your cstruct instance with `add_custom_type(name, type, size, alignment, ...)`
 
 ### Custom definition parsers
 Don't like the C-like definition syntax? Write your own syntax parser!

{dissect_cstruct-4.0.dev3 → dissect_cstruct-4.0.dev5}/README.md

@@ -59,12 +59,11 @@ refer to [the development guide](https://docs.dissect.tools/en/latest/contributi
 All you need to do is instantiate a new cstruct instance and load some structure definitions in there. After that you can start using them from your Python code.
 
 ```python
-from dissect import cstruct
+from dissect.cstruct import cstruct
 
 # Default endianness is LE, but can be configured using a kwarg or setting the 'endian' attribute
-# e.g. cstruct.cstruct(endian='>') or cparser.endian = '>'
-cparser = cstruct.cstruct()
-cparser.load("""
+# e.g. cstruct(endian='>') or c_parser.endian = '>'
+parser_def = """
 #define SOME_CONSTANT   5
 
 enum Example : uint16 {
@@ -74,31 +73,35 @@ enum Example : uint16 {
 struct some_struct {
     uint8   field_1;
     char    field_2[SOME_CONSTANT];
-    char    field_3[field_1 & 1 * 5];  // Some random expression to calculate array length
+    char    field_3[(field_1 & 1) * 5];  // Some random expression to calculate array length
     Example field_4[2];
 };
-""")
+"""
+c_parser = cstruct().load(parser_def)
 
-data = b'\x01helloworld\x00\x00\x06\x00'
-result = cparser.some_struct(data)  # Also accepts file-like objects
+data = b"\x01helloworld\x00\x00\x06\x00"
+result = c_parser.some_struct(data)  # Also accepts file-like objects
 assert result.field_1 == 0x01
-assert result.field_2 == b'hello'
-assert result.field_3 == b'world'
-assert result.field_4 == [cparser.Example.A, cparser.Example.C]
+assert result.field_2 == b"hello"
+assert result.field_3 == b"world"
+assert result.field_4 == [c_parser.Example.A, c_parser.Example.C]
 
-assert cparser.Example.A == 0
-assert cparser.Example.C == 6
-assert cparser.Example(5) == cparser.Example.B
+assert c_parser.Example.A == 0
+assert c_parser.Example.C == 6
+assert c_parser.Example(5) == c_parser.Example.B
 
 assert result.dumps() == data
 
 # You can also instantiate structures from Python by using kwargs
 # Note that array sizes are not enforced
-instance = cparser.some_struct(field_1=5, field_2='lorem', field_3='ipsum', field_4=[cparser.Example.B, cparser.Example.A])
-assert instance.dumps() == b'\x05loremipsum\x05\x00\x00\x00'
+instance = c_parser.some_struct(
+    field_1=5, field_2="lorem", field_3="ipsum", field_4=[c_parser.Example.B, c_parser.Example.A]
+)
+assert instance.dumps() == b"\x05loremipsum\x05\x00\x00\x00"
+
 ```
 
-By default, all structures are compiled into classes that provide optimised performance. You can disable this by passing a `compiled=False` keyword argument to the `.load()` call. You can also inspect the resulting source code by accessing the source attribute of the structure: `print(cparser.some_struct.source)`.
+By default, all structures are compiled into classes that provide optimised performance. You can disable this by passing a `compiled=False` keyword argument to the `.load()` call. You can also inspect the resulting source code by accessing the source attribute of the structure: `print(c_parser.some_struct.source)`.
 
 More examples can be found in the `examples` directory.
 
@@ -110,20 +113,23 @@ Write simple C-like structures and use them to parse binary data, as can be seen
 Aside from loading structure definitions, any of the supported types can be used individually for parsing data. For example, the following is all supported:
 
 ```python
-from dissect import cstruct
-cs = cstruct.cstruct()
+from dissect.cstruct import cstruct
+
+cs = cstruct()
 # Default endianness is LE, but can be configured using a kwarg or setting the attribute
-# e.g. cstruct.cstruct(endian='>') or cs.endian = '>'
-assert cs.uint32(b'\x05\x00\x00\x00') == 5
-assert cs.uint24[2](b'\x01\x00\x00\x02\x00\x00') == [1, 2]  # You can also parse arrays using list indexing
-assert cs.char[None](b'hello world!\x00') == b'hello world!'  # A list index of None means null terminated
+# e.g. cstruct(endian='>') or cs.endian = '>'
+assert cs.uint32(b"\x05\x00\x00\x00") == 5
+assert cs.uint24[2](b"\x01\x00\x00\x02\x00\x00") == [1, 2]  # You can also parse arrays using list indexing
+assert cs.char[None](b"hello world!\x00") == b"hello world!"  # A list index of None means null terminated
 ```
 
 ### Unions and nested structures
 Unions and nested structures are supported, both anonymous and named.
 
 ```python
-cdef = """
+from dissect.cstruct import cstruct
+
+c_def = """
 struct test_union {
     char magic[4];
     union {
@@ -148,58 +154,61 @@ struct test_anonymous {
     };
 };
 """
-c = cstruct.cstruct()
-c.load(cdef)
+# Default endianness is LE, but can be configured using a kwarg or setting the attribute
+# e.g. cstruct(endian='>') or cs.endian = '>'
+c = cstruct().load(c_def)
 
 assert len(c.test_union) == 12
 
-a = c.test_union(b'ohaideadbeef')
-assert a.magic == b'ohai'
+a = c.test_union(b"ohaideadbeef")
+assert a.magic == b"ohai"
 assert a.c.a.a == 0x64616564
 assert a.c.a.b == 0x66656562
-assert a.c.b.b == b'deadbeef'
+assert a.c.b.b == b"deadbeef"
 
-assert a.dumps() == b'ohaideadbeef'
+assert a.dumps() == b"ohaideadbeef"
 
-b = c.test_anonymous(b'ohai\x39\x05\x00\x00\x28\x23\x00\x00deadbeef')
-assert b.magic == b'ohai'
+b = c.test_anonymous(b"ohai\x39\x05\x00\x00\x28\x23\x00\x00deadbeef")
+assert b.magic == b"ohai"
 assert b.a == 1337
 assert b.b == 9000
-assert b.c == b'deadbeef'
+assert b.c == b"deadbeef"
+
 ```
 
 ### Parse bit fields
 Bit fields are supported as part of structures. They are properly aligned to their boundaries.
 
 ```python
-bitdef = """
+from dissect.cstruct import cstruct
+
+bit_def = """
 struct test {
     uint16  a:1;
-    uint16  b:1;  # Read 2 bits from an uint16
-    uint32  c;    # The next field is properly aligned
+    uint16  b:1;  // Read 2 bits from an uint16
+    uint32  c;    // The next field is properly aligned
     uint16  d:2;
     uint16  e:3;
 };
 """
-bitfields = cstruct.cstruct()
-bitfields.load(bitdef)
+bitfields = cstruct().load(bit_def)
 
-d = b'\x03\x00\xff\x00\x00\x00\x1f\x00'
+d = b"\x03\x00\xff\x00\x00\x00\x1f\x00"
 a = bitfields.test(d)
 
 assert a.a == 0b1
 assert a.b == 0b1
-assert a.c == 0xff
+assert a.c == 0xFF
 assert a.d == 0b11
 assert a.e == 0b111
 assert a.dumps() == d
 ```
 
-### Enums
-The API to access enum members and their values is similar to that of the native Enum type in Python 3. Functionally, it's best comparable to the IntEnum type.
+### Enums and Flags
+The API to access enum and flag members and their values in the same way as the native Enum types in Python 3. Functionally, it's best comparable to the IntEnum or IntFlag type.
 
 ### Custom types
-You can implement your own types by subclassing `BaseType` or `RawType`, and adding them to your cstruct instance with `add_type(name, type)`
+You can implement your own types by subclassing `BaseType`, and adding them to your cstruct instance with `add_custom_type(name, type, size, alignment, ...)`
 
 ### Custom definition parsers
 Don't like the C-like definition syntax? Write your own syntax parser!

{dissect_cstruct-4.0.dev3 → dissect_cstruct-4.0.dev5}/dissect/cstruct/compiler.py

@@ -26,6 +26,7 @@ from dissect.cstruct.types import (
     Wchar,
     WcharArray,
 )
+from dissect.cstruct.types.enum import EnumMetaType
 from dissect.cstruct.types.packed import _struct
 
 if TYPE_CHECKING:
@@ -108,6 +109,7 @@ class _ReadSourceGenerator:
         preamble = """
         r = {}
         s = {}
+        o = stream.tell()
         """
 
         if any(field.bits for field in self.fields):
@@ -149,7 +151,7 @@ class _ReadSourceGenerator:
 
             if field.offset is not None and field.offset != current_offset:
                 # If a field has a set offset and it's not the same as the current tracked offset, seek to it
-                yield f"stream.seek({field.offset})"
+                yield f"stream.seek(o + {field.offset})"
                 current_offset = field.offset
 
             if self.align and field.offset is None:
@@ -158,6 +160,9 @@ class _ReadSourceGenerator:
         for field in self.fields:
             field_type = self.cs.resolve(field.type)
 
+            if isinstance(field_type, EnumMetaType):
+                field_type = field_type.type
+
             if not issubclass(field_type, SUPPORTED_TYPES):
                 raise TypeError(f"Unsupported type for compiler: {field_type}")
 
@@ -190,10 +195,10 @@ class _ReadSourceGenerator:
             # Bit fields
             elif field.bits:
                 if not prev_was_bits:
-                    prev_bits_type = field.type
+                    prev_bits_type = field_type
                     prev_was_bits = True
 
-                if bits_remaining == 0 or prev_bits_type != field.type:
+                if bits_remaining == 0 or prev_bits_type != field_type:
                     bits_remaining = (size * 8) - field.bits
                     bits_rollover = True
 

{dissect_cstruct-4.0.dev3 → dissect_cstruct-4.0.dev5/dissect.cstruct.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.cstruct
-Version: 4.0.dev3
+Version: 4.0.dev5
 Summary: A Dissect module implementing a parser for C-like structures: structure parsing in Python made easy
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Apache License 2.0
@@ -84,12 +84,11 @@ refer to [the development guide](https://docs.dissect.tools/en/latest/contributi
 All you need to do is instantiate a new cstruct instance and load some structure definitions in there. After that you can start using them from your Python code.
 
 ```python
-from dissect import cstruct
+from dissect.cstruct import cstruct
 
 # Default endianness is LE, but can be configured using a kwarg or setting the 'endian' attribute
-# e.g. cstruct.cstruct(endian='>') or cparser.endian = '>'
-cparser = cstruct.cstruct()
-cparser.load("""
+# e.g. cstruct(endian='>') or c_parser.endian = '>'
+parser_def = """
 #define SOME_CONSTANT   5
 
 enum Example : uint16 {
@@ -99,31 +98,35 @@ enum Example : uint16 {
 struct some_struct {
     uint8   field_1;
     char    field_2[SOME_CONSTANT];
-    char    field_3[field_1 & 1 * 5];  // Some random expression to calculate array length
+    char    field_3[(field_1 & 1) * 5];  // Some random expression to calculate array length
     Example field_4[2];
 };
-""")
+"""
+c_parser = cstruct().load(parser_def)
 
-data = b'\x01helloworld\x00\x00\x06\x00'
-result = cparser.some_struct(data)  # Also accepts file-like objects
+data = b"\x01helloworld\x00\x00\x06\x00"
+result = c_parser.some_struct(data)  # Also accepts file-like objects
 assert result.field_1 == 0x01
-assert result.field_2 == b'hello'
-assert result.field_3 == b'world'
-assert result.field_4 == [cparser.Example.A, cparser.Example.C]
+assert result.field_2 == b"hello"
+assert result.field_3 == b"world"
+assert result.field_4 == [c_parser.Example.A, c_parser.Example.C]
 
-assert cparser.Example.A == 0
-assert cparser.Example.C == 6
-assert cparser.Example(5) == cparser.Example.B
+assert c_parser.Example.A == 0
+assert c_parser.Example.C == 6
+assert c_parser.Example(5) == c_parser.Example.B
 
 assert result.dumps() == data
 
 # You can also instantiate structures from Python by using kwargs
 # Note that array sizes are not enforced
-instance = cparser.some_struct(field_1=5, field_2='lorem', field_3='ipsum', field_4=[cparser.Example.B, cparser.Example.A])
-assert instance.dumps() == b'\x05loremipsum\x05\x00\x00\x00'
+instance = c_parser.some_struct(
+    field_1=5, field_2="lorem", field_3="ipsum", field_4=[c_parser.Example.B, c_parser.Example.A]
+)
+assert instance.dumps() == b"\x05loremipsum\x05\x00\x00\x00"
+
 ```
 
-By default, all structures are compiled into classes that provide optimised performance. You can disable this by passing a `compiled=False` keyword argument to the `.load()` call. You can also inspect the resulting source code by accessing the source attribute of the structure: `print(cparser.some_struct.source)`.
+By default, all structures are compiled into classes that provide optimised performance. You can disable this by passing a `compiled=False` keyword argument to the `.load()` call. You can also inspect the resulting source code by accessing the source attribute of the structure: `print(c_parser.some_struct.source)`.
 
 More examples can be found in the `examples` directory.
 
@@ -135,20 +138,23 @@ Write simple C-like structures and use them to parse binary data, as can be seen
 Aside from loading structure definitions, any of the supported types can be used individually for parsing data. For example, the following is all supported:
 
 ```python
-from dissect import cstruct
-cs = cstruct.cstruct()
+from dissect.cstruct import cstruct
+
+cs = cstruct()
 # Default endianness is LE, but can be configured using a kwarg or setting the attribute
-# e.g. cstruct.cstruct(endian='>') or cs.endian = '>'
-assert cs.uint32(b'\x05\x00\x00\x00') == 5
-assert cs.uint24[2](b'\x01\x00\x00\x02\x00\x00') == [1, 2]  # You can also parse arrays using list indexing
-assert cs.char[None](b'hello world!\x00') == b'hello world!'  # A list index of None means null terminated
+# e.g. cstruct(endian='>') or cs.endian = '>'
+assert cs.uint32(b"\x05\x00\x00\x00") == 5
+assert cs.uint24[2](b"\x01\x00\x00\x02\x00\x00") == [1, 2]  # You can also parse arrays using list indexing
+assert cs.char[None](b"hello world!\x00") == b"hello world!"  # A list index of None means null terminated
 ```
 
 ### Unions and nested structures
 Unions and nested structures are supported, both anonymous and named.
 
 ```python
-cdef = """
+from dissect.cstruct import cstruct
+
+c_def = """
 struct test_union {
     char magic[4];
     union {
@@ -173,58 +179,61 @@ struct test_anonymous {
     };
 };
 """
-c = cstruct.cstruct()
-c.load(cdef)
+# Default endianness is LE, but can be configured using a kwarg or setting the attribute
+# e.g. cstruct(endian='>') or cs.endian = '>'
+c = cstruct().load(c_def)
 
 assert len(c.test_union) == 12
 
-a = c.test_union(b'ohaideadbeef')
-assert a.magic == b'ohai'
+a = c.test_union(b"ohaideadbeef")
+assert a.magic == b"ohai"
 assert a.c.a.a == 0x64616564
 assert a.c.a.b == 0x66656562
-assert a.c.b.b == b'deadbeef'
+assert a.c.b.b == b"deadbeef"
 
-assert a.dumps() == b'ohaideadbeef'
+assert a.dumps() == b"ohaideadbeef"
 
-b = c.test_anonymous(b'ohai\x39\x05\x00\x00\x28\x23\x00\x00deadbeef')
-assert b.magic == b'ohai'
+b = c.test_anonymous(b"ohai\x39\x05\x00\x00\x28\x23\x00\x00deadbeef")
+assert b.magic == b"ohai"
 assert b.a == 1337
 assert b.b == 9000
-assert b.c == b'deadbeef'
+assert b.c == b"deadbeef"
+
 ```
 
 ### Parse bit fields
 Bit fields are supported as part of structures. They are properly aligned to their boundaries.
 
 ```python
-bitdef = """
+from dissect.cstruct import cstruct
+
+bit_def = """
 struct test {
     uint16  a:1;
-    uint16  b:1;  # Read 2 bits from an uint16
-    uint32  c;    # The next field is properly aligned
+    uint16  b:1;  // Read 2 bits from an uint16
+    uint32  c;    // The next field is properly aligned
     uint16  d:2;
     uint16  e:3;
 };
 """
-bitfields = cstruct.cstruct()
-bitfields.load(bitdef)
+bitfields = cstruct().load(bit_def)
 
-d = b'\x03\x00\xff\x00\x00\x00\x1f\x00'
+d = b"\x03\x00\xff\x00\x00\x00\x1f\x00"
 a = bitfields.test(d)
 
 assert a.a == 0b1
 assert a.b == 0b1
-assert a.c == 0xff
+assert a.c == 0xFF
 assert a.d == 0b11
 assert a.e == 0b111
 assert a.dumps() == d
 ```
 
-### Enums
-The API to access enum members and their values is similar to that of the native Enum type in Python 3. Functionally, it's best comparable to the IntEnum type.
+### Enums and Flags
+The API to access enum and flag members and their values in the same way as the native Enum types in Python 3. Functionally, it's best comparable to the IntEnum or IntFlag type.
 
 ### Custom types
-You can implement your own types by subclassing `BaseType` or `RawType`, and adding them to your cstruct instance with `add_type(name, type)`
+You can implement your own types by subclassing `BaseType`, and adding them to your cstruct instance with `add_custom_type(name, type, size, alignment, ...)`
 
 ### Custom definition parsers
 Don't like the C-like definition syntax? Write your own syntax parser!

{dissect_cstruct-4.0.dev3 → dissect_cstruct-4.0.dev5}/tests/test_bitfield.py

@@ -1,3 +1,5 @@
+import io
+
 import pytest
 
 from dissect.cstruct.cstruct import cstruct
@@ -265,3 +267,31 @@ def test_bitfield_char(cs: cstruct, compiled: bool) -> None:
     assert obj.d == b"i420"
 
     assert obj.dumps() == buf
+
+
+def test_bitfield_dynamic(cs: cstruct, compiled: bool) -> None:
+    cdef = """
+    enum A : uint16 {
+        A = 0x0
+    };
+
+    struct test {
+        uint16  size : 4;
+        A       b : 4;
+        char    d[size];
+    };
+    """
+
+    cs.load(cdef, compiled=compiled)
+    assert verify_compiled(cs.test, compiled)
+
+    buf = io.BytesIO(b"\x00\x00\xF4\x00help")
+    buf.seek(2)
+    obj = cs.test(buf)
+
+    assert obj.size == 4
+    assert obj.b == 0xF
+    assert obj.d == b"help"
+
+    buf.seek(2)
+    assert obj.dumps() == buf.read()

{dissect_cstruct-4.0.dev3 → dissect_cstruct-4.0.dev5}/tests/test_compiler.py

@@ -323,4 +323,81 @@ def test_generate_bits_read(cs: cstruct, TestEnum: type[Enum]) -> None:
     assert code == dedent(expected)
 
 
-# TODO: the rest of the compiler
+@pytest.mark.parametrize("other_type", ["int8", "uint64"])
+def test_generate_fields_dynamic_after_bitfield(cs: cstruct, TestEnum: Enum, other_type: str) -> None:
+    _type = getattr(cs, other_type)
+
+    fields = [
+        Field("size", cs.uint16, offset=0),
+        Field("a", TestEnum, 4, offset=2),
+        Field("b", _type, 4),
+        Field("c", cs.char["size"], offset=3),
+    ]
+
+    output = "\n".join(compiler._ReadSourceGenerator(cs, fields)._generate_fields())
+
+    expected = """
+    buf = stream.read(2)
+    if len(buf) != 2: raise EOFError()
+    data = _struct(cls.cs.endian, "H").unpack(buf)
+
+    r["size"] = type.__call__(_0, data[0])
+    s["size"] = 2
+
+
+    _t = _1
+    r["a"] = type.__call__(_t, bit_reader.read(_t.type, 4))
+
+
+    _t = _2
+    r["b"] = type.__call__(_t, bit_reader.read(_t, 4))
+
+    bit_reader.reset()
+    stream.seek(o + 3)
+
+    _s = stream.tell()
+    r["c"] = _3._read(stream, context=r)
+    s["c"] = stream.tell() - _s
+    """
+
+    assert output.strip() == dedent(expected).strip()
+
+
+@pytest.mark.parametrize("other_type", ["int8", "uint64"])
+def test_generate_fields_dynamic_before_bitfield(cs: cstruct, TestEnum: Enum, other_type: str) -> None:
+    _type = getattr(cs, other_type)
+
+    fields = [
+        Field("size", cs.uint16, offset=0),
+        Field("a", _type, 4, offset=2),
+        Field("b", TestEnum, 4),
+        Field("c", cs.char["size"], offset=3),
+    ]
+
+    output = "\n".join(compiler._ReadSourceGenerator(cs, fields)._generate_fields())
+
+    expected = """
+    buf = stream.read(2)
+    if len(buf) != 2: raise EOFError()
+    data = _struct(cls.cs.endian, "H").unpack(buf)
+
+    r["size"] = type.__call__(_0, data[0])
+    s["size"] = 2
+
+
+    _t = _1
+    r["a"] = type.__call__(_t, bit_reader.read(_t, 4))
+
+
+    _t = _2
+    r["b"] = type.__call__(_t, bit_reader.read(_t.type, 4))
+
+    bit_reader.reset()
+    stream.seek(o + 3)
+
+    _s = stream.tell()
+    r["c"] = _3._read(stream, context=r)
+    s["c"] = stream.tell() - _s
+    """
+
+    assert output.strip() == dedent(expected).strip()