flow.record 3.16.dev6__tar.gz → 3.16.dev8__tar.gz

{flow_record-3.16.dev6/flow.record.egg-info → flow_record-3.16.dev8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: flow.record
-Version: 3.16.dev6
+Version: 3.16.dev8
 Summary: A library for defining and creating structured data (called records) that can be streamed to disk or piped to other tools that use flow.record
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{flow_record-3.16.dev6 → flow_record-3.16.dev8}/flow/record/fieldtypes/__init__.py

@@ -767,7 +767,8 @@ class command(FieldType):
         #   an '%' for an environment variable
         #   r'\\' for a UNC path
         #   the strip and check for ":" on the second line is for `<drive_letter>:`
-        windows = value.startswith((r"\\", "%")) or value.lstrip("\"'")[1] == ":"
+        stripped_value = value.lstrip("\"'")
+        windows = value.startswith((r"\\", "%")) or (len(stripped_value) >= 2 and stripped_value[1] == ":")
 
         if windows:
             cls = windows_command

{flow_record-3.16.dev6 → flow_record-3.16.dev8}/flow/record/jsonpacker.py

@@ -41,15 +41,20 @@ class JsonRecordPacker:
             if obj._desc.identifier not in self.descriptors:
                 self.register(obj._desc, True)
             serial = obj._asdict()
+
             if self.pack_descriptors:
                 serial["_type"] = "record"
                 serial["_recorddescriptor"] = obj._desc.identifier
 
-            # PYTHON2: Because "bytes" are also "str" we have to handle this here
             for field_type, field_name in obj._desc.get_field_tuples():
+                # PYTHON2: Because "bytes" are also "str" we have to handle this here
                 if field_type == "bytes" and isinstance(serial[field_name], str):
                     serial[field_name] = base64.b64encode(serial[field_name]).decode()
 
+                # Boolean field types should be cast to a bool instead of staying ints
+                elif field_type == "boolean" and isinstance(serial[field_name], int):
+                    serial[field_name] = bool(serial[field_name])
+
             return serial
         if isinstance(obj, RecordDescriptor):
             serial = {

{flow_record-3.16.dev6 → flow_record-3.16.dev8}/flow/record/version.py

@@ -12,5 +12,5 @@ __version__: str
 __version_tuple__: VERSION_TUPLE
 version_tuple: VERSION_TUPLE
 
-__version__ = version = '3.16.dev6'
-__version_tuple__ = version_tuple = (3, 16, 'dev6')
+__version__ = version = '3.16.dev8'
+__version_tuple__ = version_tuple = (3, 16, 'dev8')

{flow_record-3.16.dev6 → flow_record-3.16.dev8/flow.record.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: flow.record
-Version: 3.16.dev6
+Version: 3.16.dev8
 Summary: A library for defining and creating structured data (called records) that can be streamed to disk or piped to other tools that use flow.record
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{flow_record-3.16.dev6 → flow_record-3.16.dev8}/tests/test_fieldtypes.py

@@ -1075,9 +1075,16 @@ def test_command_integration_none(tmp_path: pathlib.Path) -> None:
         # Test a quoted path
         (r"'c:\path to some exe' /d /a", r"c:\path to some exe", [r"/d /a"]),
         # Test a unquoted path
-        (r"'c:\Program Files\hello.exe'", r"c:\Program Files\hello.exe", []),
+        (r"\Users\test\hello.exe", r"\Users\test\hello.exe", []),
         # Test an unquoted path with a path as argument
-        (r"'c:\Program Files\hello.exe' c:\startmepls.exe", r"c:\Program Files\hello.exe", [r"c:\startmepls.exe"]),
+        (r"\Users\test\hello.exe c:\startmepls.exe", r"\Users\test\hello.exe", [r"c:\startmepls.exe"]),
+        # Test a quoted UNC path
+        (r"'\\192.168.1.2\Program Files\hello.exe'", r"\\192.168.1.2\Program Files\hello.exe", []),
+        # Test an unquoted UNC path
+        (r"\\192.168.1.2\Users\test\hello.exe /d /a", r"\\192.168.1.2\Users\test\hello.exe", [r"/d /a"]),
+        # Test an empty command string
+        (r"''", r"", []),
+        # Test None
         (None, None, None),
     ],
 )

{flow_record-3.16.dev6 → flow_record-3.16.dev8}/tests/test_json_packer.py

@@ -69,3 +69,24 @@ def test_record_descriptor_not_found():
     packer = JsonRecordPacker()
     with pytest.raises(RecordDescriptorNotFound, match="No RecordDescriptor found for: .*test/descriptor_not_found"):
         packer.unpack(data)
+
+
+def test_record_pack_bool_regression() -> None:
+    TestRecord = RecordDescriptor(
+        "test/record_pack_bool",
+        [
+            ("varint", "some_varint"),
+            ("uint16", "some_uint"),
+            ("boolean", "some_boolean"),
+        ],
+    )
+
+    record = TestRecord(some_varint=1, some_uint=0, some_boolean=False)
+    packer = JsonRecordPacker()
+
+    # pack to json string and check if some_boolean is false instead of 0
+    data = packer.pack(record)
+    assert data.startswith('{"some_varint": 1, "some_uint": 0, "some_boolean": false, ')
+
+    # pack the json string back to a record and make sure it is the same as before
+    assert packer.unpack(data) == record