exception parsing unicode string with modscan2

[GoogleCodeExporter]

Hey guys, 

There are two versions of parse_string (FileScan.parse_string and 
ModScan2.parse_string). When using the modscan2 command, I ran into this issue:

Traceback (most recent call last):
  File "volatility.py", line 129, in <module>
    main()
  File "volatility.py", line 120, in main
    command.execute()
  File "/data/volatility/volatility/commands.py", line 101, in execute
    func(outfd, data)
  File "/data/volatility/plugins/modscan2.py", line 97, in render_text
    self.parse_string(ldr_entry.BaseDllName)))
UnicodeEncodeError: 'ascii' codec can't encode characters in position 0-3: 
ordinal not in range(128)

The module being printed at the time is not identified by modscan, so it makes 
sense that there may be some invalid characters around. However, when I replace 
the ModScan2.parse_string with the FileScan.parse_string, it doesn't error out:

\SystemRoot\system32\DRIVERS\swenum.sys            0x00f9eac000 0x002000 
swenum.sys
\SystemRoot\system32\drivers\kmixer.sys            0x00f0345000 0x02a000 
kmixer.sys
䃘膟Ẩ\REGISTRY\MACHINE\SYSTEM\Con
TOOLS.CO  0x00f9ef2000 0x002000 splitter.sys
\SystemRoot\System32\drivers\dxg.sys               0x00bf9c1000 0x012000 dxg.sys
\SystemRoot\system32\DRIVERS\raspptp.sys           0x00f9b1c000 0x00c000 
raspptp.sys

So there are some still invalid characters, but that's unavoidable. At least 
using the FileScan's version of parse_string though, the scanner keeps going. 

Original issue reported on code.google.com by michael.hale@gmail.com on 14 Oct 2010 at 9:20

[GoogleCodeExporter]

This issue was closed by revision r496.

Original comment by mike.auty@gmail.com on 14 Oct 2010 at 10:44

• Changed state: Fixed