procmemdump crashes if prevsect is None

[GoogleCodeExporter]

Suppose we have the following process:

$ ./volatility.py psscan -f ds_fuzz_hidden_proc.img --profile=WinXPSP3x86 
--no-cache
Volatile Systems Volatility Framework 1.4_rc1

PID    PPID   Time created      Offset     PDB        Remarks
------ ------ ------------------------ ------------------------ 
992    660 2008-11-15 23:43:25  0x0181b748 0x08140260 alg.exe

$ ./volatility.py procmemdump -f ds_fuzz_hidden_proc.img 
--dump-dir=extracted_files/ -o 0x0181b748 --profile=WinXPSP3x86 --no-cache
Volatile Systems Volatility Framework 1.4_rc1
************************************************************************
Dumping alg.exe, pid:    992 output: executable.992.exe
Traceback (most recent call last):
  File "./volatility.py", line 126, in <module>
    main()
  File "./volatility.py", line 117, in main
    command.execute()
  File "TESTING/vol_1.4/volatility/commands.py", line 101, in execute
    func(outfd, data)
  File "TESTING/vol_1.4/volatility/plugins/procdump.py", line 61, in render_text
    for chunk in self.get_image(outfd, task.get_process_address_space(), task.Peb.ImageBaseAddress):
  File "TESTING/vol_1.4/volatility/plugins/procdump.py", line 203, in get_image
    sect_sizes.append(self.round(prevsect.Misc.VirtualSize, sa, up = True))
AttributeError: 'NoneType' object has no attribute 'Misc'

if you change line 203 to the following, it doesn't crash:

203         if prevsect is not None:
204             sect_sizes.append(self.round(prevsect.Misc.VirtualSize, sa, up 
= True))

Original issue reported on code.google.com by jamie.l...@gmail.com on 23 Dec 2010 at 7:45

[GoogleCodeExporter]

This issue was closed by revision r571.

Original comment by mike.auty@gmail.com on 23 Dec 2010 at 7:58

• Changed state: Fixed

[GoogleCodeExporter]

Thanks Jamie, all fixed!  5:)

Original comment by mike.auty@gmail.com on 23 Dec 2010 at 7:59