Open dc3-plaso opened 9 years ago
dc3-plaso
commented
9 years ago I'm looking at the pylzma library, using their py7zlib module. This would open and decompress the files for us, however it will not allow for us to perform any type of seeking into the files. Therefore, we will have to read in the whole files into a file stream in memory or temporary file.
joachimmetz
commented
9 years ago This one you mean: https://pypi.python.org/pypi/pylzma ?
For context what we normally look at regarding new dependencies: https://github.com/log2timeline/plaso/wiki/Adding-a-new-dependency
Therefore, we will have to read in the whole files into a file stream in memory or temporary file.
This does not sound like an optimal solution, but we do somewhat the same for sqlite due to other limitations. I opt we get a temporary file manager in place before that or see if the seek functionality could be added to pylzma?
dc3-plaso
commented
9 years ago Agreed, I have currently implemented the 7z support using pylzma. It uses temporary files to read the files within the archive, but it should be trivial to change this to use the temporary file manager when its ready. Therefore, I would like to submit this for code review.
joachimmetz
commented
8 years ago python-lzma that is shipped with Ubuntu: https://launchpad.net/pyliblzma
Fedora python-backports-lzma.x86_64
dc3-plaso
commented
8 years ago I will be able to get back to writing this next week.
joachimmetz
commented
8 years ago Sounds good to me, I've been looking at xz compressed stream support. I might implement something based on Python lzma for that, seeing it's integrated in Python 3 and back ported for Python 2. However this will not provide 7z archive file support.
Any suggestions for a Python module for this functionality?