sample python script for winpmem doesn't work to dump memory on 32 bit systems

[GoogleCodeExporter]

What steps will reproduce the problem?
1. pull down latest version of winpmem
2. execute winpmem.py -d binaries\winpmem_32.sys -f dump.raw
3. The dump.raw file created ends being of size 0kb

What is the expected output? What do you see instead?
The dump.raw file should be a full memory dump of the system

What version of the product are you using? On what operating system?
windows XP 32 bit. winpmem.py rev: r2776

Please provide any additional information below.
to fix the problem add self.run.append((start,length)) to line 82 of the 
script. 
like so:
        for x in range(number_of_runs):
            start, length = struct.unpack_from("QQ", result, x * 16 + offset)
            print "0x%X\t\t0x%X" % (start, length)
            self.runs.append((start,length))

Original issue reported on code.google.com by Mat.Heik...@gmail.com on 22 Nov 2012 at 1:52

[GoogleCodeExporter]

Original comment by mike.auty@gmail.com on 22 Nov 2012 at 7:56

[GoogleCodeExporter]

This seems to be because the winpmem.py sample code was not updated correctly 
to use the final version of the new IO control interface. I copied the relevant 
code from the win32.py address space in r2804.

Original comment by scude...@gmail.com on 22 Nov 2012 at 10:18

[GoogleCodeExporter]

Guys, can we close this issue? 

Original comment by michael.hale@gmail.com on 3 Jan 2013 at 11:17

[GoogleCodeExporter]

I'm guessing we can...

Original comment by michael.hale@gmail.com on 11 Jan 2013 at 3:18

• Changed state: Done