# This file is Copyright 2019 Volatility Foundation and licensed under the Volatility Software License 1.0
# which is available at https://www.volatilityfoundation.org/license/vsl-v1.0
#
"""Volatility 3 - An open-source memory forensics framework"""
import sys
from importlib import abc
from typing import List, TypeVar, Callable
_T = TypeVar("_T")
_S = TypeVar("_S")
[docs]class classproperty(object):
"""Class property decorator.
Note this will change the return type
"""
def __init__(self, func: Callable[[_S], _T]) -> None:
self._func = func
def __get__(self, _owner_self, owner_cls: _S) -> _T:
return self._func(owner_cls)
[docs]class WarningFindSpec(abc.MetaPathFinder):
"""Checks import attempts and throws a warning if the name shouldn't be
used."""
[docs] @staticmethod
def find_spec(fullname: str, path, target = None):
"""Mock find_spec method that just checks the name, this must go
first."""
if fullname.startswith("volatility.framework.plugins."):
warning = "Please do not use the volatility.framework.plugins namespace directly, only use volatility.plugins"
# Pyinstaller uses pkgutil to import, but needs to read the modules to figure out dependencies
# As such, we only print the warning when directly imported rather than being run from a script
if 'pkgutil' not in sys.modules:
raise Warning(warning)
warning_find_spec = [WarningFindSpec()] # type: List[abc.MetaPathFinder]
sys.meta_path = warning_find_spec + sys.meta_path
# We point the volatility.plugins __path__ variable at BOTH
# volatility/plugins
# volatility/framework/plugins
# in that order.
#
# This will allow our users to override any component of any plugin without monkey patching,
# but it also allows us to clear out the plugins directory to get back to proper functionality.
# This offered the greatest flexibility for users whilst allowing us to keep the core separate and clean.
#
# This means that all plugins should be imported as volatility.plugins (otherwise they'll be imported twice,
# once as volatility.plugins.NAME and once as volatility.framework.plugins.NAME). We therefore throw an error
# if anyone tries to import anything under the volatility.framework.plugins.* namespace
#
# The remediation is to only ever import form volatility.plugins instead.