From cb0c3a01f2ebb27e16d8bca2fdd7ddbbb7584624 Mon Sep 17 00:00:00 2001
From: unknown <nisargsuthar12@gmail.com>
Date: Sat, 8 Jul 2023 23:07:52 +0530
Subject: [PATCH] Handle hash & non-hash variant 2s

---
 colors.py   | 102 ++++++++++++++++++++++++++--------------------------
 prefetch.py |  95 ++++++++++++------------------------------------
 2 files changed, 72 insertions(+), 125 deletions(-)

diff --git a/colors.py b/colors.py
index 7f47047..2f79985 100644
--- a/colors.py
+++ b/colors.py
@@ -9,70 +9,68 @@
 "neonblue": "[color=4D4DFF]",
 "seagreen": "[color=238E68]",
 "irishflag": "[color=009900]",
-"aquarium": "[color=2FAA96]",
-"picassoblue": "[color=0276FD]",
-"permanentgreen": "[color=0AC92B]",
+"sapgreen": "[color=308014]",
+"indigo": "[color=2E0854]",
+"aqua": "[color=00FFFF]",
+"dodgerblue2": "[color=1C86EE]",
 "mediumblue": "[color=3232CC]",
-"seagreen2": "[color=4EEE94]",
-"aquamarine": "[color=4E78A0]",
-"truegreen": "[color=00AF33]",
-"manganeseblue": "[color=03A89E]",
+"newmidnightblue": "[color=00009C]",
+"bottlegreen": "[color=1DA237]",
+"stlouisblues": "[color=2C5197]",
+"atlanticgreen": "[color=2A8E82]",
+"tynant": "[color=0147FA]",
+"magenta3": "[color=CD00CD]",
+"mouthwash": "[color=01C5BB]",
+"forestgreen": "[color=228B22]",
 "steelblue": "[color=236B8E]",
+"presidentialblue": "[color=302B54]",
 "indigo2": "[color=218868]",
-"newmidnightblue": "[color=00009C]",
-"alaskasky": "[color=1B3F8B]",
-"dodgerblue2": "[color=1C86EE]",
-"lizeyes": "[color=325C74]",
-"cichlid": "[color=003EFF]",
+"permanentgreen": "[color=0AC92B]",
+"pabstblue": "[color=283A90]",
+"policestrobe": "[color=0BB5FF]",
+"bankerslamp": "[color=0E8C3A]",
+"seagreen2": "[color=4EEE94]",
+"grass": "[color=4DBD33]",
 "deepskyblue": "[color=00BFFF]",
-"bluestone": "[color=50729F]",
-"turquoise1": "[color=00F5FF]",
-"magenta3": "[color=CD00CD]",
-"seagreen": "[color=068481]",
 "springgreen4": "[color=008B45]",
-"gardenhose": "[color=138F6A]",
-"grass": "[color=4DBD33]",
-"mediumspringgreen": "[color=00FA9A]",
-"tealLED": "[color=05EDFF]",
-"sapgreen": "[color=308014]",
-"stlouisblues": "[color=2C5197]",
-"midnightblue": "[color=2F2F4F]",
-"cyan2": "[color=00EEEE]",
-"atlanticgreen": "[color=2A8E82]",
-"bottlegreen": "[color=1DA237]",
+"aquarium": "[color=2FAA96]",
+"bluestone": "[color=50729F]",
+"lizeyes": "[color=325C74]",
+"manganeseblue": "[color=03A89E]",
+"gummigreen": "[color=24D330]",
+"stainedglass": "[color=2E37FE]",
+"YInMnblue": "[color=2E5090]",
+"turquoise4": "[color=00868B]",
+"mailbox": "[color=3063A5]",
+"deepskyblue2": "[color=00B2EE]",
 "emeraldgreen": "[color=00C957]",
-"neonavocado": "[color=00FF66]",
-"presidentialblue": "[color=302B54]",
-"celtics": "[color=00611C]",
+"maltablue": "[color=517693]",
 "mediumblue": "[color=0000CD]",
 "huntergreen": "[color=215E21]",
-"gummigreen": "[color=24D330]",
-"aqua": "[color=00FFFF]",
+"midnightblue": "[color=2F2F4F]",
+"aquamarine": "[color=4E78A0]",
+"blueangels": "[color=2B4F81]",
 "teal": "[color=008080]",
+"seagreen": "[color=068481]",
+"pooltable": "[color=31B94D]",
+"lampblack": "[color=2E473B]",
+"royalblue4": "[color=27408B]",
 "turquoise2": "[color=00E5EE]",
-"forestgreen": "[color=228B22]",
-"indigo": "[color=2E0854]",
-"turquoiseblue": "[color=00C78C]",
-"stainedglass": "[color=2E37FE]",
-"pabstblue": "[color=283A90]",
 "dodgerblue4": "[color=104E8B]",
-"lampblack": "[color=2E473B]",
-"pooltable": "[color=31B94D]",
-"deepskyblue3": "[color=009ACD]",
-"blueangels": "[color=2B4F81]",
-"turquoise": "[color=0FDDAF]",
-"springgreen": "[color=00FF33]",
-"turquoise4": "[color=00868B]",
-"mailbox": "[color=3063A5]",
-"tynant": "[color=0147FA]",
-"mouthwash": "[color=01C5BB]",
-"maltablue": "[color=517693]",
-"bankerslamp": "[color=0E8C3A]",
-"YInMnblue": "[color=2E5090]",
 "springgreen3": "[color=00CD66]",
-"policestrobe": "[color=0BB5FF]",
-"royalblue4": "[color=27408B]",
-"deepskyblue2": "[color=00B2EE]",
+"celtics": "[color=00611C]",
+"truegreen": "[color=00AF33]",
+"springgreen": "[color=00FF33]",
+"turquoiseblue": "[color=00C78C]",
+"turquoise1": "[color=00F5FF]",
+"neonavocado": "[color=00FF66]",
+"deepskyblue3": "[color=009ACD]",
+"tealLED": "[color=05EDFF]",
+"alaskasky": "[color=1B3F8B]",
+"mediumspringgreen": "[color=00FA9A]",
+"cyan2": "[color=00EEEE]",
+"picassoblue": "[color=0276FD]",
+"gardenhose": "[color=138F6A]",
 "indigodye": "[color=0D4F8B]",
 "6ball": "[color=1B6453]",
 "turquoise3": "[color=00C5CD]",
diff --git a/prefetch.py b/prefetch.py
index 3803762..19decd5 100644
--- a/prefetch.py
+++ b/prefetch.py
@@ -41,15 +41,6 @@ def prefetchTemplate(file_path):
 	prefetchmarkers.append("\n+4 Volumes information offset\n")
 	prefetchmarkers.append("\n+4 Number of volumes\n")
 	prefetchmarkers.append("\n+4 Volumes information size\n")
-	
-	# sharedFileInfoByVar1AndVer26 = []
-	# sharedFileInfoByVar1AndVer26.append("\n+8 Unknown (Empty values)\n")
-	# sharedFileInfoByVar1AndVer26.append("\n+64 (8 * 8) Last run time(s)\nContains FILETIMEs, or 0 if not set\nThe first FILETIME is the most recent run time\n")
-	# sharedFileInfoByVar1AndVer26.append("\n+16 Unknown\nMostly empty values but seem to get filled the run after the 8 last run times have been filled.\nCould be remnant values.\n")
-	# sharedFileInfoByVar1AndVer26.append("\n+4 Run count\n")
-	# sharedFileInfoByVar1AndVer26.append("\n+4 Unknown\nSeen: 0x01, 0x02, 0x07\n")
-	# sharedFileInfoByVar1AndVer26.append("\n+4 Unknown\nSeen: 0x00, 0x03\n")
-	# sharedFileInfoByVar1AndVer26.append("\n+88 Unknown (Empty values)\n")
 
 	# sharedFileMetricsByVer232630 = []
 	# sharedFileMetricsByVer232630.append("\n+4 Unknown (Prefetch start time in ms?)\nCould be the index into the trace chain array as well, is this relationship implicit or explicit?\n")
@@ -94,9 +85,6 @@ def prefetchTemplate(file_path):
 			filemetricssize = numberoffilemetricsentries * 20 # 20 bytes per entry.
 			filemetrics = [[1, filemetricssize]]
 			prefetchmarkers.append("\n+{} File metrics array\n".format(filemetricssize))
-			# filemetricsentrybytemask = [4, 4, 4, 4, 4]
-			# filemetricsentry = generateEntriesFromByteMask(filemetricsentrybytemask, numberoffilemetricsentries * len(filemetricsentrybytemask))
-
 			# prefetchmarkers.append("\nUnknown (Prefetch start time in ms?)\nCould be the index into the trace chain array as well, is this relationship implicit or explicit?\n")
 			# prefetchmarkers.append("\nUnknown (Prefetch duration in ms?)\nCould be the number of entries in the trace chain as well, is this relationship implicit or explicit?\n")
 			# prefetchmarkers.append("\nFilename string offset\nThe offset is relative to the start of the filename strings\n")
@@ -105,8 +93,6 @@ def prefetchTemplate(file_path):
 
 			tracechainssize = numberoftracechainsentries * 12
 			tracechains = [[1, tracechainssize]]
-			# tracechainsentrybytemask = [4, 4, 1, 1, 2]
-			# tracechainsentry = generateEntriesFromByteMask(tracechainsentrybytemask, numberoftracechainsentries * len(tracechainsentrybytemask))
 
 			# prefetchmarkers.extend(sharedTraceChainsByVer172326)
 			prefetchmarkers.append("\n+{} Trace chains array\n".format(tracechainssize))
@@ -121,95 +107,77 @@ def prefetchTemplate(file_path):
 			prefetchmarkers.append("\n+4 Run count\n")
 			prefetchmarkers.append("\n+4 Unknown\nSeen: 0x01\n")
 			prefetchmarkers.append("\n+80 Unknown (Empty values)\n")
-
 			filemetricssize = numberoffilemetricsentries * 32
 			filemetrics = [[1, filemetricssize]]
 			prefetchmarkers.append("\n+{} File metrics array\n".format(filemetricssize))
-			# filemetricsentrybytemask = [4, 4, 4, 4, 4, 4, 8]
-			# filemetricsentry = generateEntriesFromByteMask(filemetricsentrybytemask, numberoffilemetricsentries * len(filemetricsentrybytemask))
-
 			# prefetchmarkers.extend(sharedFileMetricsByVer232630)
-
 			tracechainssize = numberoftracechainsentries * 12
 			tracechains = [[1, tracechainssize]]
-			# tracechainsentrybytemask = [4, 4, 1, 1, 2]
-			# tracechainsentry = generateEntriesFromByteMask(tracechainsentrybytemask, numberoftracechainsentries * len(tracechainsentrybytemask))
-
 			# prefetchmarkers.extend(sharedTraceChainsByVer172326)
 			prefetchmarkers.append("\n+{} Trace chains array\n".format(tracechainssize))
 
-
 		case "1A000000":
 			# Was 8.1 > PFV 26
 			fileinfo = [[1, 4], [5, 4], [9, 4], [13, 4], [17, 4], [21, 4], [25, 4], [29, 4], [33, 4], [37, 8], [45, 64], [109, 16], [125, 4], [129, 4], [133, 4], [137, 88]]
 			fileinfosize = 224
-			prefetchmarkers.extend(sharedFileInfoByVar1AndVer26)
-			
+			prefetchmarkers.append("\n+8 Unknown (Empty values)\n")
+			prefetchmarkers.append("\n+64 (8 * 8) Last run time(s)\nContains FILETIMEs, or 0 if not set\nThe first FILETIME is the most recent run time\n")
+			prefetchmarkers.append("\n+16 Unknown\nMostly empty values but seem to get filled the run after the 8 last run times have been filled.\nCould be remnant values.\n")
+			prefetchmarkers.append("\n+4 Run count\n")
+			prefetchmarkers.append("\n+4 Unknown\nSeen: 0x01, 0x02, 0x07\n")
+			prefetchmarkers.append("\n+4 Unknown\nSeen: 0x00, 0x03\n")
+			prefetchmarkers.append("\n+88 Unknown (Empty values)\n")
 			filemetricssize = numberoffilemetricsentries * 32
 			filemetrics = [[1, filemetricssize]]
 			prefetchmarkers.append("\n+{} File metrics array\n".format(filemetricssize))
-			# filemetricsentrybytemask = [4, 4, 4, 4, 4, 4, 8]
-			# filemetricsentry = generateEntriesFromByteMask(filemetricsentrybytemask, numberoffilemetricsentries * len(filemetricsentrybytemask))
-
 			# prefetchmarkers.extend(sharedFileMetricsByVer232630)
-
 			tracechainssize = numberoftracechainsentries * 12
 			tracechains = [[1, tracechainssize]]
-			# tracechainsentrybytemask = [4, 4, 1, 1, 2]
-			# tracechainsentry = generateEntriesFromByteMask(tracechainsentrybytemask, numberoftracechainsentries * len(tracechainsentrybytemask))
-
 			# prefetchmarkers.extend(sharedTraceChainsByVer172326)
 			prefetchmarkers.append("\n+{} Trace chains array\n".format(tracechainssize))
 
-
 		case "1E000000":
 			# Was 10 or 11 > PFV 30
 			variant = "".join(hexdata[b] for b in range(84, 88)).upper()
+			prefetchmarkers.append("\n+8 Unknown (Empty values)\n")
+			prefetchmarkers.append("\n+64 (8 * 8) Last run time(s)\nContains FILETIMEs, or 0 if not set\nThe first FILETIME is the most recent run time\n")
 
 			match variant:
 				case "30010000":
 					# Variant 1
 					hso = "".join(hexdata[b] for b in range(220, 224)).upper()
 					if hso == "00000000":
-						# Since both hash and non-hash variant 1 files have fileinfosize of 220.
 						fileinfo = [[1, 4], [5, 4], [9, 4], [13, 4], [17, 4], [21, 4], [25, 4], [29, 4], [33, 4], [37, 8], [45, 64], [109, 16], [125, 4], [129, 4], [133, 4], [137, 84]]
 					else:
 						hashstringexists = True
 						fileinfo = [[1, 4], [5, 4], [9, 4], [13, 4], [17, 4], [21, 4], [25, 4], [29, 4], [33, 4], [37, 8], [45, 64], [109, 16], [125, 4], [129, 4], [133, 4], [137, 4], [141, 4], [145, 76]]
 					fileinfosize = 220
-					prefetchmarkers.append("\n+8 Unknown (Empty values)\n")
-					prefetchmarkers.append("\n+64 (8 * 8) Last run time(s)\nContains FILETIMEs, or 0 if not set\nThe first FILETIME is the most recent run time\n")
 					prefetchmarkers.append("\n+16 Unknown\nMostly empty values but seem to get filled the run after the 8 last run times have been filled.\nCould be remnant values.\n")
 					prefetchmarkers.append("\n+4 Run count\n")
 					prefetchmarkers.append("\n+4 Unknown\nSeen: 0x01, 0x02, 0x07\n")
 					prefetchmarkers.append("\n+4 Unknown\nSeen: 0x00, 0x03\n")
-					if hashstringexists:
-						prefetchmarkers.append("\n+4 Hash string offset\n")
-						prefetchmarkers.append("\n+4 Hash string size\n")
-						prefetchmarkers.append("\n+76 Unknown (Empty values)\n")
-					else:
-						prefetchmarkers.append("\n+84 Unknown (Empty values)\n")
 				case "28010000":
 					# Variant 2
-					hashstringexists = True
-					fileinfo = [[1, 4], [5, 4], [9, 4], [13, 4], [17, 4], [21, 4], [25, 4], [29, 4], [33, 4], [37, 8], [45, 64], [109, 8], [117, 4], [121, 4], [125, 4], [129, 4], [133, 4], [137, 76]]
+					hso = "".join(hexdata[b] for b in range(212, 216)).upper()
+					if hso == "00000000":
+						fileinfo = [[1, 4], [5, 4], [9, 4], [13, 4], [17, 4], [21, 4], [25, 4], [29, 4], [33, 4], [37, 8], [45, 64], [109, 8], [117, 4], [121, 4], [125, 4], [129, 84]]
+					else:
+						hashstringexists = True
+						fileinfo = [[1, 4], [5, 4], [9, 4], [13, 4], [17, 4], [21, 4], [25, 4], [29, 4], [33, 4], [37, 8], [45, 64], [109, 8], [117, 4], [121, 4], [125, 4], [129, 4], [133, 4], [137, 76]]
 					fileinfosize = 212
-					prefetchmarkers.append("\n+8 Unknown (Empty values)\n")
-					prefetchmarkers.append("\n+64 (8 * 8) Last run time(s)\nContains FILETIMEs, or 0 if not set\nThe first FILETIME is the most recent run time\n")
 					prefetchmarkers.append("\n+8 Unknown\nMostly empty values but seem to get filled the run after the 8 last run times have been filled.\nCould be remnant values.\n")
 					prefetchmarkers.append("\n+4 Run count\n")
 					prefetchmarkers.append("\n+4 Unknown\nSeen: 0x01\n")
 					prefetchmarkers.append("\n+4 Unknown\nSeen: 0x03\n")
-					prefetchmarkers.append("\n+4 Hash string offset\n")
-					prefetchmarkers.append("\n+4 Hash string size\n")
-					prefetchmarkers.append("\n+76 Unknown (Empty values)\n")
+			if hashstringexists:
+				prefetchmarkers.append("\n+4 Hash string offset\n")
+				prefetchmarkers.append("\n+4 Hash string size\n")
+				prefetchmarkers.append("\n+76 Unknown (Empty values)\n")
+			else:
+				prefetchmarkers.append("\n+84 Unknown (Empty values)\n")
 			filemetricssize = numberoffilemetricsentries * 32
 			filemetrics = [[1, filemetricssize]]
 			prefetchmarkers.append("\n+{} File metrics array\n".format(filemetricssize))
-			# filemetricsentrybytemask = [4, 4, 4, 4, 4, 4, 8]
-			# filemetricsentry = generateEntriesFromByteMask(filemetricsentrybytemask, numberoffilemetricsentries * len(filemetricsentrybytemask))
-
-			# prefetchmarkers.extend(sharedFileMetricsByVer232630)
 
 			if hashstringexists:
 				hashstringoffsetlocation = fileheadersize + fileinfosize - 76 - 4 - 4
@@ -219,28 +187,19 @@ def prefetchTemplate(file_path):
 
 			tracechainssize = numberoftracechainsentries * 8
 			tracechains = [[1, tracechainssize]]
-			# tracechainsentrybytemask = [4, 1, 1, 2]
-			# tracechainsentry = generateEntriesFromByteMask(tracechainsentrybytemask, numberoftracechainsentries * len(tracechainsentrybytemask))
-
 			# prefetchmarkers.append("\nTotal block load count\nTotal number of blocks loaded (or fetched)\nThe block size 512k (512 * 1024) bytes\n")
 			# prefetchmarkers.append("\nUnknown\nSeen: 0x02, 0x03, 0x04, 0x08, 0x0A\n")
 			# prefetchmarkers.append("\nUnknown (Sample duration in ms?)\nSeen: 0x01\n")
 			# prefetchmarkers.append("\nUnknown\nSeen: 0x0001, 0xFFFF\n")
 			prefetchmarkers.append("\n+{} Trace chains array\n".format(tracechainssize))
 
-	
-
 	sumtilltracechains = fileheadersize + fileinfosize + filemetricssize + tracechainssize	
 	sumtillfilenamestrings = filenamestringssize + filenamestringsoffset
 	sumtillhashstring = hashstringsize + hashstringoffset
 	sumtillvolumeinformation = volumesinformationsize + volumesinformationoffset
-
 	sumtillhashstringorfilenamestrings = sumtillhashstring if hashstringexists else sumtillfilenamestrings
-
 	hashstringorfilenamestringspaddingsize = volumesinformationoffset - sumtillhashstringorfilenamestrings
 
-
-
 	filenamestrings = [[1, filenamestringssize]]
 	hashstring = [[1, hashstringsize]]
 	hashstringorfilenamestringspadding = [[1, hashstringorfilenamestringspaddingsize]]
@@ -280,14 +239,4 @@ def prefetchTemplate(file_path):
 	templatedata = toAbsolute(prefetchtemplate, prefetchsizes)
 	# print(templatedata)
 	
-	return formattedhexdata, formattedasciidata, templatedata, prefetchmarkers
-
-# def generateEntriesFromByteMask(bytemask, loopcount):
-# 	result = [[1, bytemask[0]]]
-# 	for i in range(1, loopcount):
-# 		previous = result[-1]  # Get the previous sublist
-# 		index = previous[0] + previous[1]  # Generate the next index
-# 		value = bytemask[i % len(bytemask)]  # Cyclically loop through the byte mask
-# 		result.append([index, value])  # Append the new sublist to the result
-# 	print(result)
-# 	return result
\ No newline at end of file
+	return formattedhexdata, formattedasciidata, templatedata, prefetchmarkers
\ No newline at end of file