From fafd388fbf44d29d6871c434c5a42be380e9fab7 Mon Sep 17 00:00:00 2001
From: Erik Schamper <1254028+Schamper@users.noreply.github.com>
Date: Tue, 4 Jun 2024 14:15:03 +0200
Subject: [PATCH] Compatibility with cstruct v4 (#31)

---
 dissect/shellitem/lnk/c_lnk.py |  9 ++++-----
 dissect/shellitem/lnk/lnk.py   | 10 +++++-----
 pyproject.toml                 | 10 ++++++++--
 tox.ini                        |  1 +
 4 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/dissect/shellitem/lnk/c_lnk.py b/dissect/shellitem/lnk/c_lnk.py
index 93ca4eb..f9ab57d 100644
--- a/dissect/shellitem/lnk/c_lnk.py
+++ b/dissect/shellitem/lnk/c_lnk.py
@@ -1,12 +1,12 @@
 from enum import IntEnum
 from typing import Optional
 
-from dissect import cstruct
+from dissect.cstruct import cstruct
 
 # structs are reconstructed as faithfull as possible from MS documentation
 # reference: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-SHLLINK/%5bMS-SHLLINK%5d.pdf
 
-c_lnk_def = """
+lnk_def = """
 flag FILE_ATTRIBUTE : uint32 {
     READONLY                = 0x00000001,
     HIDDEN                  = 0x00000002,
@@ -297,7 +297,7 @@
 
 typedef struct SPECIAL_FOLDER_PROPS {
     uint32 special_folder_id;          // A 32-bit, unsigned integer that specifies the folder integer ID.
-    uint32 offset;                     // A 32-bit, unsigned integer that specifies the location of the ItemID of the first child segment of the IDList specified by SpecialFolderID. This value is the offset, in bytes, into the link target IDList. 
+    uint32 offset;                     // A 32-bit, unsigned integer that specifies the location of the ItemID of the first child segment of the IDList specified by SpecialFolderID. This value is the offset, in bytes, into the link target IDList.
 };
 
 typedef struct DARWIN_PROPS {
@@ -389,5 +389,4 @@ def _has_value(cls, value: int) -> bool:
 JUMPLIST_HEADER_SIZE = 0x24
 JUMPLIST_FOOTER = 0xBABFFBAB
 
-c_lnk = cstruct.cstruct()
-c_lnk.load(c_lnk_def)
+c_lnk = cstruct().load(lnk_def)
diff --git a/dissect/shellitem/lnk/lnk.py b/dissect/shellitem/lnk/lnk.py
index 759b343..de72d9d 100644
--- a/dissect/shellitem/lnk/lnk.py
+++ b/dissect/shellitem/lnk/lnk.py
@@ -76,17 +76,17 @@ def _parse(self, fh: BinaryIO) -> None:
             if block_name == "PROPERTY_STORE_PROPS":
                 # TODO implement actual serialized property parsing
                 guid = self._parse_guid(struct.format_id)
-                struct._values.update({"format_id": guid})
+                setattr(struct, "format_id", guid)
 
             elif block_name == "TRACKER_PROPS":
                 for name, value in struct._values.items():
                     if "droid" in name:
                         guid = self._parse_guid(value)
-                        struct._values.update({name: guid})
+                        setattr(struct, name, guid)
 
             elif block_name == "KNOWN_FOLDER_PROPS":
                 guid = self._parse_guid(struct.known_folder_id)
-                struct._values.update({"known_folder_id": guid})
+                setattr(struct, "known_folder_id", guid)
 
             elif (
                 block_name == "ENVIRONMENT_PROPS"
@@ -247,14 +247,14 @@ def _parse(self, buff: BinaryIO) -> None:
             header = c_lnk.COMMON_NETWORK_RELATIVE_LINK_HEADER(buff.read(20))
             flags = header.common_network_relative_link_flags
 
-            if flags & flags.enum.valid_device:
+            if flags & c_lnk.COMMON_NETWORK_RELATIVE_LINK_FLAGS.valid_device:
                 offset = buff.seek(start_common_network_relative_link + header.device_name_offset)
                 device_name = c_lnk.DEVICE_NAME(buff.read())
                 read_size = len(device_name.dumps())
                 device_name = device_name.device_name
                 buff.seek(offset + read_size)
 
-            if flags & flags.enum.valid_net_type:
+            if flags & c_lnk.COMMON_NETWORK_RELATIVE_LINK_FLAGS.valid_net_type:
                 offset = buff.seek(start_common_network_relative_link + header.net_name_offset)
                 net_name = c_lnk.NET_NAME(buff.read())
                 read_size = len(net_name.dumps())
diff --git a/pyproject.toml b/pyproject.toml
index 7c20d13..4c40d7a 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -25,8 +25,8 @@ classifiers = [
   "Topic :: Utilities",
 ]
 dependencies = [
-    "dissect.cstruct>=3.0.dev,<4.0.dev",
-    "dissect.util>=3.0.dev,<4.0.dev",
+    "dissect.cstruct>=4.dev,<5",
+    "dissect.util>=3,<4",
 ]
 dynamic = ["version"]
 
@@ -38,6 +38,12 @@ repository = "https://github.com/fox-it/dissect.shellitem"
 [project.scripts]
 parse-lnk = "dissect.shellitem.tools.lnk:main"
 
+[project.optional-dependencies]
+dev = [
+    "dissect.cstruct>=4.0.dev,<5.0.dev",
+    "dissect.util>=3.0.dev,<4.0.dev",
+]
+
 [tool.black]
 line-length = 120
 
diff --git a/tox.ini b/tox.ini
index 67e8e8a..7bd2890 100644
--- a/tox.ini
+++ b/tox.ini
@@ -11,6 +11,7 @@ minversion = 4.4.3
 requires = virtualenv>=20.16.6
 
 [testenv]
+extras = dev
 deps =
     pytest
     pytest-cov