From fbecdfdb3d435f671a8e56266d064c4e1dfc6b4d Mon Sep 17 00:00:00 2001
From: Nick Bargnesi <nbargnesi@secureworks.com>
Date: Thu, 4 Apr 2024 21:17:10 -0400
Subject: [PATCH 1/3] fix/rework private package configuration

Some packages provide their own __init__. Rather than having to pass the
package name to itself, rework private package configuration to derive
the importable package from the package class module name.

So for example if the "pdf" package is used, self.__class__.__module__
is:
  modules.packages.pdf

And the data module derived from it becomes:
  data.packages.pdf
---
 analyzer/windows/analyzer.py             | 4 ++--
 analyzer/windows/lib/common/abstracts.py | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/analyzer/windows/analyzer.py b/analyzer/windows/analyzer.py
index f158e3bbecd..bbef6b96d9e 100644
--- a/analyzer/windows/analyzer.py
+++ b/analyzer/windows/analyzer.py
@@ -397,7 +397,7 @@ def run(self):
         except Exception as e:
             log.exception(e)
         # Initialize the package parent abstract.
-        Package(package_name)
+        Package()
         # Enumerate the abstract subclasses.
         try:
             package_class = Package.__subclasses__()[0]
@@ -408,7 +408,7 @@ def run(self):
 
         # Initialize the analysis package.
         log.debug('Initializing analysis package "%s"...', package)
-        self.package = package_class(package_name, self.options, self.config)
+        self.package = package_class(self.options, self.config)
         # log.debug('Initialized analysis package "%s"', package)
 
         # Move the sample to the current working directory as provided by the
diff --git a/analyzer/windows/lib/common/abstracts.py b/analyzer/windows/lib/common/abstracts.py
index e2d27539042..3edf4316a61 100644
--- a/analyzer/windows/lib/common/abstracts.py
+++ b/analyzer/windows/lib/common/abstracts.py
@@ -29,9 +29,8 @@ class Package:
     PATHS = []
     default_curdir = None
 
-    def __init__(self, name: str, options=None, config=None):
+    def __init__(self, options=None, config=None):
         """@param options: options dict."""
-        self.name = name
         if options is None:
             options = {}
         self.config = config
@@ -80,7 +79,8 @@ def configure_from_data(self, target: str):
          - AttributeError if the module configure function is invalid.
          - ModuleNotFoundError if the module does not support configuration from data
         """
-        module_name = f"data.packages.{self.name}"
+        package_module_name = self.__class__.__module__.split('.')[-1]
+        module_name = f"data.packages.{package_module_name}"
         try:
             m = importlib.import_module(module_name)
         except Exception as e:

From 2c43b405b5672df4eee76b3bbba81abbc2c39294 Mon Sep 17 00:00:00 2001
From: Nick Bargnesi <nbargnesi@secureworks.com>
Date: Thu, 4 Apr 2024 21:37:36 -0400
Subject: [PATCH 2/3] use self.__class__.__module__ in tests

---
 analyzer/windows/tests/lib/common/test_abstracts.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/analyzer/windows/tests/lib/common/test_abstracts.py b/analyzer/windows/tests/lib/common/test_abstracts.py
index 7ab5325d39c..1607df26f29 100644
--- a/analyzer/windows/tests/lib/common/test_abstracts.py
+++ b/analyzer/windows/tests/lib/common/test_abstracts.py
@@ -9,7 +9,7 @@ class TestPackageConfiguration(unittest.TestCase):
 
     def test_private_package_configuration(self):
         # test analysis package
-        package_module = "configuration_package"
+        package_module = self.__class__.__module__
         # and its private configuration module
         module_name = f"data.packages.{package_module}"
 

From 808a95045033ef466174325549d46ed988199147 Mon Sep 17 00:00:00 2001
From: Nick Bargnesi <nbargnesi@secureworks.com>
Date: Thu, 4 Apr 2024 21:37:51 -0400
Subject: [PATCH 3/3] drop package_name in tests

---
 analyzer/windows/tests/modules/packages/test_ps1.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/analyzer/windows/tests/modules/packages/test_ps1.py b/analyzer/windows/tests/modules/packages/test_ps1.py
index 23bda3caefb..7623abd001b 100644
--- a/analyzer/windows/tests/modules/packages/test_ps1.py
+++ b/analyzer/windows/tests/modules/packages/test_ps1.py
@@ -8,7 +8,7 @@ def test_get_paths(self):
         """By default, the first path should be powershell.exe"""
         package_name = "modules.packages.ps1"
         __import__(package_name, globals(), locals(), ["dummy"])
-        ps1_module = PS1(package_name)
+        ps1_module = PS1()
         paths = ps1_module.get_paths()
         assert paths[0][-1] == "powershell.exe"
         all_paths = set([path[-1] for path in paths])
@@ -19,7 +19,7 @@ def test_get_paths_powershell_core(self):
         options = {"pwsh": True}
         package_name = "modules.packages.ps1"
         __import__(package_name, globals(), locals(), ["dummy"])
-        ps1_module = PS1(package_name, options=options)
+        ps1_module = PS1(options=options)
         paths = ps1_module.get_paths()
         assert paths[0][-1] == "pwsh.exe"
         all_paths = set([path[-1] for path in paths])