Tests fail on Windows #680
Description
I noticed that tests fail on Windows. Do we want to support tests on Windows?
============================================================================================= FAILURES ==============================================================================================
____________________________________________________________________________ TestDumpsysADBArtifact.test_parsing_adb_xml ____________________________________________________________________________
self = <tests.android.test_artifact_dumpsys_adb.TestDumpsysADBArtifact object at 0x000001973BD5C550>
def test_parsing_adb_xml(self):
da_adb = DumpsysADBArtifact()
file = get_artifact("android_data/dumpsys_adb_xml.txt")
with open(file, "rb") as f:
data = f.read()
> da_adb.parse(data)
tests\android\test_artifact_dumpsys_adb.py:39:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
..\..\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\LocalCache\local-packages\Python313\site-packages\mvt\android\artifacts\dumpsys_adb.py:139: in parse
parsed = self.indented_dump_parser(json_content)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <mvt.android.artifacts.dumpsys_adb.DumpsysADBArtifact object at 0x000001973BFA4910>
dump_data = b'\r\n debugging_manager={\r\n connected_to_adb=true\r\n user_keys=QAAAAAcgbytJst31DsaSP7hn8QcBXKR9NPVPK9MZssFV.../>\r\n </keyStore>\r\n\r\n }\r\n}\r\n--------- 0.012s was the duration of dumpsys adb, ending at: 2025-02-04 20:25'
def indented_dump_parser(self, dump_data):
"""
Parse the indented dumpsys output, generated by DualDumpOutputStream in Android.
"""
res = {}
stack = [res]
cur_indent = 0
in_multiline = False
for line in dump_data.strip(b"\n").split(b"\n"):
# Track the level of indentation
indent = len(line) - len(line.lstrip())
if indent < cur_indent:
# If the current line is less indented than the previous one, back out
stack.pop()
cur_indent = indent
else:
cur_indent = indent
# Split key and value by '='
vals = line.lstrip().split(b"=", 1)
key = vals[0].decode("utf-8")
current_dict = stack[-1]
# Annoyingly, some values are multiline and don't have a key on each line
if in_multiline:
if key == "":
# If the line is empty, it's the terminator for the multiline value
in_multiline = False
stack.pop()
else:
current_dict.append(line.lstrip())
continue
if key == "}":
stack.pop()
continue
> if vals[1] == b"{":
^^^^^^^
E IndexError: list index out of range
..\..\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\LocalCache\local-packages\Python313\site-packages\mvt\android\artifacts\dumpsys_adb.py:53: IndexError
__________________________________________________________________________ TestAndroidqfFilesAnalysis.test_androidqf_files __________________________________________________________________________
self = <tests.android_androidqf.test_files.TestAndroidqfFilesAnalysis object at 0x000001973BD5F4D0>
def test_androidqf_files(self):
data_path = get_android_androidqf()
m = Files(target_path=data_path, log=logging)
files = list_files(data_path)
parent_path = Path(data_path).absolute().parent.as_posix()
m.from_folder(parent_path, files)
run_module(m)
> assert len(m.results) == 3
E assert 0 == 3
E + where 0 = len([])
E + where [] = <mvt.android.modules.androidqf.files.Files object at 0x000001973BFDDBE0>.results
tests\android_androidqf\test_files.py:23: AssertionError
----------------------------------------------------------------------------------------- Captured log call -----------------------------------------------------------------------------------------
WARNING root:base.py:76 Could not find or determine local device timezone. Some timestamps and timeline data may be incorrect.
WARNING root:files.py:117 Unable to determine device timezone, using UTC
ERROR root:module.py:194 Error in running extraction from module Files: 'No time zone found with key UTC'
Traceback (most recent call last):
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.2032.0_x64__qbz5n2kfra8p0\Lib\zoneinfo\_common.py", line 12, in load_tzdata
path = resources.files(package_name).joinpath(resource_name)
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.2032.0_x64__qbz5n2kfra8p0\Lib\importlib\resources\_common.py", line 46, in wrapper
return func(anchor)
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.2032.0_x64__qbz5n2kfra8p0\Lib\importlib\resources\_common.py", line 56, in files
return from_package(resolve(anchor))
~~~~~~~^^^^^^^^
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.2032.0_x64__qbz5n2kfra8p0\Lib\functools.py", line 934, in wrapper
return dispatch(args[0].__class__)(*args, **kw)
~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.2032.0_x64__qbz5n2kfra8p0\Lib\importlib\resources\_common.py", line 82, in _
return importlib.import_module(cand)
~~~~~~~~~~~~~~~~~~~~~~~^^^^^^
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.2032.0_x64__qbz5n2kfra8p0\Lib\importlib\__init__.py", line 88, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<frozen importlib._bootstrap>", line 1387, in _gcd_import
File "<frozen importlib._bootstrap>", line 1360, in _find_and_load
File "<frozen importlib._bootstrap>", line 1310, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 488, in _call_with_frames_removed
File "<frozen importlib._bootstrap>", line 1387, in _gcd_import
File "<frozen importlib._bootstrap>", line 1360, in _find_and_load
File "<frozen importlib._bootstrap>", line 1324, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'tzdata'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\User\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\LocalCache\local-packages\Python313\site-packages\mvt\common\module.py", line 171, in run_module
exec_or_profile("module.run()", globals(), locals())
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\User\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\LocalCache\local-packages\Python313\site-packages\mvt\common\utils.py", line 263, in exec_or_profile
exec(module, globals, locals)
~~~~^^^^^^^^^^^^^^^^^^^^^^^^^
File "<string>", line 1, in <module>
File "C:\Users\User\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\LocalCache\local-packages\Python313\site-packages\mvt\android\modules\androidqf\files.py", line 118, in run
device_timezone = zoneinfo.ZoneInfo("UTC")
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.2032.0_x64__qbz5n2kfra8p0\Lib\zoneinfo\_common.py", line 29, in load_tzdata
raise ZoneInfoNotFoundError(f"No time zone found with key {key}")
zoneinfo._common.ZoneInfoNotFoundError: 'No time zone found with key UTC'
___________________________________________________________________________________ TestFilesystem.test_detection ___________________________________________________________________________________
self = <tests.ios_fs.test_filesystem.TestFilesystem object at 0x000001973BF1DA90>, indicator_file = 'C:\\Users\\User\\AppData\\Local\\Temp\\pytest-of-User\\pytest-28\\indicators0\\indicators.stix2'
def test_detection(self, indicator_file):
m = Filesystem(target_path=get_ios_backup_folder())
ind = Indicators(log=logging.getLogger())
ind.parse_stix2(indicator_file)
# Adds a filename that exist in the folder
ind.ioc_collections[0]["processes"].append(
"64d0019cb3d46bfc8cce545a8ba54b93e7ea9347"
)
m.indicators = ind
run_module(m)
assert len(m.results) == 15
assert len(m.timeline) == 15
> assert len(m.detected) == 1
E assert 0 == 1
E + where 0 = len([])
E + where [] = <mvt.ios.modules.fs.filesystem.Filesystem object at 0x000001973BF1FED0>.detected
tests\ios_fs\test_filesystem.py:34: AssertionError
--------------------------------------------------------------------------------------- Captured stdout call ----------------------------------------------------------------------------------------
INFO [mvt.ios.modules.fs.filesystem] Running module Filesystem...
INFO [mvt.ios.modules.fs.filesystem] Running module Filesystem...
INFO [mvt.ios.modules.fs.filesystem] The Filesystem module
produced no detections!
INFO [mvt.ios.modules.fs.filesystem] The Filesystem module
produced no detections!