Dump formula index also from the lid to the csv

Signed-off-by: Santosh Sivaraj <santosiv@in.ibm.com>
author: Santosh Sivaraj <santosiv@in.ibm.com> 2016-09-21 22:15:38 +0530
committer: Santosh Sivaraj <santosiv@in.ibm.com> 2016-11-09 19:42:34 +0530
commit: 3232d61972f2072ae972544f522fca2087de3cc6 (patch)
tree: 8159ecfd0b328aa8f753193f7acb37141f2e6f84 /catalog
parent: f21012037505401472d099e98a3a45bdd05a7dca (diff)
download: ima-catalog-3232d61972f2072ae972544f522fca2087de3cc6.tar.gz
ima-catalog-3232d61972f2072ae972544f522fca2087de3cc6.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/catalog/read.py b/catalog/read.py
index c5a05d8..4094f9d 100644
--- a/catalog/read.py
+++ b/catalog/read.py
@@ -35,9 +35,12 @@ def read_formula(formula_dump):
 
 def read_event(event_dump):
     event = {}
-    elen, event['domain'], event['record byte offset'], event['record length'], \
+    elen, event['formala index'], event['domain'], event['record byte offset'], event['record length'], \
         event['counter offset'], event['flag'], event['primary group index'], \
-        event['group count'] = unpack_from(">HxxBxHHHIHH", event_dump)
+        event['group count'] = unpack_from(">HHBxHHHIHH", event_dump)
+
+    if event['formala index'] == 0xffff:
+        event['formala index'] = '-1';
 
     event['name'], nlen = read_string(event_dump[ENAMELEN_OFFSET:])
     event['description'], dlen = read_string(event_dump[(ENAMELEN_OFFSET + nlen):])
author	Santosh Sivaraj <santosiv@in.ibm.com>	2016-09-21 22:15:38 +0530
committer	Santosh Sivaraj <santosiv@in.ibm.com>	2016-11-09 19:42:34 +0530
commit	3232d61972f2072ae972544f522fca2087de3cc6 (patch)
tree	8159ecfd0b328aa8f753193f7acb37141f2e6f84 /catalog
parent	f21012037505401472d099e98a3a45bdd05a7dca (diff)
download	ima-catalog-3232d61972f2072ae972544f522fca2087de3cc6.tar.gz ima-catalog-3232d61972f2072ae972544f522fca2087de3cc6.zip