Merge pull request #415 from j-t-1/is_driver

Replace list comprehension with set comprehension
erocarrera · Aug 26, 2024 · 853c6ab · 853c6ab
2 parents 79200c5 + cd59e48
commit 853c6ab
Showing 1 changed file with 3 additions and 4 deletions.
diff --git a/pefile.py b/pefile.py
@@ -7778,7 +7778,7 @@ def is_driver(self):
         # Checking that the ImageBase field of the OptionalHeader is above or
         # equal to 0x80000000 (that is, whether it lies in the upper 2GB of
         # the address space, normally belonging to the kernel) is not a
-        # reliable enough indicator.  For instance, PEs that play the invalid
+        # reliable enough indicator. For instance, PEs that play the invalid
         # ImageBase trick to get relocated could be incorrectly assumed to be
         # drivers.
 
@@ -7803,18 +7803,17 @@ def is_driver(self):
         # self.DIRECTORY_ENTRY_IMPORT will now exist, although it may be empty.
         # If it imports from "ntoskrnl.exe" or other kernel components it should
         # be a driver
-        #
         system_DLLs = {
             b"ntoskrnl.exe", b"hal.dll", b"ndis.sys", b"bootvid.dll", b"kdcom.dll"
         }
         if system_DLLs.intersection(
-            [imp.dll.lower() for imp in self.DIRECTORY_ENTRY_IMPORT]
+            {imp.dll.lower() for imp in self.DIRECTORY_ENTRY_IMPORT}
         ):
             return True
 
         driver_like_section_names = {b"page", b"paged"}
         if driver_like_section_names.intersection(
-            [section.Name.lower().rstrip(b"\x00") for section in self.sections]
+            {section.Name.lower().rstrip(b"\x00") for section in self.sections}
         ) and (
             self.OPTIONAL_HEADER.Subsystem
             in (