adjust to the new NULL-terminated processing

Author: Abyss-W4tcher

volatility3/framework/symbols/linux/extensions/__init__.py

@@ -187,26 +187,31 @@ def _get_sect_count(self, grp: interfaces.objects.ObjectInterface) -> int:
         """
 
         if grp.has_member("bin_attrs"):
-            arr_offset = grp.bin_attrs
+            arr_offset_ptr = grp.bin_attrs
+            arr_subtype = "bin_attribute"
         else:
-            arr_offset = grp.attrs
+            arr_offset_ptr = grp.attrs
+            arr_subtype = "attribute"
 
-        if not arr_offset.is_readable():
+        if not arr_offset_ptr.is_readable():
             vollog.log(
                 constants.LOGLEVEL_V,
                 f"Cannot dereference the pointer to the NULL-terminated list of binary attributes for module at offset {self.vol.offset:#x}",
             )
             return 0
 
-        # We chose 1000 as an arbitrary guard value against
-        # extreme cases of smearing.
+        # We chose 100 as an arbitrary guard value to prevent
+        # looping forever in extreme cases, and because 100 is not expected
+        # to be a valid number of sections. If that still happens,
+        # Vol3 module processing will indicate that it is missing information
+        # with the following message:
+        # "Unable to reconstruct the ELF for module struct at"
         # See PR #1773 for more information.
         bin_attrs_list = utility.dynamically_sized_array_of_pointers(
             context=self._context,
-            layer_name=self.vol.layer_name,
-            symbol_table_name=self.get_symbol_table_name(),
-            array_offset=arr_offset.dereference().vol.offset,
-            iterator_guard_value=1000,
+            array=arr_offset_ptr.dereference(),
+            iterator_guard_value=100,
+            subtype=self.get_symbol_table_name() + constants.BANG + arr_subtype,
         )
         return len(bin_attrs_list)