Add support for types 8, 9 & 10

[hugsy]

Improvements

Add support for dump types for modern WinDbg versions:

• 0x8 -> .dump /k (Create a dump with kernel memory only)
• 0x9 -> .dump /ka (Create a dump with active kernel and user mode memory)
• 0xa -> .dump /f (Create a full dump)

Also:

• Version bumped 0.6 -> 0.7
• Adds FizeSize() to the FileMap
• Exposes the HEADER64 to Python too, as justly noted by @neitsa this simply addition is costless, but very valuable.

Additional notes

1. Although the C++ API was not changed, some implementation details had to be changed. Please let me know if you disagree;
2. The new format offsets were found through reversing, hence some fields __unknownXX. However I tested against quite a number of dumps, and could validate my findings but since there's no public implementation (kdmp-parser will be the first 😉) I couldn't fact-check it otherwise;
3. The new testcases have been commented because they will fail until we provide a correct URL to download the new testdatas ZIP
4. You'll see blocks like this

#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Winvalid-offsetof"
[...]
#pragma GCC diagnostic pop

Those are GCC specific errors claiming not to be able to calculate the offset checks used in the static_assert. This is completely wrong, and the other compilers (CLANG/CL) don't say anything. In addition, even GCC produces the correct format so the behavior doesn't change in any way. Therefore I chose to explicitly silence it (punctually to those assert checks).

Happy to discuss any of those points.

Fixes #17
Fixes #18

[0vercl0k]

Booyah!

Will look at this this week, thanks again for your hard work!

Cheers

[0vercl0k]

Ok I did first pass, I think it's looking good. I need to do a second pass and check the misc stuff, like small documentation for the Python README and then we should be good to go!

Cheers

[0vercl0k]

It's live at https://pypi.org/project/kdmp-parser/0.7.0/, thanks again!

[hugsy]

Thanks for the review & merge !