Skip to content

Commit

Permalink
Merge pull request #773 from onekey-sec/771-multi-gzip-symlinks
Browse files Browse the repository at this point in the history 
fix(handlers): handle dangling symlinks in MultiFile handlers.
  • Loading branch information
@qkaiser
qkaiser authored Feb 16, 2024
2 parents 841aa29 + 25c43e3 commit 70f7185
Show file tree
Hide file tree
Showing 10 changed files with 22 additions and 4 deletions.
3 changes: 3 additions & 0 deletions tests/integration/archive/sevenzip/__input__/multi-sevenzip-dangling-symlinks.tar
View file
Git LFS file not shown
1 change: 1 addition & 0 deletions .../sevenzip/__output__/multi-sevenzip-dangling-symlinks.tar_extract/dangling-symlink.7z.001
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
hello
1 change: 1 addition & 0 deletions .../sevenzip/__output__/multi-sevenzip-dangling-symlinks.tar_extract/dangling-symlink.7z.002
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
hello
1 change: 1 addition & 0 deletions .../sevenzip/__output__/multi-sevenzip-dangling-symlinks.tar_extract/dangling-symlink.7z.003
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
hello
3 changes: 3 additions & 0 deletions tests/integration/compression/gzip/__input__/multi-gzip-dangling-symlinks.tar
View file
Git LFS file not shown
1 change: 1 addition & 0 deletions ...ompression/gzip/__output__/multi-gzip-dangling-symlinks.tar_extract/dangling-symlink.gz.a
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
hello
1 change: 1 addition & 0 deletions ...ompression/gzip/__output__/multi-gzip-dangling-symlinks.tar_extract/dangling-symlink.gz.b
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
hello
1 change: 1 addition & 0 deletions ...ompression/gzip/__output__/multi-gzip-dangling-symlinks.tar_extract/dangling-symlink.gz.c
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
hello
8 changes: 6 additions & 2 deletions unblob/handlers/archive/sevenzip.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,12 @@ class MultiVolumeSevenZipHandler(DirectoryHandler):
PATTERN = Glob("*.7z.001")

def calculate_multifile(self, file: Path) -> Optional[MultiFile]:
paths = sorted(
[p for p in file.parent.glob(f"{file.stem}.*") if p.resolve().exists()]
)
if not paths:
return None

with file.open("rb") as f:
header_data = f.read(HEADER_SIZE)

Expand All @@ -117,8 +123,6 @@ def calculate_multifile(self, file: Path) -> Optional[MultiFile]:
size = calculate_sevenzip_size(header)
logger.debug("Sevenzip header", header=header, size=size, _verbosity=3)

paths = sorted(file.parent.glob(f"{file.stem}.*"))

files_size = sum(path.stat().st_size for path in paths)
logger.debug(
"Multi-volume files", paths=paths, files_size=files_size, _verbosity=2
Expand Down
6 changes: 4 additions & 2 deletions unblob/handlers/compression/gzip.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,12 +166,14 @@ def is_valid_gzip(self, path: Path) -> bool:
return True

def calculate_multifile(self, file: Path) -> Optional[MultiFile]:
paths = sorted(file.parent.glob(f"{file.stem}.*"))
paths = sorted(
[p for p in file.parent.glob(f"{file.stem}.*") if p.resolve().exists()]
)

# we 'discard' paths that are not the first in the ordered list,
# otherwise we will end up with colliding reports, one for every
# path in the list.
if file != paths[0]:
if not paths or file != paths[0]:
return None

if self.is_valid_gzip(file):
Expand Down

0 comments on commit 70f7185

Please sign in to comment.