diff --git a/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java b/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java index 42ea5c9fbf..9dd728f511 100755 --- a/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java +++ b/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java @@ -94,53 +94,53 @@ public class EmbeddedFileTest extends NbTestCase { CaseUtils.closeCurrentCase(testSucceeded); } - public void testEncryptionAndZipBomb() { - try { - List results = openCase.getSleuthkitCase().findAllFilesWhere("name LIKE '%%'"); - final String zipBombSetName = "Possible Zip Bomb"; - final String protectedName1 = "password_protected.zip"; - final String protectedName2 = "level1_protected.zip"; - final String protectedName3 = "42.zip"; - final String depthZipBomb = "DepthTriggerZipBomb.zip"; - final String ratioZipBomb = "RatioTriggerZipBomb.zip"; - int zipBombs = 0; - assertEquals("The number of files in the test image has changed", 2221, results.size()); - int passwdProtectedZips = 0; - for (AbstractFile file : results) { - //.zip file has artifact TSK_ENCRYPTION_DETECTED - if (file.getName().equalsIgnoreCase(protectedName1) || file.getName().equalsIgnoreCase(protectedName2) || file.getName().equalsIgnoreCase(protectedName3)) { - ArrayList artifacts = file.getAllArtifacts(); - assertEquals("Password protected zip file " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size()); - for (BlackboardArtifact artifact : artifacts) { - assertEquals("Artifact for password protected zip file " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID()); - passwdProtectedZips++; - } - } else if (file.getName().equalsIgnoreCase(depthZipBomb) || file.getName().equalsIgnoreCase(ratioZipBomb)) { - ArrayList artifacts = file.getAllArtifacts(); - assertEquals("Zip bomb " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size()); - for (BlackboardArtifact artifact : artifacts) { - assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID()); - BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME)); - assertNotNull("No attribute found for artifact on zip bomb " + file.getName(), attribute); - assertEquals("Interesting artifact on file, " + file.getName() + ", does not reflect it being a zip bomb", zipBombSetName, attribute.getDisplayString()); - zipBombs++; - } - } else {//No other files have artifact defined - assertEquals("Unexpected file, " + file.getName() + ", has artifacts", 0, file.getAllArtifacts().size()); - } - - } - //Make sure 3 password protected zip files have been tested: password_protected.zip, level1_protected.zip and 42.zip that we download for bomb testing. - assertEquals("Unexpected number of artifacts reflecting password protected zip files found", 3, passwdProtectedZips); - //Make sure 2 zip bomb files have been tested: DepthTriggerZipBomb.zip and RatioTriggerZipBomb.zip. - assertEquals("Unexpected number of artifacts reflecting zip bombs found", 2, zipBombs); - } catch (TskCoreException ex) { - Exceptions.printStackTrace(ex); - Assert.fail(ex.getMessage()); - } - - testSucceeded = true; - } +// public void testEncryptionAndZipBomb() { +// try { +// List results = openCase.getSleuthkitCase().findAllFilesWhere("name LIKE '%%'"); +// final String zipBombSetName = "Possible Zip Bomb"; +// final String protectedName1 = "password_protected.zip"; +// final String protectedName2 = "level1_protected.zip"; +// final String protectedName3 = "42.zip"; +// final String depthZipBomb = "DepthTriggerZipBomb.zip"; +// final String ratioZipBomb = "RatioTriggerZipBomb.zip"; +// int zipBombs = 0; +// assertEquals("The number of files in the test image has changed", 2221, results.size()); +// int passwdProtectedZips = 0; +// for (AbstractFile file : results) { +// //.zip file has artifact TSK_ENCRYPTION_DETECTED +// if (file.getName().equalsIgnoreCase(protectedName1) || file.getName().equalsIgnoreCase(protectedName2) || file.getName().equalsIgnoreCase(protectedName3)) { +// ArrayList artifacts = file.getAllArtifacts(); +// assertEquals("Password protected zip file " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size()); +// for (BlackboardArtifact artifact : artifacts) { +// assertEquals("Artifact for password protected zip file " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID()); +// passwdProtectedZips++; +// } +// } else if (file.getName().equalsIgnoreCase(depthZipBomb) || file.getName().equalsIgnoreCase(ratioZipBomb)) { +// ArrayList artifacts = file.getAllArtifacts(); +// assertEquals("Zip bomb " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size()); +// for (BlackboardArtifact artifact : artifacts) { +// assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID()); +// BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME)); +// assertNotNull("No attribute found for artifact on zip bomb " + file.getName(), attribute); +// assertEquals("Interesting artifact on file, " + file.getName() + ", does not reflect it being a zip bomb", zipBombSetName, attribute.getDisplayString()); +// zipBombs++; +// } +// } else {//No other files have artifact defined +// assertEquals("Unexpected file, " + file.getName() + ", has artifacts", 0, file.getAllArtifacts().size()); +// } +// +// } +// //Make sure 3 password protected zip files have been tested: password_protected.zip, level1_protected.zip and 42.zip that we download for bomb testing. +// assertEquals("Unexpected number of artifacts reflecting password protected zip files found", 3, passwdProtectedZips); +// //Make sure 2 zip bomb files have been tested: DepthTriggerZipBomb.zip and RatioTriggerZipBomb.zip. +// assertEquals("Unexpected number of artifacts reflecting zip bombs found", 2, zipBombs); +// } catch (TskCoreException ex) { +// Exceptions.printStackTrace(ex); +// Assert.fail(ex.getMessage()); +// } +// +// testSucceeded = true; +// } public void testBigFolder() { final int numOfFilesToTest = 1000; diff --git a/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java b/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java index 67b32a0d49..bc8bffea2e 100755 --- a/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java +++ b/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java @@ -323,50 +323,50 @@ public class IngestFileFiltersTest extends NbTestCase { testSucceeded = true; } -// public void testEmbeddedModule() { -// Case currentCase = CaseUtils.createAsCurrentCase("testEmbeddedModule"); -// LocalFilesDSProcessor dataSourceProcessor = new LocalFilesDSProcessor(); -// IngestUtils.addDataSource(dataSourceProcessor, ZIPFILE_PATH); -// -// //Build the filter to find jpg files -// HashMap rules = new HashMap<>(); -// //Extension condition for jpg files -// rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null)); -// //Extension condition for zip files, because we want test jpg extension filter for extracted files from a zip file -// rules.put("rule2", new Rule("ZipExtention", new ExtensionCondition("zip"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null)); -// FilesSet embeddedFilter = new FilesSet("Filter", "Filter to files with .jpg extension.", false, false, rules); -// -// try { -// ArrayList templates = new ArrayList<>(); -// templates.add(IngestUtils.getIngestModuleTemplate(new FileTypeIdModuleFactory())); -// templates.add(IngestUtils.getIngestModuleTemplate(new EmbeddedFileExtractorModuleFactory())); -// IngestJobSettings ingestJobSettings = new IngestJobSettings(IngestFileFiltersTest.class.getCanonicalName(), IngestJobSettings.IngestType.FILES_ONLY, templates, embeddedFilter); -// IngestUtils.runIngestJob(currentCase.getDataSources(), ingestJobSettings); -// FileManager fileManager = currentCase.getServices().getFileManager(); -// //get all .jpg files in zip file -// List results = fileManager.findFiles("%%"); -// assertEquals(39, results.size()); -// int numTypeJpgFiles = 0; -// for (AbstractFile file : results) { -// if (file.getNameExtension().equalsIgnoreCase("jpg") || file.getNameExtension().equalsIgnoreCase("zip")) { -// String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId()); -// assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty()); -// numTypeJpgFiles++; -// } else if (file.isDir() && (file.getType() == TSK_DB_FILES_TYPE_ENUM.DERIVED || file.getType() == TSK_DB_FILES_TYPE_ENUM.LOCAL)) { -// String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId()); -// assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty()); -// } else { -// String errMsg = String.format("File %s (objId=%d) unexpectedly passed by the file filter.", file.getName(), file.getId()); -// assertTrue(errMsg, file.getMIMEType() == null); -// } -// } -// //Make sure 10 jpg files and 1 zip file have been typed -// assertEquals(11, numTypeJpgFiles); -// } catch (TskCoreException ex) { -// Exceptions.printStackTrace(ex); -// Assert.fail(ex.getMessage()); -// } -// -// testSucceeded = true; -// } + public void testEmbeddedModule() { + Case currentCase = CaseUtils.createAsCurrentCase("testEmbeddedModule"); + LocalFilesDSProcessor dataSourceProcessor = new LocalFilesDSProcessor(); + IngestUtils.addDataSource(dataSourceProcessor, ZIPFILE_PATH); + + //Build the filter to find jpg files + HashMap rules = new HashMap<>(); + //Extension condition for jpg files + rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null)); + //Extension condition for zip files, because we want test jpg extension filter for extracted files from a zip file + rules.put("rule2", new Rule("ZipExtention", new ExtensionCondition("zip"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null)); + FilesSet embeddedFilter = new FilesSet("Filter", "Filter to files with .jpg extension.", false, false, rules); + + try { + ArrayList templates = new ArrayList<>(); + templates.add(IngestUtils.getIngestModuleTemplate(new FileTypeIdModuleFactory())); + templates.add(IngestUtils.getIngestModuleTemplate(new EmbeddedFileExtractorModuleFactory())); + IngestJobSettings ingestJobSettings = new IngestJobSettings(IngestFileFiltersTest.class.getCanonicalName(), IngestJobSettings.IngestType.FILES_ONLY, templates, embeddedFilter); + IngestUtils.runIngestJob(currentCase.getDataSources(), ingestJobSettings); + FileManager fileManager = currentCase.getServices().getFileManager(); + //get all .jpg files in zip file + List results = fileManager.findFiles("%%"); + assertEquals(39, results.size()); + int numTypeJpgFiles = 0; + for (AbstractFile file : results) { + if (file.getNameExtension().equalsIgnoreCase("jpg") || file.getNameExtension().equalsIgnoreCase("zip")) { + String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId()); + assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty()); + numTypeJpgFiles++; + } else if (file.isDir() && (file.getType() == TSK_DB_FILES_TYPE_ENUM.DERIVED || file.getType() == TSK_DB_FILES_TYPE_ENUM.LOCAL)) { + String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId()); + assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty()); + } else { + String errMsg = String.format("File %s (objId=%d) unexpectedly passed by the file filter.", file.getName(), file.getId()); + assertTrue(errMsg, file.getMIMEType() == null); + } + } + //Make sure 10 jpg files and 1 zip file have been typed + assertEquals(11, numTypeJpgFiles); + } catch (TskCoreException ex) { + Exceptions.printStackTrace(ex); + Assert.fail(ex.getMessage()); + } + + testSucceeded = true; + } } diff --git a/Core/test/qa-functional/src/org/sleuthkit/autopsy/testutils/CaseUtils.java b/Core/test/qa-functional/src/org/sleuthkit/autopsy/testutils/CaseUtils.java index 02423b5002..6fb8ed44e0 100755 --- a/Core/test/qa-functional/src/org/sleuthkit/autopsy/testutils/CaseUtils.java +++ b/Core/test/qa-functional/src/org/sleuthkit/autopsy/testutils/CaseUtils.java @@ -92,21 +92,13 @@ public final class CaseUtils { String caseDirectory = currentCase.getCaseDirectory(); try { Case.closeCurrentCase(); -<<<<<<< HEAD - if (deleteCase) { - FileUtils.deleteDirectory(new File(caseDirectory)); -======= if(deleteCase && !FileUtil.deleteDir(new File(caseDirectory))){ Assert.fail(String.format("Failed to delete case directory for case %s at %s", caseName, caseDirectory)); ->>>>>>> upstream/develop } } catch (CaseActionException ex) { Exceptions.printStackTrace(ex); Assert.fail(String.format("Failed to close case %s at %s: %s", caseName, caseDirectory, ex.getMessage())); - } catch (IOException ex) { - Exceptions.printStackTrace(ex); - Assert.fail(String.format("Failed to delete case directory for case %s at %s: %s", caseName, caseDirectory, ex.getMessage())); - } + } } /**