From 29457dc68612c7b38712930aae2fcc7dbb1b1661 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 2 Jul 2023 19:53:24 -0400 Subject: [PATCH 1/2] remove quotes around path for exec --- .../modules/leappanalyzers/ALeappAnalyzerIngestModule.java | 4 ++-- .../modules/leappanalyzers/ILeappAnalyzerIngestModule.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java index d9f673ac36..5d9a60e5fd 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java @@ -289,7 +289,7 @@ public class ALeappAnalyzerIngestModule implements DataSourceIngestModule { private ProcessBuilder buildaLeappCommand(Path moduleOutputPath, String sourceFilePath, String aLeappFileSystemType) { ProcessBuilder processBuilder = buildProcessWithRunAsInvoker( - "\"" + aLeappExecutable + "\"", //NON-NLS + aLeappExecutable.getAbsolutePath(), //NON-NLS "-t", aLeappFileSystemType, //NON-NLS "-i", sourceFilePath, //NON-NLS "-o", moduleOutputPath.toString(), @@ -303,7 +303,7 @@ public class ALeappAnalyzerIngestModule implements DataSourceIngestModule { private ProcessBuilder buildaLeappListCommand(Path moduleOutputPath) { ProcessBuilder processBuilder = buildProcessWithRunAsInvoker( - "\"" + aLeappExecutable + "\"", //NON-NLS + aLeappExecutable.getAbsolutePath(), //NON-NLS "-p" ); processBuilder.redirectError(moduleOutputPath.resolve("aLeapp_paths_error.txt").toFile()); //NON-NLS diff --git a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java index 4d8328ce3d..0ab6e792c6 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java @@ -289,7 +289,7 @@ public class ILeappAnalyzerIngestModule implements DataSourceIngestModule { private ProcessBuilder buildiLeappCommand(Path moduleOutputPath, String sourceFilePath, String iLeappFileSystemType) { ProcessBuilder processBuilder = buildProcessWithRunAsInvoker( - "\"" + iLeappExecutable + "\"", //NON-NLS + iLeappExecutable.getAbsolutePath(), //NON-NLS "-t", iLeappFileSystemType, //NON-NLS "-i", sourceFilePath, //NON-NLS "-o", moduleOutputPath.toString() @@ -309,7 +309,7 @@ public class ILeappAnalyzerIngestModule implements DataSourceIngestModule { private ProcessBuilder buildiLeappListCommand(Path moduleOutputPath) { ProcessBuilder processBuilder = buildProcessWithRunAsInvoker( - "\"" + iLeappExecutable + "\"", //NON-NLS + iLeappExecutable.getAbsolutePath(), //NON-NLS "-p" ); processBuilder.redirectError(moduleOutputPath.resolve("iLeapp_paths_error.txt").toFile()); //NON-NLS From 490f88d4e78c284d44d141fa98479547617f5fba Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 3 Jul 2023 07:55:29 -0400 Subject: [PATCH 2/2] set working directory for leapp processes --- .../modules/leappanalyzers/ALeappAnalyzerIngestModule.java | 3 +++ .../modules/leappanalyzers/ILeappAnalyzerIngestModule.java | 3 +++ 2 files changed, 6 insertions(+) diff --git a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java index 5d9a60e5fd..1332ff40cd 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ALeappAnalyzerIngestModule.java @@ -295,6 +295,7 @@ public class ALeappAnalyzerIngestModule implements DataSourceIngestModule { "-o", moduleOutputPath.toString(), "-w" ); + processBuilder.directory(moduleOutputPath.toFile()); processBuilder.redirectError(moduleOutputPath.resolve("aLeapp_err.txt").toFile()); //NON-NLS processBuilder.redirectOutput(moduleOutputPath.resolve("aLeapp_out.txt").toFile()); //NON-NLS return processBuilder; @@ -306,6 +307,8 @@ public class ALeappAnalyzerIngestModule implements DataSourceIngestModule { aLeappExecutable.getAbsolutePath(), //NON-NLS "-p" ); + // leapp process creates a text file in addition to outputting to stdout. + processBuilder.directory(moduleOutputPath.toFile()); processBuilder.redirectError(moduleOutputPath.resolve("aLeapp_paths_error.txt").toFile()); //NON-NLS processBuilder.redirectOutput(moduleOutputPath.resolve("aLeapp_paths.txt").toFile()); //NON-NLS return processBuilder; diff --git a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java index 0ab6e792c6..f522d2fdd1 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/leappanalyzers/ILeappAnalyzerIngestModule.java @@ -294,6 +294,7 @@ public class ILeappAnalyzerIngestModule implements DataSourceIngestModule { "-i", sourceFilePath, //NON-NLS "-o", moduleOutputPath.toString() ); + processBuilder.directory(moduleOutputPath.toFile()); processBuilder.redirectError(moduleOutputPath.resolve("iLeapp_err.txt").toFile()); //NON-NLS processBuilder.redirectOutput(moduleOutputPath.resolve("iLeapp_out.txt").toFile()); //NON-NLS return processBuilder; @@ -312,6 +313,8 @@ public class ILeappAnalyzerIngestModule implements DataSourceIngestModule { iLeappExecutable.getAbsolutePath(), //NON-NLS "-p" ); + // leapp process also outputs a file to the working directory in addition to stdout. + processBuilder.directory(moduleOutputPath.toFile()); processBuilder.redirectError(moduleOutputPath.resolve("iLeapp_paths_error.txt").toFile()); //NON-NLS processBuilder.redirectOutput(moduleOutputPath.resolve("iLeapp_paths.txt").toFile()); //NON-NLS return processBuilder;