mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-12 16:06:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4380 from wschaeferB/4535-FixSevenzipDeDupe

Browse Source 
4535 change path used for detection of existing files to not include data source
This commit is contained in:
Richard Cordovano 2018-12-14 15:33:26 -05:00 committed by GitHub
commit c63d0676b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
Core/src/org/sleuthkit/autopsy/modules/embeddedfileextractor/SevenZipExtractor.java
View File

@ -185,10 +185,10 @@ class SevenZipExtractor {
//As a result, many corrupted files have wonky compression ratios and could flood the UI //As a result, many corrupted files have wonky compression ratios and could flood the UI
//with false zip bomb notifications. The decision was made to skip compression ratio checks //with false zip bomb notifications. The decision was made to skip compression ratio checks
//for unallocated zip files. Instead, we let the depth be an indicator of a zip bomb. //for unallocated zip files. Instead, we let the depth be an indicator of a zip bomb.
if(archiveFile.isMetaFlagSet(TskData.TSK_FS_META_FLAG_ENUM.UNALLOC)) { if (archiveFile.isMetaFlagSet(TskData.TSK_FS_META_FLAG_ENUM.UNALLOC)) {
return false; return false;
} }
try { try {
final Long archiveItemSize = (Long) inArchive.getProperty( final Long archiveItemSize = (Long) inArchive.getProperty(
inArchiveItemIndex, PropID.SIZE); inArchiveItemIndex, PropID.SIZE);
@ -253,14 +253,14 @@ class SevenZipExtractor {
attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COMMENT, attributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_COMMENT,
EmbeddedFileExtractorModuleFactory.getModuleName(), EmbeddedFileExtractorModuleFactory.getModuleName(),
details)); details));
SleuthkitCase tskCase = Case.getCurrentCaseThrows().getSleuthkitCase(); SleuthkitCase tskCase = Case.getCurrentCaseThrows().getSleuthkitCase();
org.sleuthkit.datamodel.Blackboard tskBlackboard = tskCase.getBlackboard(); org.sleuthkit.datamodel.Blackboard tskBlackboard = tskCase.getBlackboard();
// Create artifact if it doesn't already exist. // Create artifact if it doesn't already exist.
if (!tskBlackboard.artifactExists(archiveFile, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, attributes)) { if (!tskBlackboard.artifactExists(archiveFile, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, attributes)) {
BlackboardArtifact artifact = archiveFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT); BlackboardArtifact artifact = archiveFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT);
artifact.addAttributes(attributes); artifact.addAttributes(attributes);
try { try {
// index the artifact for keyword search // index the artifact for keyword search
blackboard.indexArtifact(artifact); blackboard.indexArtifact(artifact);
@ -269,9 +269,9 @@ class SevenZipExtractor {
MessageNotifyUtil.Notify.error( MessageNotifyUtil.Notify.error(
Bundle.SevenZipExtractor_indexError_message(), artifact.getDisplayName()); Bundle.SevenZipExtractor_indexError_message(), artifact.getDisplayName());
} }
services.postMessage(IngestMessage.createWarningMessage(EmbeddedFileExtractorModuleFactory.getModuleName(), msg, details)); services.postMessage(IngestMessage.createWarningMessage(EmbeddedFileExtractorModuleFactory.getModuleName(), msg, details));
services.fireModuleDataEvent(new ModuleDataEvent(EmbeddedFileExtractorModuleFactory.getModuleName(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT)); services.fireModuleDataEvent(new ModuleDataEvent(EmbeddedFileExtractorModuleFactory.getModuleName(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT));
} }
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
@ -370,11 +370,7 @@ class SevenZipExtractor {
* @return the archiveFilePath to be used by the unpack method * @return the archiveFilePath to be used by the unpack method
*/ */
private String getArchiveFilePath(AbstractFile archiveFile) { private String getArchiveFilePath(AbstractFile archiveFile) {
try { return archiveFile.getParentPath() + archiveFile.getName();
return archiveFile.getUniquePath();
} catch (TskCoreException ex) {
return archiveFile.getParentPath() + archiveFile.getName();
}
} }
/** /**
@ -808,37 +804,37 @@ class SevenZipExtractor {
.mapToInt(Integer::intValue) .mapToInt(Integer::intValue)
.toArray(); .toArray();
} }
/** /**
* UnpackStream used by the SevenZipBindings to do archive extraction. A memory * UnpackStream used by the SevenZipBindings to do archive extraction. A
* leak exists in the SevenZip library that will not let go of the streams until * memory leak exists in the SevenZip library that will not let go of the
* the entire archive extraction is complete. Instead of creating a new UnpackStream * streams until the entire archive extraction is complete. Instead of
* for every file in the archive, instead we just rebase our EncodedFileOutputStream pointer * creating a new UnpackStream for every file in the archive, instead we
* for every new file. * just rebase our EncodedFileOutputStream pointer for every new file.
*/ */
private final static class UnpackStream implements ISequentialOutStream { private final static class UnpackStream implements ISequentialOutStream {
private EncodedFileOutputStream output; private EncodedFileOutputStream output;
private String localAbsPath; private String localAbsPath;
private int bytesWritten; private int bytesWritten;
UnpackStream(String localAbsPath) throws IOException { UnpackStream(String localAbsPath) throws IOException {
this.output = new EncodedFileOutputStream(new FileOutputStream(localAbsPath), TskData.EncodingType.XOR1); this.output = new EncodedFileOutputStream(new FileOutputStream(localAbsPath), TskData.EncodingType.XOR1);
this.localAbsPath = localAbsPath; this.localAbsPath = localAbsPath;
this.bytesWritten = 0; this.bytesWritten = 0;
} }
public void setNewOutputStream(String localAbsPath) throws IOException { public void setNewOutputStream(String localAbsPath) throws IOException {
this.output.close(); this.output.close();
this.output = new EncodedFileOutputStream(new FileOutputStream(localAbsPath), TskData.EncodingType.XOR1); this.output = new EncodedFileOutputStream(new FileOutputStream(localAbsPath), TskData.EncodingType.XOR1);
this.localAbsPath = localAbsPath; this.localAbsPath = localAbsPath;
this.bytesWritten = 0; this.bytesWritten = 0;
} }
public int getSize() { public int getSize() {
return bytesWritten; return bytesWritten;
} }
@Override @Override
public int write(byte[] bytes) throws SevenZipException { public int write(byte[] bytes) throws SevenZipException {
try { try {
@ -846,19 +842,19 @@ class SevenZipExtractor {
this.bytesWritten += bytes.length; this.bytesWritten += bytes.length;
} catch (IOException ex) { } catch (IOException ex) {
throw new SevenZipException( throw new SevenZipException(
NbBundle.getMessage(SevenZipExtractor.class, NbBundle.getMessage(SevenZipExtractor.class,
"EmbeddedFileExtractorIngestModule.ArchiveExtractor.UnpackStream.write.exception.msg", "EmbeddedFileExtractorIngestModule.ArchiveExtractor.UnpackStream.write.exception.msg",
localAbsPath), ex); localAbsPath), ex);
} }
return bytes.length; return bytes.length;
} }
public void close() throws IOException { public void close() throws IOException {
try(EncodedFileOutputStream out = output) { try (EncodedFileOutputStream out = output) {
out.flush(); out.flush();
} }
} }
} }
/** /**
@ -955,7 +951,7 @@ class SevenZipExtractor {
final String localAbsPath = archiveDetailsMap.get( final String localAbsPath = archiveDetailsMap.get(
inArchiveItemIndex).getLocalAbsPath(); inArchiveItemIndex).getLocalAbsPath();
//If the Unpackstream has been allocated, then set the Outputstream //If the Unpackstream has been allocated, then set the Outputstream
//to another file rather than creating a new unpack stream. The 7Zip //to another file rather than creating a new unpack stream. The 7Zip
//binding has a memory leak, so creating new unpack streams will not be //binding has a memory leak, so creating new unpack streams will not be