mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-06 21:00:22 +00:00
SeventZIP Updates: Use blackboard for type, report errors only on allocated files
This commit is contained in:
Brian Carrier
parent
268b9f84e4
commit
d3e9d4adc7
@ -326,6 +326,7 @@ public final class SevenZipIngestModule extends IngestModuleAbstractFile {
|
|||||||
int processedItems = 0;
|
int processedItems = 0;
|
||||||
|
|
||||||
String compressMethod = null;
|
String compressMethod = null;
|
||||||
|
boolean progressStarted = false;
|
||||||
try {
|
try {
|
||||||
stream = new SevenZipContentReadStream(new ReadContentInputStream(archiveFile));
|
stream = new SevenZipContentReadStream(new ReadContentInputStream(archiveFile));
|
||||||
inArchive = SevenZip.openInArchive(null, // autodetect archive type
|
inArchive = SevenZip.openInArchive(null, // autodetect archive type
|
||||||
@ -335,6 +336,7 @@ public final class SevenZipIngestModule extends IngestModuleAbstractFile {
|
|||||||
logger.log(Level.INFO, "Count of items in archive: " + archiveFile.getName() + ": "
|
logger.log(Level.INFO, "Count of items in archive: " + archiveFile.getName() + ": "
|
||||||
+ numItems);
|
+ numItems);
|
||||||
progress.start(numItems);
|
progress.start(numItems);
|
||||||
|
progressStarted = true;
|
||||||
|
|
||||||
final ISimpleInArchive simpleInArchive = inArchive.getSimpleInterface();
|
final ISimpleInArchive simpleInArchive = inArchive.getSimpleInterface();
|
||||||
|
|
||||||
@ -524,11 +526,12 @@ public final class SevenZipIngestModule extends IngestModuleAbstractFile {
|
|||||||
fullName = archiveFile.getName();
|
fullName = archiveFile.getName();
|
||||||
}
|
}
|
||||||
|
|
||||||
String msg = "Error unpacking " + archiveFile.getName();
|
// print a message if the file is allocated
|
||||||
String details = "Error unpacking (" +
|
if (archiveFile.isMetaFlagSet(TskData.TSK_FS_META_FLAG_ENUM.ALLOC)) {
|
||||||
(archiveFile.isMetaFlagSet(TskData.TSK_FS_META_FLAG_ENUM.ALLOC) ? "allocated" : "deleted") + ") " + fullName
|
String msg = "Error unpacking " + archiveFile.getName();
|
||||||
+ ". " + ex.getMessage();
|
String details = "Error unpacking " + fullName + ". " + ex.getMessage();
|
||||||
services.postMessage(IngestMessage.createErrorMessage(++messageID, instance, msg, details));
|
services.postMessage(IngestMessage.createErrorMessage(++messageID, instance, msg, details));
|
||||||
|
}
|
||||||
} finally {
|
} finally {
|
||||||
if (inArchive != null) {
|
if (inArchive != null) {
|
||||||
try {
|
try {
|
||||||
@ -547,7 +550,8 @@ public final class SevenZipIngestModule extends IngestModuleAbstractFile {
|
|||||||
}
|
}
|
||||||
|
|
||||||
//close progress bar
|
//close progress bar
|
||||||
progress.finish();
|
if (progressStarted)
|
||||||
|
progress.finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
//create artifact and send user message
|
//create artifact and send user message
|
||||||
@ -607,22 +611,36 @@ public final class SevenZipIngestModule extends IngestModuleAbstractFile {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private boolean isSupported(AbstractFile file) {
|
private boolean isSupported(AbstractFile file) {
|
||||||
String fileNameLower = file.getName().toLowerCase();
|
// see if it is on the list of extensions
|
||||||
int dotI = fileNameLower.lastIndexOf(".");
|
final String extension = file.getNameExtension();
|
||||||
if (dotI == -1 || dotI == fileNameLower.length() - 1) {
|
|
||||||
return false; //no extension
|
|
||||||
}
|
|
||||||
|
|
||||||
final String extension = fileNameLower.substring(dotI + 1);
|
|
||||||
for (int i = 0; i < SUPPORTED_EXTENSIONS.length; ++i) {
|
for (int i = 0; i < SUPPORTED_EXTENSIONS.length; ++i) {
|
||||||
if (extension.equals(SUPPORTED_EXTENSIONS[i])) {
|
if (extension.equals(SUPPORTED_EXTENSIONS[i])) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// if no extension match, check the blackboard for the file type
|
||||||
|
boolean attributeFound = false;
|
||||||
|
try {
|
||||||
|
ArrayList<BlackboardAttribute> attributes = file.getGenInfoAttributes(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_FILE_TYPE_SIG);
|
||||||
|
for (BlackboardAttribute attribute : attributes) {
|
||||||
|
attributeFound = true;
|
||||||
|
String fileType = attribute.getValueString();
|
||||||
|
if (!fileType.isEmpty() && fileType.equals("application/zip")) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch (TskCoreException ex) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
//if no extension match, check for zip signature
|
// if no blackboard entry for file type, do it manually for ZIP files:
|
||||||
//(note, in near future, we will use pre-detected content type)
|
if (attributeFound) {
|
||||||
return isZipFileHeader(file);
|
return false;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return isZipFileHeader(file);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user