From 5fb9751c51c0be514d2715b07643e2ac698f9a4a Mon Sep 17 00:00:00 2001 From: Kelly Kelly Date: Tue, 22 Sep 2020 16:04:11 -0400 Subject: [PATCH 1/2] Add double quote to paths for varions ProcessBuilder commands --- .../autopsy/casemodule/LocalFilesDSProcessor.java | 6 +++--- .../casemodule/UnpackagePortableCaseProgressDialog.java | 4 ++-- .../ileappanalyzer/ILeappAnalyzerIngestModule.java | 4 ++-- .../photoreccarver/PhotoRecCarverFileIngestModule.java | 4 ++-- .../modules/pictureanalyzer/impls/HEICProcessor.java | 6 +++--- .../autopsy/modules/plaso/PlasoIngestModule.java | 8 ++++---- .../modules/portablecase/PortableCaseReportModule.java | 6 +++--- .../experimental/volatilityDSP/VolatilityProcessor.java | 4 ++-- .../org/sleuthkit/autopsy/recentactivity/ExtractEdge.java | 4 ++-- .../org/sleuthkit/autopsy/recentactivity/ExtractIE.java | 2 +- .../sleuthkit/autopsy/recentactivity/ExtractPrefetch.java | 6 +++--- .../sleuthkit/autopsy/recentactivity/ExtractRegistry.java | 2 +- .../org/sleuthkit/autopsy/recentactivity/ExtractSru.java | 4 ++-- 13 files changed, 30 insertions(+), 30 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/casemodule/LocalFilesDSProcessor.java b/Core/src/org/sleuthkit/autopsy/casemodule/LocalFilesDSProcessor.java index 4d5e3eac36..a1629609ce 100644 --- a/Core/src/org/sleuthkit/autopsy/casemodule/LocalFilesDSProcessor.java +++ b/Core/src/org/sleuthkit/autopsy/casemodule/LocalFilesDSProcessor.java @@ -193,7 +193,7 @@ public class LocalFilesDSProcessor implements DataSourceProcessor, AutoIngestDat List command = new ArrayList<>(); for (final String l01Path : logicalEvidenceFilePaths) { command.clear(); - command.add(ewfexportPath.toAbsolutePath().toString()); + command.add(String.format("\"%s\"", ewfexportPath.toAbsolutePath().toString())); command.add("-f"); command.add("files"); command.add("-t"); @@ -203,8 +203,8 @@ public class LocalFilesDSProcessor implements DataSourceProcessor, AutoIngestDat } Path dirPath = Paths.get(FilenameUtils.getBaseName(l01Path) + UNIQUENESS_CONSTRAINT_SEPERATOR + System.currentTimeMillis()); - command.add(dirPath.toString()); - command.add(l01Path); + command.add(String.format("\"%s\"", dirPath.toString())); + command.add(String.format("\"%s\"", l01Path)); ProcessBuilder processBuilder = new ProcessBuilder(command); processBuilder.directory(l01Dir); try { diff --git a/Core/src/org/sleuthkit/autopsy/casemodule/UnpackagePortableCaseProgressDialog.java b/Core/src/org/sleuthkit/autopsy/casemodule/UnpackagePortableCaseProgressDialog.java index b5f495806b..dd535b268d 100644 --- a/Core/src/org/sleuthkit/autopsy/casemodule/UnpackagePortableCaseProgressDialog.java +++ b/Core/src/org/sleuthkit/autopsy/casemodule/UnpackagePortableCaseProgressDialog.java @@ -173,10 +173,10 @@ class UnpackagePortableCaseProgressDialog extends javax.swing.JDialog implements throw new TskCoreException("Error finding 7-Zip executable"); // NON-NLS } - String outputFolderSwitch = "-o" + outputFolder; // NON-NLS + String outputFolderSwitch = "-o" + String.format("\"%s\"",outputFolder); // NON-NLS ProcessBuilder procBuilder = new ProcessBuilder(); procBuilder.command( - sevenZipExe.getAbsolutePath(), + String.format("\"%s\"",sevenZipExe.getAbsolutePath()), "x", // Extract packagedCase, outputFolderSwitch diff --git a/Core/src/org/sleuthkit/autopsy/modules/ileappanalyzer/ILeappAnalyzerIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/ileappanalyzer/ILeappAnalyzerIngestModule.java index 1651a32977..a0f18656c5 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/ileappanalyzer/ILeappAnalyzerIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/ileappanalyzer/ILeappAnalyzerIngestModule.java @@ -210,8 +210,8 @@ public class ILeappAnalyzerIngestModule implements DataSourceIngestModule { ProcessBuilder processBuilder = buildProcessWithRunAsInvoker( "\"" + iLeappExecutable + "\"", //NON-NLS "-t", iLeappFileSystemType, //NON-NLS - "-i", sourceFilePath, //NON-NLS - "-o", moduleOutputPath.toString() + "-i", String.format("\"%s\"",sourceFilePath), //NON-NLS + "-o", String.format("\"%s\"",moduleOutputPath.toString()) ); processBuilder.redirectError(moduleOutputPath.resolve("iLeapp_err.txt").toFile()); //NON-NLS processBuilder.redirectOutput(moduleOutputPath.resolve("iLeapp_out.txt").toFile()); //NON-NLS diff --git a/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java index 8052316ab8..040b7ce8b3 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java @@ -321,9 +321,9 @@ final class PhotoRecCarverFileIngestModule implements FileIngestModule { ProcessBuilder processAndSettings = new ProcessBuilder( executableFile.toString(), "/d", // NON-NLS - outputDirPath.toAbsolutePath().toString() + File.separator + PHOTOREC_RESULTS_BASE, + String.format("\"%s\"", Paths.get(outputDirPath.toAbsolutePath().toString(), PHOTOREC_RESULTS_BASE).toString()), "/cmd", // NON-NLS - tempFilePath.toFile().toString()); + String.format("\"%s\"",tempFilePath.toFile().toString())); processAndSettings.command().add(this.optionsString); diff --git a/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java b/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java index 8d4588aa98..25b76ee011 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java +++ b/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java @@ -188,9 +188,9 @@ public class HEICProcessor implements PictureProcessor { // Any additional images found within the HEIC container will be // formatted as fileName-1.jpg, fileName-2.jpg, etc. final ProcessBuilder processBuilder = new ProcessBuilder() - .command(IMAGE_MAGICK_PATH.toString(), - localDiskCopy.toString(), - outputFile.toString()); + .command(String.format("\"%s\"",IMAGE_MAGICK_PATH.toString()), + String.format("\"%s\"",localDiskCopy.toString()), + String.format("\"%s\"",outputFile.toString())); processBuilder.redirectError(imageMagickErrorOutput.toFile()); diff --git a/Core/src/org/sleuthkit/autopsy/modules/plaso/PlasoIngestModule.java b/Core/src/org/sleuthkit/autopsy/modules/plaso/PlasoIngestModule.java index d359332f84..d1838c2798 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/plaso/PlasoIngestModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/plaso/PlasoIngestModule.java @@ -235,8 +235,8 @@ public class PlasoIngestModule implements DataSourceIngestModule { "--parsers", "\"" + parsersString + "\"",//NON-NLS "--no_dependencies_check", //NON-NLS "--workers", String.valueOf(LOG2TIMELINE_WORKERS),//NON-NLS - moduleOutputPath.resolve(PLASO).toString(), - image.getPaths()[0] + String.format("\"%s\"",moduleOutputPath.resolve(PLASO).toString()), + String.format("\"%s\"",image.getPaths()[0]) ); processBuilder.redirectError(moduleOutputPath.resolve("log2timeline_err.txt").toFile()); //NON-NLS return processBuilder; @@ -256,8 +256,8 @@ public class PlasoIngestModule implements DataSourceIngestModule { ProcessBuilder processBuilder = buildProcessWithRunAsInvoker( "\"" + psortExecutable + "\"", //NON-NLS "-o", "4n6time_sqlite", //NON-NLS - "-w", moduleOutputPath.resolve("plasodb.db3").toString(), //NON-NLS - moduleOutputPath.resolve(PLASO).toString() + "-w", String.format("\"%s\"",moduleOutputPath.resolve("plasodb.db3").toString()), //NON-NLS + String.format("\"%s\"",moduleOutputPath.resolve(PLASO).toString()) ); processBuilder.redirectOutput(moduleOutputPath.resolve("psort_output.txt").toFile()); //NON-NLS diff --git a/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java b/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java index 83bfb2fdae..29dc530aa0 100644 --- a/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java +++ b/Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java @@ -1329,10 +1329,10 @@ public class PortableCaseReportModule implements ReportModule { File zipFile = Paths.get(tempZipFolder.getAbsolutePath(), caseName + ".zip").toFile(); // NON-NLS ProcessBuilder procBuilder = new ProcessBuilder(); procBuilder.command( - sevenZipExe.getAbsolutePath(), + String.format("\"%s\"",sevenZipExe.getAbsolutePath()), "a", // Add to archive - zipFile.getAbsolutePath(), - dirToCompress.toAbsolutePath().toString(), + String.format("\"%s\"",zipFile.getAbsolutePath()), + String.format("\"%s\"",dirToCompress.toAbsolutePath().toString()), chunkOption ); diff --git a/Experimental/src/org/sleuthkit/autopsy/experimental/volatilityDSP/VolatilityProcessor.java b/Experimental/src/org/sleuthkit/autopsy/experimental/volatilityDSP/VolatilityProcessor.java index 9282362c1c..d68493e59a 100644 --- a/Experimental/src/org/sleuthkit/autopsy/experimental/volatilityDSP/VolatilityProcessor.java +++ b/Experimental/src/org/sleuthkit/autopsy/experimental/volatilityDSP/VolatilityProcessor.java @@ -196,7 +196,7 @@ class VolatilityProcessor { List commandLine = new ArrayList<>(); commandLine.add("\"" + executableFile + "\""); //NON-NLS File memoryImage = new File(memoryImagePath); - commandLine.add("--filename=" + memoryImage.getName()); //NON-NLS + commandLine.add("--filename=" + String.format("\"%s\"",memoryImage.getName())); //NON-NLS if (!profile.isEmpty()) { commandLine.add("--profile=" + profile); //NON-NLS } @@ -213,7 +213,7 @@ class VolatilityProcessor { if (!directory.exists()) { directory.mkdirs(); } - commandLine.add("--dump-dir=" + outputDir); //NON-NLS + commandLine.add("--dump-dir=" + String.format("\"%s\"",outputDir)); //NON-NLS break; default: break; diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractEdge.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractEdge.java index aeb2b27954..d9f8278a1b 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractEdge.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractEdge.java @@ -575,10 +575,10 @@ final class ExtractEdge extends Extract { List commandLine = new ArrayList<>(); commandLine.add(dumperPath); commandLine.add("/table"); //NON-NLS - commandLine.add(inputFilePath); + commandLine.add(String.format("\"%s\"",inputFilePath)); commandLine.add("*"); //NON-NLS commandLine.add("/scomma"); //NON-NLS - commandLine.add(outputDir + "\\" + "*.csv"); //NON-NLS + commandLine.add(String.format("\"%s\"",outputDir + "\\" + "*.csv")); //NON-NLS ProcessBuilder processBuilder = new ProcessBuilder(commandLine); processBuilder.redirectOutput(outputFilePath.toFile()); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java index d128c09dc7..576a02a393 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java @@ -400,7 +400,7 @@ class ExtractIE extends Extract { List commandLine = new ArrayList<>(); commandLine.add(JAVA_PATH); commandLine.add("-cp"); //NON-NLS - commandLine.add(PASCO_LIB_PATH); + commandLine.add(String.format("\"%s\"",PASCO_LIB_PATH)); commandLine.add("isi.pasco2.Main"); //NON-NLS commandLine.add("-T"); //NON-NLS commandLine.add("history"); //NON-NLS diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractPrefetch.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractPrefetch.java index 4771b76223..88f0019209 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractPrefetch.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractPrefetch.java @@ -177,9 +177,9 @@ final class ExtractPrefetch extends Extract { final Path errFilePath = Paths.get(tempOutPath, PREFETCH_ERROR_FILE_NAME); List commandLine = new ArrayList<>(); - commandLine.add(prefetchExePath); - commandLine.add(prefetchDir); //NON-NLS - commandLine.add(tempOutFile); + commandLine.add(String.format("\"%s\"",prefetchExePath)); + commandLine.add(String.format("\"%s\"",prefetchDir)); //NON-NLS + commandLine.add(String.format("\"%s\"",tempOutFile)); ProcessBuilder processBuilder = new ProcessBuilder(commandLine); processBuilder.redirectOutput(outputFilePath.toFile()); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java index 9d232cdc84..d4cf0e9c66 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java @@ -472,7 +472,7 @@ class ExtractRegistry extends Extract { commandLine.add(cmd); } commandLine.add("-r"); //NON-NLS - commandLine.add(hiveFilePath); + commandLine.add(String.format("\"%s\"",hiveFilePath)); commandLine.add("-f"); //NON-NLS commandLine.add(hiveFileType); diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java index fb85593953..2f6cf0a303 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSru.java @@ -247,10 +247,10 @@ final class ExtractSru extends Extract { final Path errFilePath = Paths.get(tempOutPath, SRU_ERROR_FILE_NAME); List commandLine = new ArrayList<>(); - commandLine.add(sruExePath); + commandLine.add(String.format("\"%s\"",sruExePath)); commandLine.add(sruFile); //NON-NLS commandLine.add(softwareHiveFile); - commandLine.add(tempOutFile); + commandLine.add(String.format("\"%s\"",tempOutFile)); ProcessBuilder processBuilder = new ProcessBuilder(commandLine); processBuilder.redirectOutput(outputFilePath.toFile()); From 46066168479f5065c2ae4b4468c579807d322743 Mon Sep 17 00:00:00 2001 From: Kelly Kelly Date: Wed, 23 Sep 2020 11:14:57 -0400 Subject: [PATCH 2/2] Modify timeout that HEICProcessor uses --- .../modules/pictureanalyzer/impls/HEICProcessor.java | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java b/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java index 25b76ee011..0b3296be97 100755 --- a/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java +++ b/Core/src/org/sleuthkit/autopsy/modules/pictureanalyzer/impls/HEICProcessor.java @@ -48,6 +48,7 @@ import org.sleuthkit.autopsy.coreutils.ExecUtil; import org.sleuthkit.autopsy.coreutils.FileUtil; import org.sleuthkit.autopsy.coreutils.Logger; import org.sleuthkit.autopsy.coreutils.PlatformUtil; +import org.sleuthkit.autopsy.ingest.FileIngestModuleProcessTerminator; import org.sleuthkit.autopsy.ingest.IngestJobContext; import org.sleuthkit.autopsy.ingest.IngestServices; import org.sleuthkit.autopsy.ingest.ModuleContentEvent; @@ -71,7 +72,7 @@ public class HEICProcessor implements PictureProcessor { private static final int EXIT_SUCCESS = 0; private static final String HEIC_MODULE_FOLDER = "HEIC"; - private static final long TIMEOUT_IN_MS = TimeUnit.MILLISECONDS.convert(2, TimeUnit.MINUTES); + private static final long TIMEOUT_IN_SEC = TimeUnit.SECONDS.convert(2, TimeUnit.MINUTES); // Windows location private static final String IMAGE_MAGICK_FOLDER = "ImageMagick-7.0.10-27-portable-Q16-x64"; @@ -194,10 +195,7 @@ public class HEICProcessor implements PictureProcessor { processBuilder.redirectError(imageMagickErrorOutput.toFile()); - final long startTime = System.currentTimeMillis(); - final int exitStatus = ExecUtil.execute(processBuilder, () -> { - return context.fileIngestIsCancelled() || System.currentTimeMillis() - startTime >= TIMEOUT_IN_MS; - }); + final int exitStatus = ExecUtil.execute(processBuilder, new FileIngestModuleProcessTerminator(context, TIMEOUT_IN_SEC)); if (context.fileIngestIsCancelled()) { return;