Merge pull request #4447 from dgrove727/4579_ZipBombTestFix

Tweaked SevenZipExtractor; uncommented test.
2025-07-09 06:39:33 +00:00 · 2019-01-10 13:10:54 -05:00 · 2019-01-10 13:10:54 -05:00 · f3785cc1c1
commit f3785cc1c1
parent 2b8ac431a9 1d5815030d
2 changed files with 47 additions and 47 deletions
--- a/Core/src/org/sleuthkit/autopsy/modules/embeddedfileextractor/SevenZipExtractor.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/embeddedfileextractor/SevenZipExtractor.java
@ -1,7 +1,7 @@
 /*
 * Autopsy Forensic Browser
 *
- * Copyright 2013-2018 Basis Technology Corp.
+ * Copyright 2013-2019 Basis Technology Corp.
 * Contact: carrier <at> sleuthkit <dot> org
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
@ -258,7 +258,7 @@ class SevenZipExtractor {
            org.sleuthkit.datamodel.Blackboard tskBlackboard = tskCase.getBlackboard();
            // Create artifact if it doesn't already exist.
            if (!tskBlackboard.artifactExists(archiveFile, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, attributes)) {
-                BlackboardArtifact artifact = archiveFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT);
+                BlackboardArtifact artifact = rootArchive.getArchiveFile().newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT);
                artifact.addAttributes(attributes);
                try {
--- a/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java
+++ b/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java
@ -90,51 +90,51 @@ public class EmbeddedFileTest extends NbTestCase {
        CaseUtils.closeCurrentCase();
    }
-//    public void testEncryptionAndZipBomb() {
+    public void testEncryptionAndZipBomb() {
-//        try {
+        try {
-//            List<AbstractFile> results = openCase.getSleuthkitCase().findAllFilesWhere("name LIKE '%%'");
+            List<AbstractFile> results = openCase.getSleuthkitCase().findAllFilesWhere("name LIKE '%%'");
-//            final String zipBombSetName = "Possible Zip Bomb";
+            final String zipBombSetName = "Possible Zip Bomb";
-//            final String protectedName1 = "password_protected.zip";
+            final String protectedName1 = "password_protected.zip";
-//            final String protectedName2 = "level1_protected.zip";
+            final String protectedName2 = "level1_protected.zip";
-//            final String protectedName3 = "42.zip";
+            final String protectedName3 = "42.zip";
-//            final String depthZipBomb = "DepthTriggerZipBomb.zip";
+            final String depthZipBomb = "DepthTriggerZipBomb.zip";
-//            final String ratioZipBomb = "RatioTriggerZipBomb.zip";
+            final String ratioZipBomb = "RatioTriggerZipBomb.zip";
-//            int zipBombs = 0;
+            int zipBombs = 0;
-//            assertEquals("The number of files in the test image has changed", 2221, results.size());
+            assertEquals("The number of files in the test image has changed", 2221, results.size());
-//            int passwdProtectedZips = 0;
+            int passwdProtectedZips = 0;
-//            for (AbstractFile file : results) {
+            for (AbstractFile file : results) {
-//                //.zip file has artifact TSK_ENCRYPTION_DETECTED
+                //.zip file has artifact TSK_ENCRYPTION_DETECTED
-//                if (file.getName().equalsIgnoreCase(protectedName1) || file.getName().equalsIgnoreCase(protectedName2) || file.getName().equalsIgnoreCase(protectedName3)) {
+                if (file.getName().equalsIgnoreCase(protectedName1) || file.getName().equalsIgnoreCase(protectedName2) || file.getName().equalsIgnoreCase(protectedName3)) {
-//                    ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
+                    ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
-//                    assertEquals("Password protected zip file " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
+                    assertEquals("Password protected zip file " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
-//                    for (BlackboardArtifact artifact : artifacts) {
+                    for (BlackboardArtifact artifact : artifacts) {
-//                        assertEquals("Artifact for password protected zip file " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID());
+                        assertEquals("Artifact for password protected zip file " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID());
-//                        passwdProtectedZips++;
+                        passwdProtectedZips++;
-//                    }
+                    }
-//                } else if (file.getName().equalsIgnoreCase(depthZipBomb) || file.getName().equalsIgnoreCase(ratioZipBomb)) {
+                } else if (file.getName().equalsIgnoreCase(depthZipBomb) || file.getName().equalsIgnoreCase(ratioZipBomb)) {
-//                    ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
+                    ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
-//                    assertEquals("Zip bomb " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
+                    assertEquals("Zip bomb " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
-//                    for (BlackboardArtifact artifact : artifacts) {
+                    for (BlackboardArtifact artifact : artifacts) {
-//                        assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID());
+                        assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID());
-//                        BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME));
+                        BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME));
-//                        assertNotNull("No attribute found for artifact on zip bomb " + file.getName(), attribute);
+                        assertNotNull("No attribute found for artifact on zip bomb " + file.getName(), attribute);
-//                        assertEquals("Interesting artifact on file, " + file.getName() + ", does not reflect it being a zip bomb", zipBombSetName, attribute.getDisplayString());
+                        assertEquals("Interesting artifact on file, " + file.getName() + ", does not reflect it being a zip bomb", zipBombSetName, attribute.getDisplayString());
-//                        zipBombs++;
+                        zipBombs++;
-//                    }
+                    }
-//                } else {//No other files have artifact defined
+                } else {//No other files have artifact defined
-//                    assertEquals("Unexpected file, " + file.getName() + ", has artifacts", 0, file.getAllArtifacts().size());
+                    assertEquals("Unexpected file, " + file.getName() + ", has artifacts", 0, file.getAllArtifacts().size());
-//                }
+                }
-//
+
-//            }
+            }
-//            //Make sure 3 password protected zip files have been tested: password_protected.zip, level1_protected.zip and 42.zip that we download for bomb testing.
+            //Make sure 3 password protected zip files have been tested: password_protected.zip, level1_protected.zip and 42.zip that we download for bomb testing.
-//            assertEquals("Unexpected number of artifacts reflecting password protected zip files found", 3, passwdProtectedZips);
+            assertEquals("Unexpected number of artifacts reflecting password protected zip files found", 3, passwdProtectedZips);
-//            //Make sure 2 zip bomb files have been tested: DepthTriggerZipBomb.zip and RatioTriggerZipBomb.zip.
+            //Make sure 2 zip bomb files have been tested: DepthTriggerZipBomb.zip and RatioTriggerZipBomb.zip.
-//            assertEquals("Unexpected number of artifacts reflecting zip bombs found", 2, zipBombs);
+            assertEquals("Unexpected number of artifacts reflecting zip bombs found", 2, zipBombs);
-//        } catch (TskCoreException ex) {
+        } catch (TskCoreException ex) {
-//            Exceptions.printStackTrace(ex);
+            Exceptions.printStackTrace(ex);
-//            Assert.fail(ex.getMessage());
+            Assert.fail(ex.getMessage());
-//        }
+        }
-//    }
+    }
    public void testBigFolder() {
        final int numOfFilesToTest = 1000;