Skip to content

B
binwalk
Commit 8f607bfe by devttys0
Options

Fixed cpio plugin bugs

parent 371f366d
Showing with 13 additions and 2 deletions
src/binwalk/modules/extractor.py
...@@ -369,6 +369,7 @@ class Extractor(Module): ...@@ -369,6 +369,7 @@ class Extractor(Module):
original_dir = os.getcwd() original_dir = os.getcwd()
rules = self.match(description) rules = self.match(description)
file_path = os.path.realpath(file_name) file_path = os.path.realpath(file_name)
# Don't recurse by default; any successful extraction rule will override this.
recurse = True recurse = True
# No extraction rules for this file # No extraction rules for this file
......
src/binwalk/plugins/cpio.py
...@@ -13,6 +13,8 @@ class CPIOPlugin(binwalk.core.plugin.Plugin): ...@@ -13,6 +13,8 @@ class CPIOPlugin(binwalk.core.plugin.Plugin):
MODULES = ['Signature'] MODULES = ['Signature']
def init(self): def init(self):
self.consecutive_hits = 0
if self.module.extractor.enabled: if self.module.extractor.enabled:
self.module.extractor.add_rule(regex="^ascii cpio archive", self.module.extractor.add_rule(regex="^ascii cpio archive",
extension="cpio", extension="cpio",
...@@ -49,7 +51,7 @@ class CPIOPlugin(binwalk.core.plugin.Plugin): ...@@ -49,7 +51,7 @@ class CPIOPlugin(binwalk.core.plugin.Plugin):
fpin.close() fpin.close()
fperr.close() fperr.close()
if result == 0: if result in [0, 2]:
return True return True
else: else:
return False return False
...@@ -65,6 +67,8 @@ class CPIOPlugin(binwalk.core.plugin.Plugin): ...@@ -65,6 +67,8 @@ class CPIOPlugin(binwalk.core.plugin.Plugin):
# Displaying each entry is useful, as it shows what files are contained in the archive, # Displaying each entry is useful, as it shows what files are contained in the archive,
# but we only want to extract the archive when the first entry is found. # but we only want to extract the archive when the first entry is found.
if result.description.startswith('ASCII cpio archive'): if result.description.startswith('ASCII cpio archive'):
self.consecutive_hits += 1
if not self.found_archive or self.found_archive_in_file != result.file.name: if not self.found_archive or self.found_archive_in_file != result.file.name:
# This is the first entry. Set found_archive and allow the scan to continue normally. # This is the first entry. Set found_archive and allow the scan to continue normally.
self.found_archive_in_file = result.file.name self.found_archive_in_file = result.file.name
...@@ -74,13 +78,19 @@ class CPIOPlugin(binwalk.core.plugin.Plugin): ...@@ -74,13 +78,19 @@ class CPIOPlugin(binwalk.core.plugin.Plugin):
# This is the last entry, un-set found_archive. # This is the last entry, un-set found_archive.
self.found_archive = False self.found_archive = False
result.extract = False result.extract = False
self.consecutive_hits = 0
else: else:
# The first entry has already been found and this is not the last entry, or the last entry # The first entry has already been found and this is not the last entry, or the last entry
# has not yet been found. Don't extract. # has not yet been found. Don't extract.
result.extract = False result.extract = False
else: elif self.consecutive_hits < 4:
# If this was a valid non-CPIO archive result, reset these values; else, a previous # If this was a valid non-CPIO archive result, reset these values; else, a previous
# false positive CPIO result could leave these set, causing a subsequent valid CPIO # false positive CPIO result could leave these set, causing a subsequent valid CPIO
# result to not be extracted. # result to not be extracted.
self.found_archive = False self.found_archive = False
self.found_archive_in_file = None self.found_archive_in_file = None
self.consecutive_hits = 0
elif self.consecutive_hits >= 4:
# Ignore other stuff until the end of CPIO is found
# TODO: It would be better to jump to the end of this CPIO entry rather than make this assumption...
result.valid = False
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment