diff --git a/README.md b/README.md index e1f97e66..971e78a1 100644 --- a/README.md +++ b/README.md @@ -26,8 +26,7 @@ following packages alongside sflock. It is currently not possible to run the unpackers that require native tooling support on non-Linux platforms. ```bash -$ sudo apt-get install p7zip-full rar unace-nonfree cabextract libjpeg8-dev zlib1g-dev - +$ sudo apt-get install p7zip-full rar unace-nonfree cabextract lzip libjpeg8-dev zlib1g-dev ``` Installation of sflock itself may be done as follows. @@ -82,6 +81,7 @@ SFlock supports a number of (semi-)archive types, sorted by extension: * .gzip (gzip compressed data, `requires native tooling`) * .iso (ISO file container, `requires native tooling`) * .lzh (LZH/LHA archive, `requires native tooling`) +* .lz (Lzip compressed data, `requires native tooling`) * .msg (Outlook mail message) * .mso (Microsoft Office Macro reference file) * .pdf (Attachments embedded in PDF files) diff --git a/sflock/data/zipjail.elf b/sflock/data/zipjail.elf index b69b4c1c..6472f6bd 100755 Binary files a/sflock/data/zipjail.elf and b/sflock/data/zipjail.elf differ diff --git a/sflock/unpack/ace.py b/sflock/unpack/ace.py index 0e031e59..96229a12 100644 --- a/sflock/unpack/ace.py +++ b/sflock/unpack/ace.py @@ -22,13 +22,13 @@ def unpack(self, password=None, duplicates=None): dirpath = tempfile.mkdtemp() original_path = self.f.filepath if self.f.filepath: - if not self.f.filepath.endswith(".ace"): - os.rename(self.f.filepath, self.f.filepath+".ace") - self.f.filepath = self.f.filepath+".ace" + if not self.f.filepath.endswith(b".ace"): + os.rename(self.f.filepath, self.f.filepath + b".ace") + self.f.filepath = self.f.filepath + b".ace" filepath = os.path.abspath(self.f.filepath) temporary = False else: - filepath = self.f.temp_path(".ace") + filepath = self.f.temp_path(b".ace") temporary = True ret = self.zipjail( diff --git a/sflock/unpack/lzip.py b/sflock/unpack/lzip.py new file mode 100644 index 00000000..e7b09fc0 --- /dev/null +++ b/sflock/unpack/lzip.py @@ -0,0 +1,32 @@ +import os +import tempfile + +from sflock.abstracts import Unpacker + + +class LzipFile(Unpacker): + name = "lzip" + exe = "/usr/bin/lzip" + exts = b".lz" + magic = "lzip compressed data, version: 1" + + def unpack(self, password=None, duplicates=None): + dirpath = tempfile.mkdtemp() + + if self.f.filepath: + filepath = self.f.filepath + temporary = False + else: + filepath = self.f.temp_path() + temporary = True + + ret = self.zipjail( + filepath, os.path.dirname(filepath), "-d", filepath + ) + if not ret: + return [] + + if temporary: + os.unlink(filepath) + + return self.process_directory(dirpath, duplicates, password) diff --git a/sflock/unpack/zip7.py b/sflock/unpack/zip7.py index 214a9299..19c74eed 100644 --- a/sflock/unpack/zip7.py +++ b/sflock/unpack/zip7.py @@ -54,7 +54,7 @@ def unpack(self, password="infected", duplicates=None): class Zip7File(Unpacker): name = "7zfile" exe = "/usr/bin/7z" - exts = b".7z", b".iso", b".xz" + exts = b".7z", b".iso", b".udf", b".xz" # TODO Should we use "isoparser" (check PyPI) instead of 7z? magic = "7-zip archive", "ISO 9660", "UDF filesystem data", "XZ compressed data" @@ -81,7 +81,7 @@ def unpack(self, password="infected", duplicates=None): class GzipFile(Unpacker): name = "gzipfile" exe = "/usr/bin/7z" - exts = b".gzip" + exts = b".gzip", b".gz" magic = "gzip compressed data, was" def unpack(self, password=None, duplicates=None): @@ -183,3 +183,31 @@ def unpack(self, password=None, duplicates=None): os.unlink(filepath) return self.process_directory(dirpath, duplicates) + +class XZFile(Unpacker): + name = "xzfile" + exe = "/usr/bin/7z" + exts = b".xz" + magic = "XZ compressed data" + + def unpack(self, password=None, duplicates=None): + dirpath = tempfile.mkdtemp() + + if self.f.filepath: + filepath = self.f.filepath + temporary = False + else: + filepath = self.f.temp_path(".7z") + temporary = True + + ret = self.zipjail( + filepath, dirpath, "x", "-o%s" % dirpath, filepath + ) + + if not ret: + return [] + + if temporary: + os.unlink(filepath) + + return self.process_directory(dirpath, duplicates)