Permalink
Browse files

pass zipjail errors on to sflock output, zipjail 0.4.1

  • Loading branch information...
jbremer committed Sep 13, 2018
1 parent 0d7547f commit d55f6a9d99a41ebd70e5ea5d266aea718a7f1811
@@ -57,6 +57,14 @@ def zipjail(self, filepath, dirpath, *args):
self.f.error = "files_too_large"
return False

if b"Detected potential out-of-path arbitrary overwrite!" in err:
self.f.error = "directory_traversal"
return False

if b"Blocked system call" in err and b"syscall=symlink" in err:
self.f.error = "malicious_symlink"
return False

return not return_code

def handles(self):
@@ -393,6 +401,7 @@ def to_dict(self):
"package": self.package,
"selected": self.selected,
"preview": self.preview,
"error": self.error,
}

def astree(self, finger=True, sanitize=False):
@@ -410,6 +419,7 @@ def astree(self, finger=True, sanitize=False):
"type": "container" if self.children else "file",
"children": [],
"preview": self.preview,
"error": self.error,
}

if not sanitize:
BIN +0 Bytes (100%) sflock/data/zipjail.elf
Binary file not shown.
@@ -1,4 +1,5 @@
# Copyright (C) 2017-2018 Jurriaan Bremer.
# Copyright (C) 2018 Hatching B.V.
# This file is part of SFlock - http://www.sflock.org/.
# See the file 'docs/LICENSE.txt' for copying permission.

BIN +133 Bytes tests/files/symlink.rar
Binary file not shown.
@@ -1,4 +1,5 @@
# Copyright (C) 2016-2018 Jurriaan Bremer.
# Copyright (C) 2018 Hatching B.V.
# This file is part of SFlock - http://www.sflock.org/.
# See the file 'docs/LICENSE.txt' for copying permission.

@@ -1,4 +1,5 @@
# Copyright (C) 2015-2018 Jurriaan Bremer.
# Copyright (C) 2018 Hatching B.V.
# This file is part of SFlock - http://www.sflock.org/.
# See the file 'docs/LICENSE.txt' for copying permission.

@@ -93,6 +94,11 @@ def test_heuristics(self):
assert t.unpacker == "rarfile"
assert t.filename == b"foo"

def test_symlink(self):
t = unpack(b"tests/files/symlink.rar")
assert t.unpacker == "rarfile"
assert t.error == "malicious_symlink"

def test_inmemory(self):
contents = open(b"tests/files/rar_plain.rar", "rb").read()
t = unpack(contents=contents)
@@ -50,6 +50,7 @@ def test_astree1():
"platform": None,
"selected": False,
"preview": True,
"error": None,
"type": "container",
"children": [{
"type": "directory",
@@ -74,6 +75,7 @@ def test_astree1():
"platform": None,
"selected": False,
"preview": True,
"error": None,
"type": "file",
"children": [],
}],
@@ -97,6 +99,7 @@ def test_astree2():
"platform": None,
"selected": False,
"preview": True,
"error": None,
"type": "container",
"children": [{
"type": "container",
@@ -113,6 +116,7 @@ def test_astree2():
"platform": None,
"selected": False,
"preview": True,
"error": None,
"size": 10240,
"children": [{
"type": "directory",
@@ -132,6 +136,7 @@ def test_astree2():
"platform": None,
"selected": False,
"preview": True,
"error": None,
"filename": b"bar.txt",
"relapath": b"deepfoo/foo/bar.txt",
"relaname": b"deepfoo/foo/bar.txt",
@@ -161,6 +166,7 @@ def test_astree3():
"preview": True,
"password": None,
"size": 24607,
"error": None,
"type": "container",
"children": [{
"duplicate": False,
@@ -177,6 +183,7 @@ def test_astree3():
"preview": True,
"password": None,
"size": 17482,
"error": None,
"type": "container",
"children": [{
"duplicate": False,
@@ -194,6 +201,7 @@ def test_astree3():
"preview": True,
"password": None,
"size": 12,
"error": None,
"type": "file",
"children": [],
}, {
@@ -212,6 +220,7 @@ def test_astree3():
"preview": True,
"password": None,
"size": 11970,
"error": None,
"type": "file",
"children": [],
}],
@@ -230,6 +239,7 @@ def test_astree3():
"preview": True,
"password": None,
"size": 12,
"error": None,
"type": "file",
"children": [],
}],
@@ -250,6 +260,8 @@ def test_astree4():
"selected": False,
"preview": True,
"password": None,
"error": None,
"error": None,
"type": "container",
"children": [{
"duplicate": False,
@@ -266,6 +278,7 @@ def test_astree4():
"preview": True,
"password": None,
"size": 1137,
"error": None,
"type": "file",
"children": [],
}, {
@@ -283,6 +296,7 @@ def test_astree4():
"preview": True,
"password": None,
"size": 1132,
"error": None,
"type": "file",
"children": [],
}, {
@@ -300,6 +314,7 @@ def test_astree4():
"preview": True,
"password": None,
"size": 234898,
"error": None,
"type": "container",
"children": [{
"duplicate": False,
@@ -317,6 +332,7 @@ def test_astree4():
"preview": True,
"password": None,
"size": 249336,
"error": None,
"type": "file",
"children": [],
}],
@@ -466,3 +482,4 @@ def test_maxsize_zip():
assert f.unpacker == "zipfile"
assert not f.children
assert f.error == "files_too_large"
assert f.astree()["error"] == "files_too_large"

0 comments on commit d55f6a9

Please sign in to comment.