Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add RAR handler #33

Merged
merged 4 commits into from
Nov 26, 2021
Merged

Add RAR handler #33

merged 4 commits into from
Nov 26, 2021

Conversation

tests00
Copy link
Contributor

@tests00 tests00 commented Nov 24, 2021

Add handler and tests for RAR.

The handler will find two distinct RAR magics: from v1.5 to v4 (called $magic_v4), and v5 (called $magic_v5).

There's only a test for RAR v5 at the moment.

qkaiser
qkaiser reviewed Nov 24, 2021
View reviewed changes
unblob/handlers/archive/rar.py Outdated Show resolved Hide resolved
unblob/handlers/archive/rar.py Outdated Show resolved Hide resolved
@qkaiser qkaiser mentioned this pull request Nov 26, 2021
Closed
@kissgyorgy kissgyorgy changed the title Add RAR Add RAR handler Nov 26, 2021
kissgyorgy and others added 4 commits November 26, 2021 16:52
@kissgyorgy
Add rarfile dependency to handler RAR format
4df8d24
@kissgyorgy
Add RAR handler
c46fb3e 
It is using an external library to handle v4 and v5 format too.
It is using the unar external tool to extract found RAR files:
https://theunarchiver.com/command-line

The unar command will create empty files for password protected rar files and
empty directory without any files when it's encrypted. These are reflected in
the test cases.
@kissgyorgy
Add installing unar to github workflow
7500aff
@kissgyorgy
Add .gitkeep to empty directory
bea278f 
The unar tool will extract no files when given an encrypted file,
but unlob will create an empty directory.

Git cannot track empty directories, so we need to have something there,
but on test assert, we need to ignore this file.
@vlaci vlaci removed the request for review from kukovecz November 26, 2021 15:54
@vlaci vlaci merged commit d351a97 into main Nov 26, 2021
@vlaci vlaci deleted the add_rar branch November 26, 2021 15:54
qkaiser
qkaiser reviewed Nov 26, 2021
View reviewed changes
Copy link
Contributor

@qkaiser qkaiser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have a look at the YARA rule simplification and rebase on main :)

unblob/handlers/archive/rar.py Show resolved Hide resolved
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kissgyorgy kissgyorgy kissgyorgy left review comments

@qkaiser qkaiser qkaiser left review comments

@vlaci vlaci vlaci approved these changes

Assignees
No one assigned
Labels
format:archive
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tests00 @kissgyorgy @qkaiser @vlaci