Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generic improvements #36

Merged
merged 15 commits into from Feb 28, 2022
Merged

Generic improvements #36

merged 15 commits into from Feb 28, 2022

Conversation

qkaiser
Copy link
Collaborator

@qkaiser qkaiser commented Feb 28, 2022

We worked on our own fork on a few issues and battle tested our version of jefferson against a long list of JFFS2 firmwares. This PR is the product of our improvements.

It includes:

qkaiser and others added 15 commits January 5, 2022 12:08
Modifications in cstruct API between v1.8 and v2.1 broke jefferson due to the removal of __fmt__ field in CStruct meta classes.

We fixed it by rebuilding classes dynamically using the expected endianness.
…es in the future. Moving to more recent versions should be done manually once it's been tested that jefferson still works with the newly released version of cstruct.
Add support for JFFS2 old magic signature (0x1984).
…each possible endianness. We make the assumption that a JFFS2 has always a fixed endianness and that nodes won't switch between endianness in the middle of a filesystem.
…s of every inodes and discarding inodes with a path

pointing outside of the extraction directory.

Fix path traversal through symlinks by canonicalizing link target path using the extraction directory as root. If the link
still points outside the extraction root, it gets discarded. This way symlinks reflects the reality of a filesystem on device
by pointing to files within the extracted filesystem instead of files from the host executing jefferson.
…ct risk to normal end users. Those checks can be implemented by other tools where required.
Moved to mmap in order to reduce the overall memory usage and increase
processing speed for large filesystems.
Better handling of decompression error + simpler endianness logging.
@qkaiser
Copy link
Collaborator Author

qkaiser commented Jan 31, 2023

@sviehb we have an upcoming publication about similar vulnerabilities affecting different extractors in ubi-reader, jefferson, yaffshiv, and binwalk. We requested CVEs for each of these vulnerability so that users are aware they should upgrade to the latest version (through dependabot for example).

The one that was fixed in jefferson is CVE-2023-0592, you're credited as remediation reviewer :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant