Add feature to support compressed archives

cgzones · cgzones · commit a148b3391b3d · 2023-03-14T12:47:00.000+01:00
Add a new feature "archives" to support scanning (compresses) archives.
Extracting archives is done via the create compress-tools, which uses
the C library libarchive.  Thus in order to build and run checksec
installing libarchive is required.

    $ checksec -f /var/cache/apt/archives/xterm_376-1_amd64.deb
    ELF64: | Canary: true  CFI: false SafeStack: false Fortify: Partial     Fortified:  3 Fortifiable:  1 NX: true  PIE: Full Relro: Full    RPATH: None RUNPATH: None | File: /var/cache/apt/archives/xterm_376-1_amd64.deb➔data.tar.xz➔./usr/bin/resize
    ELF64: | Canary: true  CFI: false SafeStack: false Fortify: Partial     Fortified:  8 Fortifiable: 11 NX: true  PIE: Full Relro: Full    RPATH: None RUNPATH: None | File: /var/cache/apt/archives/xterm_376-1_amd64.deb➔data.tar.xz➔./usr/bin/xterm
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -28,6 +28,7 @@ panic = 'abort'   # Abort on panic
 clap = {version = "4.0.14", features = ["cargo"]}
 colored = {version = "2.0.0", optional = true}
 colored_json = {version = "3.0.1", optional = true}
+compress-tools = {version = "0.14.0", optional = true}
 goblin = "0.6.0"
 ignore = "0.4.18"
 memmap2 = "0.5.7"
@@ -61,6 +62,7 @@ name = "checksec"
 path = "src/main.rs"
 
 [features]
+archives = ["compress-tools"]
 color = ["colored", "colored_json", "xattr"]
 default = ["elf", "macho", "pe", "color", "maps"]
 elf = ["shared"]
diff --git a/src/main.rs b/src/main.rs
@@ -24,6 +24,8 @@ use sysinfo::{
 };
 
 use std::ffi::OsStr;
+#[cfg(feature = "archives")]
+use std::io::Cursor;
 use std::path::Path;
 use std::{env, fmt, fs, process};
 
@@ -32,6 +34,8 @@ use colored::Colorize;
 
 #[cfg(feature = "color")]
 use colored_json::to_colored_json_auto;
+#[cfg(feature = "archives")]
+use compress_tools::{ArchiveContents, ArchiveIterator};
 
 mod binary;
 mod proc;
@@ -132,6 +136,8 @@ fn print_process_results(processes: &Processes, settings: &output::Settings) {
 enum ParseError {
     Goblin(goblin::error::Error),
     IO(std::io::Error),
+    #[cfg(feature = "archives")]
+    Decompress(compress_tools::Error),
     #[allow(dead_code)]
     Unimplemented(&'static str),
 }
@@ -141,6 +147,8 @@ impl fmt::Display for ParseError {
         match self {
             Self::Goblin(e) => e.fmt(f),
             Self::IO(e) => e.fmt(f),
+            #[cfg(feature = "archives")]
+            Self::Decompress(e) => e.fmt(f),
             Self::Unimplemented(str) => {
                 write!(f, "Support for files of type {str} not implemented")
             }
@@ -160,6 +168,13 @@ impl From<std::io::Error> for ParseError {
     }
 }
 
+#[cfg(feature = "archives")]
+impl From<compress_tools::Error> for ParseError {
+    fn from(err: compress_tools::Error) -> ParseError {
+        ParseError::Decompress(err)
+    }
+}
+
 fn parse(file: &Path) -> Result<Vec<Binary>, ParseError> {
     let fp = fs::File::open(file)?;
     let buffer = unsafe { Mmap::map(&fp)? };
@@ -257,6 +272,48 @@ fn parse_bytes(bytes: &[u8], file: &Path) -> Result<Vec<Binary>, ParseError> {
         #[cfg(not(feature = "macho"))]
         Object::Mach(_) => Err(ParseError::Unimplemented("MachO")),
         Object::Archive(archive) => Ok(parse_archive(&archive, file, bytes)),
+        #[cfg(feature = "archives")]
+        Object::Unknown(magic) => {
+            let mut results = Vec::new();
+            let mut handled = false;
+
+            let mut name = String::default();
+            let mut buffer = Vec::new();
+
+            for content in ArchiveIterator::from_read(Cursor::new(bytes))? {
+                match content {
+                    ArchiveContents::StartOfEntry(s, _) => {
+                        name = s;
+                        buffer.clear();
+                    }
+                    ArchiveContents::DataChunk(v) => buffer.extend(v),
+                    ArchiveContents::EndOfEntry => {
+                        if buffer != bytes {
+                            handled = true;
+
+                            if let Ok(mut res) = parse_bytes(
+                                &buffer,
+                                Path::new(&format!(
+                                    "{}\u{2794}{}",
+                                    file.display(),
+                                    name
+                                )),
+                            ) {
+                                results.append(&mut res);
+                            }
+                        }
+                    }
+                    ArchiveContents::Err(e) => Err(e)?,
+                }
+            }
+
+            if handled {
+                Ok(results)
+            } else {
+                Err(ParseError::Goblin(Error::BadMagic(magic)))
+            }
+        }
+        #[cfg(not(feature = "archives"))]
         Object::Unknown(magic) => {
             Err(ParseError::Goblin(Error::BadMagic(magic)))
         }
