Support Unix archives (#27)

* pe: use slice of bytes instead of memmap2::Mmap

Reduce coupling and different sources than mapped file regions.

* Support Unix archives

Scan simple (uncompressed) Unix archives:

    checksec -f unix.a
    ELF64: | Canary: false CFI: false SafeStack: true  Fortify: None        Fortified:  0 Fortifiable:  1 NX: true  PIE: Full Relro: Full    RPATH: None RUNPATH: None | File: unix.a➔answer

Author: cgzones

src/main.rs

@@ -1,5 +1,6 @@
 #![warn(clippy::pedantic)]
 extern crate clap;
+extern crate core;
 extern crate goblin;
 extern crate ignore;
 extern crate serde_json;
@@ -129,6 +130,7 @@ fn print_process_results(processes: &Processes, settings: &output::Settings) {
 enum ParseError {
     Goblin(goblin::error::Error),
     IO(std::io::Error),
+    #[allow(dead_code)]
     Unimplemented(&'static str),
 }
 
@@ -159,7 +161,13 @@ impl From<std::io::Error> for ParseError {
 fn parse(file: &Path) -> Result<Vec<Binary>, ParseError> {
     let fp = fs::File::open(file)?;
     let buffer = unsafe { Mmap::map(&fp)? };
-    match Object::parse(&buffer)? {
+
+    parse_bytes(&buffer, file)
+}
+
+#[allow(clippy::too_many_lines)]
+fn parse_bytes(bytes: &[u8], file: &Path) -> Result<Vec<Binary>, ParseError> {
+    match Object::parse(bytes)? {
         #[cfg(feature = "elf")]
         Object::Elf(elf) => {
             let results = elf::CheckSecResults::parse(&elf);
@@ -173,7 +181,7 @@ fn parse(file: &Path) -> Result<Vec<Binary>, ParseError> {
         }
         #[cfg(feature = "pe")]
         Object::PE(pe) => {
-            let results = pe::CheckSecResults::parse(&pe, &buffer);
+            let results = pe::CheckSecResults::parse(&pe, bytes);
             let bin_type =
                 if pe.is_64 { BinType::PE64 } else { BinType::PE32 };
             Ok(vec![Binary::new(
@@ -224,7 +232,33 @@ fn parse(file: &Path) -> Result<Vec<Binary>, ParseError> {
         Object::PE(_) => Err(ParseError::Unimplemented("PE")),
         #[cfg(not(feature = "macho"))]
         Object::Mach(_) => Err(ParseError::Unimplemented("MachO")),
-        Object::Archive(_) => Err(ParseError::Unimplemented("Unix Archive")),
+        Object::Archive(archive) => Ok(archive
+            .members()
+            .iter()
+            .filter_map(|member_name| {
+                match archive.extract(member_name, bytes) {
+                    Ok(ext_bytes) => parse_bytes(
+                        ext_bytes,
+                        Path::new(&format!(
+                            "{}\u{2794}{}",
+                            file.display(),
+                            member_name
+                        )),
+                    )
+                    .ok(),
+                    Err(err) => {
+                        eprintln!(
+                            "Failed to extract member {} of {}: {}",
+                            member_name,
+                            file.display(),
+                            err
+                        );
+                        None
+                    }
+                }
+            })
+            .flatten()
+            .collect()),
         Object::Unknown(magic) => {
             Err(ParseError::Goblin(Error::BadMagic(magic)))
         }

src/pe.rs

@@ -7,7 +7,6 @@ use goblin::pe::{
     data_directories::DataDirectory, options::ParseOptions,
     section_table::SectionTable,
 };
-use memmap2::Mmap;
 use scroll::Pread;
 use serde::{Deserialize, Serialize};
 use std::fmt;
@@ -327,7 +326,7 @@ pub struct CheckSecResults {
 }
 impl CheckSecResults {
     #[must_use]
-    pub fn parse(pe: &PE, buffer: &Mmap) -> Self {
+    pub fn parse(pe: &PE, buffer: &[u8]) -> Self {
         Self {
             aslr: pe.has_aslr(),
             authenticode: pe.has_authenticode(buffer),
@@ -446,7 +445,7 @@ pub trait Properties {
     /// [`memmap2::Mmap`](https://docs.rs/memmap2/0.5.7/memmap2/struct.Mmap.html)
     /// of the original file to read & parse required information from the
     /// underlying binary file
-    fn has_authenticode(&self, mem: &memmap2::Mmap) -> bool;
+    fn has_authenticode(&self, bytes: &[u8]) -> bool;
     /// check for `IMAGE_DLLCHARACTERISTICS_GUARD_CF` *(0x4000)* in
     /// `DllCharacteristics` within the `IMAGE_OPTIONAL_HEADER32/64`
     fn has_cfg(&self) -> bool;
@@ -470,7 +469,7 @@ pub trait Properties {
     /// [`memmap2::Mmap`](https://docs.rs/memmap2/0.5.7/memmap2/struct.Mmap.html)
     /// of the original file to read & parse required information from the
     /// underlying binary file
-    fn has_gs(&self, mem: &memmap2::Mmap) -> bool;
+    fn has_gs(&self, bytes: &[u8]) -> bool;
     /// check for `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` *(`0x0020`)* in
     /// `DllCharacteristics` within the `IMAGE_OPTIONAL_HEADER32/64`
     fn has_high_entropy_va(&self) -> bool;
@@ -486,15 +485,15 @@ pub trait Properties {
     /// [`memmap2::Mmap`](https://docs.rs/memmap2/0.5.7/memmap2/struct.Mmap.html)
     /// of the original file to read & parse required information from the
     /// underlying binary file
-    fn has_rfg(&self, mem: &memmap2::Mmap) -> bool;
+    fn has_rfg(&self, bytes: &[u8]) -> bool;
     /// check `shandler_count` from `LOAD_CONFIG` in `IMAGE_DATA_DIRECTORY`
     /// linked from the the `IMAGE_OPTIONAL_HEADER32/64`
     ///
     /// requires a
     /// [`memmap2::Mmap`](https://docs.rs/memmap2/0.5.7/memmap2/struct.Mmap.html)
     /// of the original file to read and parse required information from the
     /// underlying binary file
-    fn has_safe_seh(&self, mem: &memmap2::Mmap) -> bool;
+    fn has_safe_seh(&self, bytes: &[u8]) -> bool;
     /// check `IMAGE_DLLCHARACTERISTICS_NO_SEH` from the
     /// `IMAGE_OPTIONAL_HEADER32/64`
     fn has_seh(&self) -> bool;
@@ -508,7 +507,7 @@ impl Properties for PE<'_> {
         }
         ASLR::None
     }
-    fn has_authenticode(&self, mem: &memmap2::Mmap) -> bool {
+    fn has_authenticode(&self, bytes: &[u8]) -> bool {
         // requires running platform to be Windows for verification
         // just check for existence right now
         if let Some(optional_header) = self.header.optional_header {
@@ -518,7 +517,7 @@ impl Properties for PE<'_> {
                 optional_header.data_directories.get_load_config_table()
             {
                 if let Ok(load_config_val) = get_load_config_val(
-                    mem,
+                    bytes,
                     *load_config_hdr,
                     sections,
                     file_alignment,
@@ -591,15 +590,15 @@ impl Properties for PE<'_> {
         }
         false
     }
-    fn has_gs(&self, mem: &memmap2::Mmap) -> bool {
+    fn has_gs(&self, bytes: &[u8]) -> bool {
         if let Some(optional_header) = self.header.optional_header {
             let file_alignment = optional_header.windows_fields.file_alignment;
             let sections = &self.sections;
             if let Some(load_config_hdr) =
                 optional_header.data_directories.get_load_config_table()
             {
                 if let Ok(load_config_val) = get_load_config_val(
-                    mem,
+                    bytes,
                     *load_config_hdr,
                     sections,
                     file_alignment,
@@ -632,15 +631,15 @@ impl Properties for PE<'_> {
         }
         false
     }
-    fn has_rfg(&self, mem: &memmap2::Mmap) -> bool {
+    fn has_rfg(&self, bytes: &[u8]) -> bool {
         if let Some(optional_header) = self.header.optional_header {
             let file_alignment = optional_header.windows_fields.file_alignment;
             let sections = &self.sections;
             if let Some(load_config_hdr) =
                 optional_header.data_directories.get_load_config_table()
             {
                 if let Ok(load_config_val) = get_load_config_val(
-                    mem,
+                    bytes,
                     *load_config_hdr,
                     sections,
                     file_alignment,
@@ -657,15 +656,15 @@ impl Properties for PE<'_> {
         }
         false
     }
-    fn has_safe_seh(&self, mem: &memmap2::Mmap) -> bool {
+    fn has_safe_seh(&self, bytes: &[u8]) -> bool {
         if let Some(optional_header) = self.header.optional_header {
             let file_alignment = optional_header.windows_fields.file_alignment;
             let sections = &self.sections;
             if let Some(load_config_hdr) =
                 optional_header.data_directories.get_load_config_table()
             {
                 if let Ok(load_config_val) = get_load_config_val(
-                    mem,
+                    bytes,
                     *load_config_hdr,
                     sections,
                     file_alignment,