Add first draft of scan zip
This commit is contained in:
atxr
parent
01c55375f9
commit
527fe98054
2 changed files with 72 additions and 0 deletions
|
|
@ -8,5 +8,6 @@
|
|||
|
||||
bool detect_overlaps(char* filename);
|
||||
int get_uncompressed_size(zip* in);
|
||||
bool scan_zip(char* zip_data, int zip_size);
|
||||
|
||||
#endif
|
||||
|
|
@ -1,3 +1,6 @@
|
|||
#include <assert.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "libmineziper.h"
|
||||
|
||||
bool detect_overlaps(char* filename)
|
||||
|
|
@ -16,3 +19,71 @@ int get_uncompressed_size(zip* in)
|
|||
|
||||
return size;
|
||||
}
|
||||
|
||||
bool scan_zip(char* zip_data, int zip_size)
|
||||
{
|
||||
zip zip;
|
||||
get_eocd(zip_data, zip_size, &zip);
|
||||
get_cdh(zip_data, &zip);
|
||||
|
||||
for (int i = 0; i < zip.entries; i++)
|
||||
{
|
||||
LFH* lfh = &zip_data[zip.lfh_off[i]];
|
||||
|
||||
if (lfh->compression_method == DEFLATE)
|
||||
{
|
||||
int lfh_length = sizeof(LFH) + lfh->filename_length + lfh->extraf_length;
|
||||
char* encoded_block = &((char*) lfh)[lfh_length];
|
||||
char* decoded_data = "";
|
||||
|
||||
bitstream bs = init_bitstream(encoded_block, lfh->compressed_size, 0);
|
||||
ISH deflate_header = {.raw = get_bits(&bs, 3)};
|
||||
|
||||
if (deflate_header.block_type == 0)
|
||||
{
|
||||
align_to_next_byte(&bs);
|
||||
short block_size = get_bits(&bs, 16);
|
||||
short inv_block_size = get_bits(&bs, 16);
|
||||
assert(block_size == ~inv_block_size);
|
||||
|
||||
decoded_data = malloc(block_size);
|
||||
|
||||
memcpy(decoded_data, &bs.data[bs.current_data_offset], block_size);
|
||||
}
|
||||
|
||||
else if (deflate_header.block_type == 1)
|
||||
{
|
||||
printf("[FILE %d] Scanning 1 block...\n", i);
|
||||
decoded_data = malloc(lfh->uncompressed_size);
|
||||
|
||||
decode_type1_block_vuln(&bs, decoded_data);
|
||||
}
|
||||
|
||||
else if (deflate_header.block_type == 2)
|
||||
{
|
||||
fprintf(
|
||||
stderr,
|
||||
"[FILE %d] Dynamic Huffman codes block type not supported\n",
|
||||
i);
|
||||
}
|
||||
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "[FILE %d] Error in compressed data\n", i);
|
||||
}
|
||||
|
||||
#include <string.h>
|
||||
if (strcmp("VIRUS", decoded_data) == NULL)
|
||||
{
|
||||
printf("-> VIRUS FOUND\n");
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("-> OK\n\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue