def _check_test(self, file_type): """Helper function to parse a binary file and check whether the given string is in the parsed result""" with tempfile.NamedTemporaryFile("w+b", suffix=file_type, delete=False) as f: if file_type == "out": # write magic signature f.write(b"\x7f\x45\x4c\x46\x02\x01\x01\x03\n") f.seek(0) self.assertTrue(is_binary(f.name)) else: f.write(b"some other data\n") f.seek(0) self.assertFalse(is_binary(f.name)) os.remove(f.name)
def is_executable(self, filename): """check if file is an ELF binary file""" output = None if inpath("file"): # use system file if available (for performance reasons) output = subprocess.check_output(["file", filename]) output = output.decode(sys.stdout.encoding) if "cannot open" in output: self.logger.warning( f"Unopenable file {filename} cannot be scanned") return False, None if (("LSB " not in output) and ("LSB shared" not in output) and ("LSB executable" not in output) and ("PE32 executable" not in output) and ("PE32+ executable" not in output) and ("Mach-O" not in output) and ("PKG-INFO: " not in output) and ("METADATA: " not in output) and ("pom.xml" not in output)): return False, None # otherwise use python implementation of file elif not is_binary(filename): return False, None return True, output
def scan_file(self, filename): """Scans a file to see if it contains any of the target libraries, and whether any of those contain CVEs""" self.logger.debug(f"Scanning file: {filename}") self.total_scanned_files += 1 # Do not try to scan symlinks if os.path.islink(filename): return None # Ensure filename is a file if not os.path.isfile(filename): self.logger.warning(f"Invalid file {filename} cannot be scanned") return None # step 1: check if it's an ELF binary file if inpath("file"): # use system file if available (for performance reasons) o = subprocess.check_output(["file", filename]) o = o.decode(sys.stdout.encoding) if "cannot open" in o: self.logger.warning( f"Unopenable file {filename} cannot be scanned") return None if (("LSB " not in o) and ("LSB shared" not in o) and ("LSB executable" not in o) and ("PE32 executable" not in o) and ("PE32+ executable" not in o) and ("Mach-O" not in o)): return None # otherwise use python implementation of file elif not is_binary(filename): return None # parse binary file's strings if inpath("strings"): # use "strings" on system if available (for performance) o = subprocess.check_output(["strings", filename]) lines = o.decode("utf-8").splitlines() else: # Otherwise, use python implementation s = Strings(filename) lines = s.parse() yield from self.run_checkers(filename, lines)
def test_windows(self): """file single-byte""" self.assertTrue(is_binary(os.path.join(ASSETS_PATH, "windows.txt")))
def test_single_byte_file(self): """file single-byte""" self.assertFalse( is_binary(os.path.join(ASSETS_PATH, "single-byte.txt")))
def _check_test(self, filename, is_executable): """Helper function to parse a binary file and check whether the given string is in the parsed result""" self.assertEqual(is_binary(os.path.join(BINARIES_PATH, filename)), is_executable)