You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In short: replacing some archive packer/unpacker pairs that use command line tools with ones that use libarchive will make those packers more robust.
Currently, some archive packer/unpackers (such as CPIO) are lossy in that the repacked binary is different from the original in critical ways. For example, CPIOs may contain files that must be unpacked to absolute paths. If OFRAK unpacks to absolute paths, it is a security risk – unpacking CPIOs could overwrite critical files (or at least cause permissions errors that make unpacking fail). On the other hand, if OFRAK doesn't unpack to absolute paths, the repacked version will not be repacked with absolute paths, which may cause the repacked file to behave differently when used.
The general solution is to unpack in-memory, instead of to the local filesystem.
Previously, we've tried to address this by using in-memory Python libraries for parsing archive formats. But often, the libraries fail in critical ways that the more robust, battle-tested command-line tools do not. The solution is to use a library for unpacking that is as battle-tested as the command-line tools we're currently relying on. libarchive is such a library, as it is used for bsdtar and bsdcpio that do TAR and CPIO packing/unpacking on macOS and BSD.
What is the use case for the feature?
In short: replacing some archive packer/unpacker pairs that use command line tools with ones that use
libarchive
will make those packers more robust.Currently, some archive packer/unpackers (such as CPIO) are lossy in that the repacked binary is different from the original in critical ways. For example, CPIOs may contain files that must be unpacked to absolute paths. If OFRAK unpacks to absolute paths, it is a security risk – unpacking CPIOs could overwrite critical files (or at least cause permissions errors that make unpacking fail). On the other hand, if OFRAK doesn't unpack to absolute paths, the repacked version will not be repacked with absolute paths, which may cause the repacked file to behave differently when used.
The general solution is to unpack in-memory, instead of to the local filesystem.
Previously, we've tried to address this by using in-memory Python libraries for parsing archive formats. But often, the libraries fail in critical ways that the more robust, battle-tested command-line tools do not. The solution is to use a library for unpacking that is as battle-tested as the command-line tools we're currently relying on.
libarchive
is such a library, as it is used forbsdtar
andbsdcpio
that do TAR and CPIO packing/unpacking on macOS and BSD.How would you implement this feature?
Using the Python
ctypes
bindings forlibarchive
.The text was updated successfully, but these errors were encountered: