SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-04-25 15:50:18 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

Consolidate detectable Executable checks

Browse Source
This commit is contained in:
Matt Nadareski
2025-09-06 09:03:05 -04:00
parent 5ef9c4cd8a
commit 6ea98f5dc4
3 changed files with 16 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
BinaryObjectScanner.Test/FileType/ExecutableTests.cs
View File

@@ -26,16 +26,5 @@ namespace BinaryObjectScanner.Test.FileType
string? actual = detectable.Detect(stream, file, includeDebug: false);
Assert.Null(actual);
}
[Fact]
public void DetectDict_EmptyStream_Empty()
{
Stream? stream = new MemoryStream();
string file = string.Empty;
var detectable = new Executable();
ProtectionDictionary actual = detectable.DetectDict(stream, file, includeDebug: false);
Assert.Empty(actual);
}
}
}

39
BinaryObjectScanner/FileType/Executable.cs
View File

@@ -25,28 +25,6 @@ namespace BinaryObjectScanner.FileType
/// <inheritdoc/>
public string? Detect(Stream stream, string file, bool includeDebug)
{
// Get all non-nested protections
var protections = DetectDict(stream, file, includeDebug);
if (protections.Count == 0)
return null;
// Create the internal list
var protectionList = new List<string>();
foreach (string key in protections.Keys)
{
protectionList.AddRange(protections[key]);
}
return string.Join(";", [.. protectionList]);
}
/// <inheritdoc cref="IDetectable.Detect(Stream, string, bool)"/>
/// <remarks>
/// Ideally, we wouldn't need to circumvent the proper handling of file types just for Executable,
/// but due to the complexity of scanning, this is not currently possible.
/// </remarks>
public ProtectionDictionary DetectDict(Stream stream, string file, bool includeDebug)
{
// Create the output dictionary
var protections = new ProtectionDictionary();
@@ -57,12 +35,12 @@ namespace BinaryObjectScanner.FileType
{
wrapper = WrapperFactory.CreateExecutableWrapper(stream);
if (wrapper == null)
return protections;
return null;
}
catch (Exception ex)
{
if (includeDebug) Console.Error.WriteLine(ex);
return protections;
return null;
}
// Only use generic content checks if we're in debug mode
@@ -101,7 +79,18 @@ namespace BinaryObjectScanner.FileType
protections.Append(file, subProtections.Values);
}
return protections;
// If there are no protections
if (protections.Count == 0)
return null;
// Create the internal list
var protectionList = new List<string>();
foreach (string key in protections.Keys)
{
protectionList.AddRange(protections[key]);
}
return string.Join(";", [.. protectionList]);
}
/// <inheritdoc/>

15
BinaryObjectScanner/Scanner.cs
View File

@@ -276,19 +276,8 @@ namespace BinaryObjectScanner
// If we're scanning file contents
if (detectable != null && _options.ScanContents)
{
// If we have an executable, it needs to bypass normal handling
if (detectable is Executable executable)
{
var subProtections = executable.DetectDict(stream, fileName, _options.IncludeDebug);
protections.Append(subProtections);
}
// Otherwise, use the default implementation
else
{
var subProtection = detectable.Detect(stream, fileName, _options.IncludeDebug);
protections.Append(fileName, subProtection);
}
var subProtection = detectable.Detect(stream, fileName, _options.IncludeDebug);
protections.Append(fileName, subProtection);
}
#endregion