Handle extractable executables properly

This commit is contained in:
Matt Nadareski
2025-09-02 20:28:38 -04:00
parent cc826fdc60
commit c0e82fa021
2 changed files with 4 additions and 7 deletions

View File

@@ -27,7 +27,7 @@ namespace BinaryObjectScanner.FileType
public string? Detect(Stream stream, string file, bool includeDebug)
{
// Get all non-nested protections
var protections = DetectDict(stream, file, getProtections: null, includeDebug);
var protections = DetectDict(stream, file, includeDebug);
if (protections.Count == 0)
return null;
@@ -46,10 +46,7 @@ namespace BinaryObjectScanner.FileType
/// Ideally, we wouldn't need to circumvent the proper handling of file types just for Executable,
/// but due to the complexity of scanning, this is not currently possible.
/// </remarks>
public ProtectionDictionary DetectDict(Stream stream,
string file,
Func<string, ProtectionDictionary>? getProtections,
bool includeDebug)
public ProtectionDictionary DetectDict(Stream stream, string file, bool includeDebug)
{
// Create the output dictionary
var protections = new ProtectionDictionary();

View File

@@ -271,7 +271,7 @@ namespace BinaryObjectScanner
// If we have an executable, it needs to bypass normal handling
if (detectable is Executable executable)
{
var subProtections = executable.DetectDict(stream, fileName, GetProtections, _options.IncludeDebug);
var subProtections = executable.DetectDict(stream, fileName, _options.IncludeDebug);
protections.Append(subProtections);
}
@@ -291,7 +291,7 @@ namespace BinaryObjectScanner
var extractable = Factory.CreateExtractable(fileType);
// If we're scanning archives
if (extractable != null && _options.ScanArchives)
if (extractable != null && (extractable is Executable || _options.ScanArchives))
{
// If the extractable file itself fails
try