fix(yaffs): fixed hardlink and symlink handling

martonilles · qkaiser · commit 9cd1c8a58aa3 · 2023-04-17T18:24:09.000+02:00
Also added support for v1 hardlinks as v1 also supports hardlinks, though
the field name is a bit different.
diff --git a/tests/integration/filesystem/yaffs/__input__/links.yaffs b/tests/integration/filesystem/yaffs/__input__/links.yaffs
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:93e487e7ed1a160db8c599cc1fdca058baa6024dd27c329f1d55f823bee9215b
+size 4752
diff --git a/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/dir/hardlink b/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/dir/hardlink
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:434728a410a78f56fc1b5899c3593436e61ab0c731e9072d95e96db290205e53
+size 8
diff --git a/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/dir/symlink b/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/dir/symlink
@@ -0,0 +1 @@
+../file
diff --git a/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/file b/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/file
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:434728a410a78f56fc1b5899c3593436e61ab0c731e9072d95e96db290205e53
+size 8
diff --git a/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/hardlink b/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/hardlink
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:434728a410a78f56fc1b5899c3593436e61ab0c731e9072d95e96db290205e53
+size 8
diff --git a/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/symlink b/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/symlink
@@ -0,0 +1 @@
+file
diff --git a/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/symlink2 b/tests/integration/filesystem/yaffs/__output__/links.yaffs_extract/symlink2
@@ -0,0 +1 @@
+dir/hardlink
diff --git a/unblob/handlers/filesystem/yaffs.py b/unblob/handlers/filesystem/yaffs.py
@@ -186,6 +186,7 @@ class YAFFSEntry:
     sum_no_longer_used: int = attr.ib(default=0)
     name: str = attr.ib(default="")
     alias: str = attr.ib(default="")
+    equiv_id: int = attr.ib(default=0)
     file_size: int = attr.ib(default=0)
     st_mode: int = attr.ib(default=0)
     st_uid: int = attr.ib(default=0)
@@ -210,7 +211,6 @@ def __str__(self):
 @attr.define(kw_only=True)
 class YAFFS2Entry(YAFFSEntry):
     chksum: int = attr.ib(default=0)
-    equiv_id: int = attr.ib(default=0)
     st_rdev: int = attr.ib(default=0)
     win_ctime: List[int] = attr.ib(default=[])
     win_mtime: List[int] = attr.ib(default=[])
@@ -526,7 +526,7 @@ def extract_entry(self, entry: YAFFSEntry, outdir: Path):  # noqa: C901
                 for chunk in self.get_file_bytes(entry):
                     f.write(chunk)
         elif entry.object_type == YaffsObjectType.SYMLINK:
-            if not is_safe_path(outdir, out_path / Path(entry.alias)):
+            if not is_safe_path(outdir, out_path.parent / Path(entry.alias)):
                 logger.warning(
                     "Potential path traversal attempt through symlink",
                     outdir=outdir,
@@ -536,21 +536,18 @@ def extract_entry(self, entry: YAFFSEntry, outdir: Path):  # noqa: C901
             logger.debug("creating symlink", file_path=out_path, _verbosity=3)
             out_path.symlink_to(Path(entry.alias))
         elif entry.object_type == YaffsObjectType.HARDLINK:
-            if not isinstance(entry, YAFFS2Entry):
-                logger.warning("non YAFFS2 hardlink object", entry=entry)
-                return
-
             logger.debug("creating hardlink", file_path=out_path, _verbosity=3)
-            src_entry = self.file_entries[entry.equiv_id]
-            src_path = self.resolve_path(src_entry)
-            if not is_safe_path(outdir, out_path / src_path):
+            dst_entry = self.file_entries[entry.equiv_id].data
+            dst_path = self.resolve_path(dst_entry)
+            if not is_safe_path(outdir, dst_path):
                 logger.warning(
                     "Potential path traversal attempt through hardlink",
                     outdir=outdir,
-                    path=src_path,
+                    path=dst_path,
                 )
                 return
-            src_path.link_to(out_path)
+            dst_full_path = outdir / dst_path
+            dst_full_path.link_to(out_path)
 
 
 class YAFFS2Parser(YAFFSParser):
@@ -699,6 +696,7 @@ def build_entry(self, header: Instance, chunk: YAFFSChunk) -> YAFFSEntry:
             name=snull(header.name[0:128]).decode("utf-8"),
             alias=snull(header.alias.replace(b"\xFF", b"")).decode("utf-8"),
             file_size=header.file_size,
+            equiv_id=header.equivalent_object_id,
         )
 
     def get_chunks(self, object_id: int) -> Iterable[YAFFS1Chunk]:

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:93e487e7ed1a160db8c599cc1fdca058baa6024dd27c329f1d55f823bee9215b`
	`3`	`+size 4752`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:434728a410a78f56fc1b5899c3593436e61ab0c731e9072d95e96db290205e53`
	`3`	`+size 8`