Closed DoNck closed 2 years ago
sc-anssi
commented
2 years ago Hi, Just to let you know that we are still investigating the issue. In the mean time, a workaround can be to use libraries which rely on the 7z binary (like patool) or to write the wrapping code yourself. We'll come back to you when we have more news about the matter. Regards
fabienfl-orc
commented
2 years ago Hello, this is fixed with the fresh 10.0.22 release. It will be also working with upcoming 10.1.0-rc8.
FYI the issue with 7z library is that it expects NULL stream for empty files but we processed empty files like the others.
amaulave
commented
2 years ago Hello @fabienfl-orc @sc-anssi
I downloaded 10.0.22 release and unfortunately I still have an error when I tried to extract the 7z archive with py7zr:
$ py7zr x Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System.7z out
Traceback (most recent call last):
File "/usr/local/bin/py7zr", line 8, in <module>
sys.exit(main())
File "/home/user/.local/lib/python3.8/site-packages/py7zr/__main__.py", line 25, in main
return cli.Cli().run()
File "/home/user/.local/lib/python3.8/site-packages/py7zr/cli.py", line 99, in run
return args.func(args)
File "/home/user/.local/lib/python3.8/site-packages/py7zr/cli.py", line 356, in run_extract
a.extractall(path=args.odir, callback=cb)
File "/home/user/.local/lib/python3.8/site-packages/py7zr/py7zr.py", line 948, in extractall
self._extract(path=path, return_dict=False, callback=callback)
File "/home/user/.local/lib/python3.8/site-packages/py7zr/py7zr.py", line 604, in _extract
self.worker.extract(
File "/home/user/.local/lib/python3.8/site-packages/py7zr/py7zr.py", line 1198, in extract
if not any([self.target_filepath.get(f.id, None) for f in folders[i].files]):
TypeError: 'NoneType' object is not iterable
$ py7zr t Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System.7z
Testing archive: Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System.7z
--
Path = Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System.7z
Type = 7z
Phisical Size = 173442461
Headers Size = 1108
Method = LZMA2
Solid = +
Blocks = 44
Bad 7zip fileIf I uncompress then recompress the archive using 7-Zip tool without modification to files, the new archive can be proceed without issues:
$ py7zr t Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System_repaired.7z
Testing archive: Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System_repaired.7z
--
Path = Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System_repaired.7z
Type = 7z
Phisical Size = 173337431
Headers Size = 1004
Method = LZMA2
Solid = +
Blocks = 1
Everything is Ok
$ py7zr x Collect_Full_DESKTOP-S3MCBR3_20211202_181230_System_repaired.7z out2
$ echo $?
0Hi @amaulave, Your error seems to be a different problem: please open a new issue with all the info we need to reproduce it (including the sample archive triggering the bug and DFIR-ORC's configuration)
Regards
Hi,
I encounter issues opening dfir-orc crafted 7z archives using py7z python library. According to @miurahr from py7z, something is wrong on the dfir-orc side, see: issue 359 at py7zr. Could you please have a look a the problem ? Test cases are attached to the issue.
Best regards