Decompress Missing Exception / Error Details When Contents to Large For Disk

PUNCH-Cyber / stoq-plugins-public

stoQ Public Plugins

https://stoq.punchcyber.com

Apache License 2.0

72 stars 24 forks source link

Decompress Missing Exception / Error Details When Contents to Large For Disk #42

Closed Kolano closed 5 years ago

Kolano commented 5 years ago

Analyzing the .vhd file in this zip with an "application/octet-stream" mime type result in...

    "errors": {
        "decompress": [
            "Unable to access extracted content: "
        ]
    },

sample12.zip

Decompressing it outputs a large 34gb sample12.img file, so I believe it's failing due to insufficient disk space, which should raise an exception or at least provide some more specific details in the errors.decompress field.

mlaferrera commented 5 years ago

This actually was an issue with python not handling large files well (in this case, 32gb). I've added a check for file size prior to sending an extracted payload back into stoQ for processing as well as added the ability to customize the timeout for decompression. This version will also be more verbose with any errors that are discovered. Thanks again, @Kolano!