Closed kiddinn closed 9 years ago
When running the tool against the SANS 508 nfury test image:
2015-01-21 14:45:47,374 [WARNING] (Worker_7 ) PID:4257 <worker> Unable to parse file: type: OS, location: /PATH/test_images/win7-64-nfury-10.3.58.6/win7-64-nfury-c-drive/win7-64-nfury-c-drive.E01 type: EWF type: TSK, inode: 45841, location: /Program Files/Common Files/Microsoft Shared/GRPHFLT/MS.GIF with error: pysigscan_scanner_scan_file_object: unable to scan file. pysigscan_file_object_read_buffer: unable to read from file object with error: "'pyewf_handle_read_buffer: unable to read data. libewf_chunk_data_unpack: unable to decompress chunk data. libewf_read_io_handle_read_chunk_data: unable to unpack chunk data: 86402. libewf_handle_read_buffer: unable to read chunk data: 86402.'". pysigscan_file_object_io_handle_read: unable to read from file object. libbfio_handle_read_buffer: unable to read from handle. libsigscan_scanner_scan_file_io_handle: unable to read buffer.
There seem to be some unhandled errors here in the pysigscan parser.
Looks more like an issue with reading from the EWF file to me:
libewf_handle_read_buffer: unable to read chunk data: 86402.
this has been fixed as well
When running the tool against the SANS 508 nfury test image:
There seem to be some unhandled errors here in the pysigscan parser.