onekey-sec/unblob

Remarks on reporting

qkaiser opened this issue · 0 comments

qkaiser commented 
          ```

$ nix run github:onekey-sec/unblob/a5536446208f749c9df77f3d5a07528933e9e418 -- $( nix build --no-link --print-out-paths github:srid/nixos-config/1a6879bbd1c0f87f67533a7b91bc438e042b3bf6#nixosConfigurations.actual.config.system.build.initialRamdisk )/initrd
╭──────────────── unblob (23.8.11) ────────────────╮
│ Extracted files: 5 │{{1}}
│ Extracted directories: 12 │{{2}}
│ Extracted links: 5 │
│ Extraction directory size: 50.82 MB │
│ Chunks identification ratio: 99.99% │
╰──────────────────── Summary ─────────────────────╯
Chunks distribution
┏━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━┳━━━━━━━━┓
┃ Chunk type ┃ Size ┃ Ratio ┃
┡━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━╇━━━━━━━━┩
│ CPIO_PORTABLE_ASCII │ 32.64 MB │ 74.42% │{{3}}
│ ZSTD │ 11.21 MB │ 25.57% │{{3}}
│ UNKNOWN │ 5.50 KB │ 0.01% │
└─────────────────────┴──────────┴────────┘
Encountered errors
┏━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┓
┃ Severity ┃ Name ┃
┡━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━┩
│ Severity.ERROR │ UnknownError │{{4}}
└────────────────┴──────────────┘
$ ech0 $?
1
$ tree -sF initrd_extract/
initrd_extract/
|-- [ 3] 0-7279104.cpio_portable_ascii_extract/
| -- [ 3] kernel/ | -- [ 3] x86/
| -- [ 3] microcode/ | -- [ 7278592] GenuineIntel.bin {{1}}
|-- [ 1536] 7279104-7280640.unknown {{1}}
-- [ 4] 7280640-19039435.zstd_extract/ |-- [ 26951680] zstd.uncompressed {{5}} -- [ 5] zstd.uncompressed_extract/
|-- [ 26947584] 0-26947584.cpio_portable_ascii
|-- [ 6] 0-26947584.cpio_portable_ascii_extract/
| |-- [ 2] dev/
| |-- [ 4] etc/
| | |-- [ 56] mdadm.conf -> ../nix/store/ivzdqwmjb3g5cddb0l3kakqpym53n4sk-mdadm.conf
| | -- [ 5] modprobe.d/ | | |-- [ 80] debian.conf -> ../../nix/store/1hvskwda7r1spasqqg4ascjngqpnp0qw-kmod-debian-aliases.conf-22-1.1 | | |-- [ 74] nixos.conf -> ../../nix/store/fg1iypr8qlc4li832bsnqsv2182wjkmb-etc-modprobe.d-nixos.conf | | -- [ 77] ubuntu.conf -> ../../nix/store/pyzxg3hb6r88l7bqfya22q002sbchfxi-initrd-kmod-blacklist-ubuntu
| |-- [ 58] init -> nix/store/320svbpp3f9mhdc4xr0p1n2gm3nfwzv1-stage-1-init.sh
| -- [ 3] nix/ | -- [ 5] store/
| |-- [ 655] 1hvskwda7r1spasqqg4ascjngqpnp0qw-kmod-debian-aliases.conf-22-1.1 {{1}}
| |-- [ 20667] 320svbpp3f9mhdc4xr0p1n2gm3nfwzv1-stage-1-init.sh {{1}}
| -- [ 2] 5cxd4ywn7sis9h5yibxfc6bwvjz15af9-linux-6.1.43-modules-shrunk/ -- [ 4096] 26947584-26951680.unknown {{1}}

13 directories, 12 files


That looks better. It seems to be handling the first archive correctly!
But then there is still the/an error, and most of the files from the nested archive were not extracted.

Some further nitpickiness (largely unrelated to this overall issue):
1. I only see 3 extracted files. Do the `unknown` chunks count as files? I don't think they are "files" in that sense. (They result in regular files in the output, but semantically they are not files in the archive.)
2. Similarly, there are 14 dirs in the output tree (incl. top-level, 9 of which are within `*.cpio_portable_ascii_extract` dirs (i.e. were encoded in the input).
3. The CPIO (largely) was _inside_ the ZSTD. I don't think it makes very much sense to express their relative size of a whole (which one?).
4. Good. But knowing at least which extraction was attempted and failed would be nice. I know to expect that there are things missing in the output, but not where.
5. It seems to me that without the `-k` option, unblob removes blobs that it processed successfully. Why is `zstd.uncompressed` still there? It was split into `0-26947584.cpio_portable_ascii` and `26947584-26951680.unknown` and should then be done, no?

_Originally posted by @NiklasGollenstede in https://github.com/onekey-sec/unblob/issues/640#issuecomment-1702409447_