Custom extfs extractor
qkaiser opened this issue · 0 comments
We were initially extracting extfs filesystems with 7z but the support was not extensive enough so we moved to debugfs.
Since then we had to fight with multiple bugs in debugfs, forcing us to fork e2fsprogs at https://github.com/onekey-sec/e2fsprogs. With the most recent bug report (#778), we had an internal discussion and decided that we need to go further.
We will implement our own extfs extractor binary by linking into the e2fsprogs library. The sole purpose of this binary is to receive a path to an extfs image and extract it in a specified directory. Prior to executing the extraction, the filesystem image will be fixed in-memory by implementing the equivalent of e2fsck -y so that the source file is not modified on disk. Issues identified during this fixing pass will be reported by the extfs extractor in unblob.