{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":462511083,"defaultBranch":"main","name":"sasquatch","ownerLogin":"onekey-sec","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2022-02-22T23:32:06.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/72915042?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1686078017.360564","currentOid":""},"activityList":{"items":[{"before":"5549710465e2d5ef8ed9e2c88c1140110f244326","after":"8d7b1edef55c9e7d995fcdd3bd3f0db1b3fac83f","ref":"refs/heads/main","pushedAt":"2023-06-06T18:59:28.530Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"fix: rewrite sanity check to handle malformed filesystem from D-Link.\n\nsquashfs-tools maintainer introduced a sanity check with commits\n3954bbb8e44f54a7081d84ddb968c2c2f210ad09 and\n734a85f5f117c2d92829a1874b952efa6c1d4f4d.\n\nThese checks means sasquatch can't extract squashfs v2 filesystems from\nD-Link.\n\nReproduction samples can be found here:\n\n- http://legacyfiles.us.dlink.com/DIR-600L/REVA/FIRMWARE/\n- http://legacyfiles.us.dlink.com/DIR-515/REVA/FIRMWARE/\n\nI'm still not sure if the error lies on D-Link for building malformed\nimages or squashfs-tools for confusing squashfs v2 and v3 super block\ncontent. At this point I don't care and chose to disable the sanity\ncheck while keeping overflows in check.\n\nI don't see any side effects in terms of memory access or usage.","shortMessageHtmlLink":"fix: rewrite sanity check to handle malformed filesystem from D-Link."}},{"before":"b25366995aefb1a7b4210ebb83d06f84f86c9db1","after":"40b54787ad9ed005c6147bcf488c1c8e133d2d03","ref":"refs/heads/fix-malformed-v2","pushedAt":"2023-06-06T15:57:06.394Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"fix: rewrite sanity check to handle malformed filesystem from D-Link.\n\nsquashfs-tools maintainer introduced a sanity check with commits\n3954bbb8e44f54a7081d84ddb968c2c2f210ad09 and\n734a85f5f117c2d92829a1874b952efa6c1d4f4d.\n\nThese checks means sasquatch can't extract squashfs v2 filesystems from\nD-Link.\n\nReproduction samples can be found here:\n\n- http://legacyfiles.us.dlink.com/DIR-600L/REVA/FIRMWARE/\n- http://legacyfiles.us.dlink.com/DIR-515/REVA/FIRMWARE/\n\nI'm still not sure if the error lies on D-Link for building malformed\nimages or squashfs-tools for confusing squashfs v2 and v3 super block\ncontent. At this point I don't care and chose to disable the sanity\ncheck while keeping overflows in check.\n\nI don't see any side effects in terms of memory access or usage.","shortMessageHtmlLink":"fix: rewrite sanity check to handle malformed filesystem from D-Link."}},{"before":null,"after":"b25366995aefb1a7b4210ebb83d06f84f86c9db1","ref":"refs/heads/fix-malformed-v2","pushedAt":"2023-06-01T16:15:30.713Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"fix: disable sanity check to handle malformed filesystem from D-Link.","shortMessageHtmlLink":"fix: disable sanity check to handle malformed filesystem from D-Link."}},{"before":"c4b6d61b7419f55c6dbd340f94f046c219ebb4d8","after":null,"ref":"refs/heads/fix-nix","pushedAt":"2023-05-22T10:56:35.804Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"}},{"before":"27cd623424c7da76330140f8349fc0c53e61b3b2","after":"5549710465e2d5ef8ed9e2c88c1140110f244326","ref":"refs/heads/main","pushedAt":"2023-05-22T10:56:21.276Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"flake.lock: Update\n\nFlake lock file updates:\n\n• Updated input 'nixpkgs':\n    'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)\n  → 'github:NixOS/nixpkgs/85340996ba67cc02f01ba324e18b1306892ed6f5' (2023-05-21)","shortMessageHtmlLink":"flake.lock: Update"}},{"before":"700270c9ba7e94cf39326e6dcf8aad878b4d9550","after":"c4b6d61b7419f55c6dbd340f94f046c219ebb4d8","ref":"refs/heads/fix-nix","pushedAt":"2023-05-22T10:40:09.584Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"flake.lock: Update\n\nFlake lock file updates:\n\n• Updated input 'nixpkgs':\n    'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)\n  → 'github:NixOS/nixpkgs/85340996ba67cc02f01ba324e18b1306892ed6f5' (2023-05-21)","shortMessageHtmlLink":"flake.lock: Update"}},{"before":"190d9f99b266d399533166804178514317c4c3a0","after":"700270c9ba7e94cf39326e6dcf8aad878b4d9550","ref":"refs/heads/fix-nix","pushedAt":"2023-05-22T10:07:20.037Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"flake.lock: Update\n\nFlake lock file updates:\n\n• Updated input 'nixpkgs':\n    'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)\n  → 'github:NixOS/nixpkgs/85340996ba67cc02f01ba324e18b1306892ed6f5' (2023-05-21)","shortMessageHtmlLink":"flake.lock: Update"}},{"before":"716f5ac445183743e545ab0577364288eddb55e0","after":"190d9f99b266d399533166804178514317c4c3a0","ref":"refs/heads/fix-nix","pushedAt":"2023-05-22T10:06:19.667Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"flake.lock: Update\n\nFlake lock file updates:\n\n• Updated input 'nixpkgs':\n    'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)\n  → 'github:NixOS/nixpkgs/85340996ba67cc02f01ba324e18b1306892ed6f5' (2023-05-21)","shortMessageHtmlLink":"flake.lock: Update"}},{"before":null,"after":"716f5ac445183743e545ab0577364288eddb55e0","ref":"refs/heads/fix-nix","pushedAt":"2023-05-22T10:04:19.338Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"flake.lock: Update\n\nFlake lock file updates:\n\n• Updated input 'nixpkgs':\n    'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)\n  → 'github:NixOS/nixpkgs/85340996ba67cc02f01ba324e18b1306892ed6f5' (2023-05-21)","shortMessageHtmlLink":"flake.lock: Update"}},{"before":"f7e1213ccd848043b031a9c69fa514c04841093a","after":null,"ref":"refs/heads/fix-nix","pushedAt":"2023-05-05T14:05:08.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"}},{"before":"91b5d70c5ccd7491a1039a8030c83eccee2fa579","after":"27cd623424c7da76330140f8349fc0c53e61b3b2","ref":"refs/heads/main","pushedAt":"2023-05-05T14:05:04.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"Fix nix build on recent nixpkgs (#16)\n\n* nix: fix build on recent nixpkgs\r\n\r\nsquashfsTools is updated to 4.6.1 in nixpkgs, removing the need to the\r\ndarwin patch. It is reintroduced here.\r\n\r\n* actions: run apt update as packages may get removed from mirror\r\n\r\n* flake.lock: Update\r\n\r\nFlake lock file updates:\r\n\r\n• Updated input 'nixpkgs':\r\n    'github:NixOS/nixpkgs/5ab8b5ae26e6a4b781bdebdfd131c054f0b96e70' (2023-02-20)\r\n  → 'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)","shortMessageHtmlLink":"Fix nix build on recent nixpkgs (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1688385586\" data-permission-text=\"Title is private\" data-url=\"https://github.com/onekey-sec/sasquatch/issues/16\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/onekey-sec/sasquatch/pull/16/hovercard\" href=\"https://github.com/onekey-sec/sasquatch/pull/16\">#16</a>)"}},{"before":"77b04ad91203e69145dc929a26b7e3a64340fbea","after":"f7e1213ccd848043b031a9c69fa514c04841093a","ref":"refs/heads/fix-nix","pushedAt":"2023-05-05T10:38:43.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"flake.lock: Update\n\nFlake lock file updates:\n\n• Updated input 'nixpkgs':\n    'github:NixOS/nixpkgs/5ab8b5ae26e6a4b781bdebdfd131c054f0b96e70' (2023-02-20)\n  → 'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)","shortMessageHtmlLink":"flake.lock: Update"}},{"before":"c88f8568e5ca0eccb1c199c186d0476518837ebb","after":"77b04ad91203e69145dc929a26b7e3a64340fbea","ref":"refs/heads/fix-nix","pushedAt":"2023-05-05T10:34:41.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"flake.lock: Update\n\nFlake lock file updates:\n\n• Updated input 'nixpkgs':\n    'github:NixOS/nixpkgs/5ab8b5ae26e6a4b781bdebdfd131c054f0b96e70' (2023-02-20)\n  → 'github:NixOS/nixpkgs/0b6445b611472740f02eae9015150c07c5373340' (2023-05-05)","shortMessageHtmlLink":"flake.lock: Update"}},{"before":"8850c361457b7989a908c69ef5b7186d112d4fa4","after":"c88f8568e5ca0eccb1c199c186d0476518837ebb","ref":"refs/heads/fix-nix","pushedAt":"2023-04-28T11:26:15.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"actions: run apt update as packages may get removed from mirror","shortMessageHtmlLink":"actions: run apt update as packages may get removed from mirror"}},{"before":null,"after":"8850c361457b7989a908c69ef5b7186d112d4fa4","ref":"refs/heads/fix-nix","pushedAt":"2023-04-28T11:20:45.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"},"commit":{"message":"nix: fix build on recent nixpkgs","shortMessageHtmlLink":"nix: fix build on recent nixpkgs"}},{"before":"ef06d235b825c7c350db2eada1952e86aa7d1e93","after":"91b5d70c5ccd7491a1039a8030c83eccee2fa579","ref":"refs/heads/main","pushedAt":"2023-04-07T09:56:39.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"fix: remove regression introduced by b269533.\n\nWhen the maintainers of squashfs-tools introduced non-fatal error\nhardening, they also introduced a regression for sasquatch.\n\nThis was introduced by commit b26953313f99bff53f8d4f029ab8615d172791b7,\nwhere \"If the writer thread fails to write a block to the output\nfilesystem, treat this as a fatal error.\".\n\nThe problem is that these non-fatal error will happen when sasquatch\nenumerate through the different compression implementation, and\nespecially with LZMA adaptive it appears.\n\nThe fix is to explicitly ignore errors during the decompression\nattempts.","shortMessageHtmlLink":"fix: remove regression introduced by <a class=\"commit-link\" data-hovercard-type=\"commit\" data-hovercard-url=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7/hovercard\" href=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7\"><tt>b269533</tt></a>."}},{"before":"54fc4a8cc752cd0ceeb6de1a0cc20063a545f270","after":"1034194fd8992adba486dee3e20e40faf0275dae","ref":"refs/heads/fix-lzma-adaptive-bug","pushedAt":"2023-04-07T09:44:57.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"fix: remove regression introduced by b269533.\n\nWhen the maintainers of squashfs-tools introduced non-fatal error\nhardening, they also introduced a regression for sasquatch.\n\nThis was introduced by commit b26953313f99bff53f8d4f029ab8615d172791b7,\nwhere \"If the writer thread fails to write a block to the output\nfilesystem, treat this as a fatal error.\".\n\nThe problem is that these non-fatal error will happen when sasquatch\nenumerate through the different compression implementation, and\nespecially with LZMA adaptive it appears.\n\nThe fix is to explicitly ignore errors during the decompression\nattempts.","shortMessageHtmlLink":"fix: remove regression introduced by <a class=\"commit-link\" data-hovercard-type=\"commit\" data-hovercard-url=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7/hovercard\" href=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7\"><tt>b269533</tt></a>."}},{"before":"310ddad0dcd107a084a794d4ef5724c0963d450d","after":"54fc4a8cc752cd0ceeb6de1a0cc20063a545f270","ref":"refs/heads/fix-lzma-adaptive-bug","pushedAt":"2023-04-07T09:30:16.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"fix: remove regression introduced by b269533.\n\nWhen the maintainers of squashfs-tools introduced non-fatal error\nhardening, they also introduced a regression for sasquatch.\n\nThis was introduced by commit b26953313f99bff53f8d4f029ab8615d172791b7,\nwhere \"If the writer thread fails to write a block to the output\nfilesystem, treat this as a fatal error.\".\n\nThe problem is that these non-fatal error will happen when sasquatch\nenumerate through the different compression implementation, and\nespecially with LZMA adaptive it appears.\n\nThe fix is to explicitly ignore errors during the decompression\nattempts.","shortMessageHtmlLink":"fix: remove regression introduced by <a class=\"commit-link\" data-hovercard-type=\"commit\" data-hovercard-url=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7/hovercard\" href=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7\"><tt>b269533</tt></a>."}},{"before":null,"after":"310ddad0dcd107a084a794d4ef5724c0963d450d","ref":"refs/heads/fix-lzma-adaptive-bug","pushedAt":"2023-04-06T21:40:12.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"fix: remove regression introduced by b269533.\n\nWhen the maintainers of squashfs-tools introduced non-fatal error\nhardening, they also introduced a regression for sasquatch.\n\nThis was introduced by commit b26953313f99bff53f8d4f029ab8615d172791b7,\nwhere \"If the writer thread fails to write a block to the output\nfilesystem, treat this as a fatal error.\".\n\nThe problem is that these non-fatal error will happen when sasquatch\nenumerate through the different compression implementation, and\nespecially with LZMA adaptive it appears.\n\nThe fix is to comment the call to EXIT_UNSQUASH_LIKELY for that very\nspecific case. The rest can stay.","shortMessageHtmlLink":"fix: remove regression introduced by <a class=\"commit-link\" data-hovercard-type=\"commit\" data-hovercard-url=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7/hovercard\" href=\"https://github.com/onekey-sec/sasquatch/commit/b26953313f99bff53f8d4f029ab8615d172791b7\"><tt>b269533</tt></a>."}},{"before":"9d09c3ce673f9c7b8e543cf17854dcab2f675968","after":null,"ref":"refs/heads/squashfsv2-support","pushedAt":"2023-03-09T16:27:46.717Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"vlaci","name":"László Vaskó","path":"/vlaci","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1771332?s=80&v=4"}},{"before":"4f75d7034aff7b79fb39f5e8b2e8e8367b2aac40","after":"ef06d235b825c7c350db2eada1952e86aa7d1e93","ref":"refs/heads/main","pushedAt":"2023-03-09T11:02:30.493Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"martonilles","name":"Marton Illes","path":"/martonilles","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5451167?s=80&v=4"},"commit":{"message":"Merge pull request #13 from onekey-sec/squashfsv2-support\n\nadd proper support for squashfs v2","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1615645828\" data-permission-text=\"Title is private\" data-url=\"https://github.com/onekey-sec/sasquatch/issues/13\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/onekey-sec/sasquatch/pull/13/hovercard\" href=\"https://github.com/onekey-sec/sasquatch/pull/13\">#13</a> from onekey-sec/squashfsv2-support"}},{"before":"c62ee350224d3673e540382d0113504329212e07","after":"9d09c3ce673f9c7b8e543cf17854dcab2f675968","ref":"refs/heads/squashfsv2-support","pushedAt":"2023-03-09T07:47:19.773Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"add proper support for squashfs v2\n\nSince squashfs version 2 and 1 have a similar header structure than\nversion 3, the call to read_super_3 always returns 1, which means the\nfirst if condition after the read_super_3 is always taken and version 2\nand 1 never properly parsed.\n\nThis commit fix this condition and select the parsing function to call\nbased on identified major version.","shortMessageHtmlLink":"add proper support for squashfs v2"}},{"before":null,"after":"c62ee350224d3673e540382d0113504329212e07","ref":"refs/heads/squashfsv2-support","pushedAt":"2023-03-08T17:28:35.667Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"qkaiser","name":"Quentin Kaiser","path":"/qkaiser","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/569494?s=80&v=4"},"commit":{"message":"add proper support for squashfs v2\n\nSince squashfs version 2 and 1 have a similar header structure than\nversion 3, the call to read_super_3 always returns 1, which means the\nfirst if condition after the read_super_3 is always taken and version 2\nand 1 never properly parsed.\n\nThis commit fix this condition and select the parsing function to call\nbased on identified major version.","shortMessageHtmlLink":"add proper support for squashfs v2"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADO_6wFwA","startCursor":null,"endCursor":null}},"title":"Activity · onekey-sec/sasquatch"}