Bugfix: accessors should provide their underlying file #2893
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We sometimes need to know the path to the underlying file on the filesystem if possible. This is used in cases when we need to delegate to an external library which expects a filesystem path. Previously the code assumed that when the accessor was "file" or "auto" then the underlying path can be obtained from the filename. This works well in local trigage mode but fails when remapping - in that case the actual accessor called "file" may be a completely different remapped accessor and it is not appropriate to use its filename as an underlying API file. This would cause issues with e.g. the yara plugin, sqlite and leveldb plugins. This PR introduces a new interface which allows the accessor to provide the raw API accessible path if possible. For plugins that need to work with real files, this path also creates a local copy if needed. Fixes: #2870
scudette
added a commit
to scudette/velociraptor
that referenced
this pull request
Aug 28, 2023
We sometimes need to know the path to the underlying file on the filesystem if possible. This is used in cases when we need to delegate to an external library which expects a filesystem path. Previously the code assumed that when the accessor was "file" or "auto" then the underlying path can be obtained from the filename. This works well in local trigage mode but fails when remapping - in that case the actual accessor called "file" may be a completely different remapped accessor and it is not appropriate to use its filename as an underlying API file. This would cause issues with e.g. the yara plugin, sqlite and leveldb plugins. This PR introduces a new interface which allows the accessor to provide the raw API accessible path if possible. For plugins that need to work with real files, this path also creates a local copy if needed. Fixes: Velocidex#2870
scudette
added a commit
that referenced
this pull request
Aug 28, 2023
We sometimes need to know the path to the underlying file on the filesystem if possible. This is used in cases when we need to delegate to an external library which expects a filesystem path. Previously the code assumed that when the accessor was "file" or "auto" then the underlying path can be obtained from the filename. This works well in local trigage mode but fails when remapping - in that case the actual accessor called "file" may be a completely different remapped accessor and it is not appropriate to use its filename as an underlying API file. This would cause issues with e.g. the yara plugin, sqlite and leveldb plugins. This PR introduces a new interface which allows the accessor to provide the raw API accessible path if possible. For plugins that need to work with real files, this path also creates a local copy if needed. Fixes: #2870
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We sometimes need to know the path to the underlying file on the filesystem if possible. This is used in cases when we need to delegate to an external library which expects a filesystem path.
Previously the code assumed that when the accessor was "file" or "auto" then the underlying path can be obtained from the filename. This works well in local trigage mode but fails when remapping - in that case the actual accessor called "file" may be a completely different remapped accessor and it is not appropriate to use its filename as an underlying API file.
This would cause issues with e.g. the yara plugin, sqlite and leveldb plugins.
This PR introduces a new interface which allows the accessor to provide the raw API accessible path if possible. For plugins that need to work with real files, this path also creates a local copy if needed.
Fixes: #2870