Merge pull request #188 from safing/maintain/sig-delete--binmeta--svchost

Improve: delete sigs, binary metadata, svchost service detection
2025-09-01 18:19:57 +00:00 · 2022-10-10 22:12:59 +02:00 · 2022-10-10 22:12:59 +02:00 · 8471f4f38a
commit 8471f4f38a
parent 37b91788c2 40015b54b7
3 changed files with 29 additions and 13 deletions
--- a/updater/resource.go
+++ b/updater/resource.go
@ -2,6 +2,7 @@ package updater

 import (
 	"errors"
+	"io/fs"
 	"os"
 	"path/filepath"
 	"sort"
@ -461,11 +462,23 @@ boundarySearch:
 		storagePath := rv.storagePath()
 		err := os.Remove(storagePath)
 		if err != nil {
-			log.Warningf("%s: failed to purge resource %s v%s: %s", res.registry.Name, rv.resource.Identifier, rv.VersionNumber, err)
+			if !errors.Is(err, fs.ErrNotExist) {
+				log.Warningf("%s: failed to purge resource %s v%s: %s", res.registry.Name, rv.resource.Identifier, rv.VersionNumber, err)
+			}
 		} else {
 			log.Tracef("%s: purged resource %s v%s", res.registry.Name, rv.resource.Identifier, rv.VersionNumber)
 		}

+		// Remove resource signature file.
+		err = os.Remove(rv.storageSigPath())
+		if err != nil {
+			if !errors.Is(err, fs.ErrNotExist) {
+				log.Warningf("%s: failed to purge resource signature %s v%s: %s", res.registry.Name, rv.resource.Identifier, rv.VersionNumber, err)
+			}
+		} else {
+			log.Tracef("%s: purged resource signature %s v%s", res.registry.Name, rv.resource.Identifier, rv.VersionNumber)
+		}
+
 		// Remove unpacked version of resource.
 		ext := filepath.Ext(storagePath)
 		if ext == "" {
--- a/utils/osdetail/binmeta_test.go
+++ b/utils/osdetail/binmeta_test.go
@ -21,6 +21,7 @@ func TestGenerateBinaryNameFromPath(t *testing.T) {
 	assert.Equal(t, "Browser Broker", GenerateBinaryNameFromPath("browser_broker.exe"))
 	assert.Equal(t, "Virtual Box VM", GenerateBinaryNameFromPath("VirtualBoxVM"))
 	assert.Equal(t, "Io Elementary Appcenter", GenerateBinaryNameFromPath("io.elementary.appcenter"))
+	assert.Equal(t, "Microsoft Windows Store", GenerateBinaryNameFromPath("Microsoft.WindowsStore"))
 }

 func TestCleanFileDescription(t *testing.T) {
--- a/utils/osdetail/svchost_windows.go
+++ b/utils/osdetail/svchost_windows.go
@ -12,7 +12,7 @@ import (
 )

 var (
-	serviceNames     map[int32]string
+	serviceNames     map[int32][]string
 	serviceNamesLock sync.Mutex
 )

@ -22,7 +22,7 @@ var (
 )

 // GetServiceNames returns all service names assosicated with a svchost.exe process on Windows.
-func GetServiceNames(pid int32) (string, error) {
+func GetServiceNames(pid int32) ([]string, error) {
 	serviceNamesLock.Lock()
 	defer serviceNamesLock.Unlock()

@ -35,7 +35,7 @@ func GetServiceNames(pid int32) (string, error) {

 	serviceNames, err := GetAllServiceNames()
 	if err != nil {
-		return "", err
+		return nil, err
 	}

 	names, ok := serviceNames[pid]
@ -43,11 +43,11 @@ func GetServiceNames(pid int32) (string, error) {
 		return names, nil
 	}

-	return "", ErrServiceNotFound
+	return nil, ErrServiceNotFound
 }

 // GetAllServiceNames returns a list of service names assosicated with svchost.exe processes on Windows.
-func GetAllServiceNames() (map[int32]string, error) {
+func GetAllServiceNames() (map[int32][]string, error) {
 	output, err := exec.Command("tasklist", "/svc", "/fi", "imagename eq svchost.exe").Output()
 	if err != nil {
 		return nil, fmt.Errorf("failed to get svchost tasklist: %s", err)
@ -66,8 +66,8 @@ func GetAllServiceNames() (map[int32]string, error) {

 	var (
 		pid        int32
-		services   string
-		collection = make(map[int32]string)
+		services   []string
+		collection = make(map[int32][]string)
 	)

 	for scanner.Scan() {
@ -83,11 +83,11 @@ func GetAllServiceNames() (map[int32]string, error) {
 		if fields[0] == "svchost.exe" {
 			// save old entry
 			if pid != 0 {
-				collection[pid] = strings.TrimSpace(services)
+				collection[pid] = services
 			}
-			// reset
+			// reset PID
 			pid = 0
-			services = ""
+			services = make([]string, 0, len(fields))

 			// check fields length
 			if len(fields) < 3 {
@ -106,12 +106,14 @@ func GetAllServiceNames() (map[int32]string, error) {
 		}

 		// add service names
-		services += " " + strings.Join(fields, " ")
+		for _, field := range fields {
+			services = append(services, strings.Trim(strings.TrimSpace(field), ","))
+		}
 	}

 	if pid != 0 {
 		// save last entry
-		collection[pid] = strings.TrimSpace(services)
+		collection[pid] = services
 	}

 	return collection, nil