From d3c13b118d99d7807143026172c5a781e0996b9b Mon Sep 17 00:00:00 2001
From: n1073645 <n1073645@gmail.com>
Date: Tue, 12 Nov 2019 11:00:43 +0000
Subject: [PATCH] Improved continueUntil, added consumeWhile and made the EVTX
 extractor more complete

---
 .eslintrc.json                  |  1 +
 src/core/lib/FileSignatures.mjs | 18 +++++++++---------
 src/core/lib/Stream.mjs         |  2 +-
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/.eslintrc.json b/.eslintrc.json
index e307112b..14e335a5 100755
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -47,6 +47,7 @@
         "block-spacing": "error",
         "array-bracket-spacing": "error",
         "comma-spacing": "error",
+	"spaced-comment": ["error", "always"],
         "comma-style": "error",
         "computed-property-spacing": "error",
         "no-trailing-spaces": "warn",
diff --git a/src/core/lib/FileSignatures.mjs b/src/core/lib/FileSignatures.mjs
index c8397b03..b4d9e918 100644
--- a/src/core/lib/FileSignatures.mjs
+++ b/src/core/lib/FileSignatures.mjs
@@ -2577,21 +2577,21 @@ export function extractJPEG(bytes, offset) {
 export function extractGIF(bytes, offset) {
     const stream = new Stream(bytes.slice(offset));
 
-    //Move to application extension block.
+    // Move to application extension block.
     stream.continueUntil([0x21, 0xff]);
 
-    //Move to Graphic Control Extension for frame #1.
+    // Move to Graphic Control Extension for frame #1.
     stream.continueUntil([0x21, 0xf9]);
     stream.moveForwardsBy(2);
     while (stream.hasMore()) {
 
-        //Move to Image descriptor.
+        // Move to Image descriptor.
         stream.moveForwardsBy(stream.getBytes(1)[0]+1);
 
-        //Move past Image descriptor to the image data.
+        // Move past Image descriptor to the image data.
         stream.moveForwardsBy(11);
 
-        //Loop until next Graphic Control Extension.
+        // Loop until next Graphic Control Extension.
         while (stream.getBytes(2) !== [0x21, 0xf9]) {
             stream.moveBackwardsBy(2);
             stream.moveForwardsBy(stream.getBytes(1)[0]);
@@ -2599,7 +2599,7 @@ export function extractGIF(bytes, offset) {
                 break;
             stream.moveBackwardsBy(1);
         }
-        //When the end of the file is [0x00, 0x3b], end.
+        // When the end of the file is [0x00, 0x3b], end.
         if (stream.getBytes(1)[0] === 0x3b)
             break;
         stream.moveForwardsBy(1);
@@ -3000,7 +3000,7 @@ export function extractGZIP(bytes, offset) {
 export function extractBZIP2(bytes, offset) {
     const stream = new Stream(bytes.slice(offset));
 
-    //The EOFs shifted between all possible combinations.
+    // The EOFs shifted between all possible combinations.
     const lookingfor = [
         [0x77, 0x24, 0x53, 0x85, 0x09],
         [0xee, 0x48, 0xa7, 0x0a, 0x12],
@@ -3014,12 +3014,12 @@ export function extractBZIP2(bytes, offset) {
 
     for (let i = 0; i < lookingfor.length; i++) {
 
-        //Continue until an EOF.
+        // Continue until an EOF.
         stream.continueUntil(lookingfor[i]);
         if (stream.getBytes(5).join("") === lookingfor[i].join(""))
             break;
 
-        //Jump back to the start if invalid EOF.
+        // Jump back to the start if invalid EOF.
         stream.moveTo(0);
     }
     stream.moveForwardsBy(4);
diff --git a/src/core/lib/Stream.mjs b/src/core/lib/Stream.mjs
index e86dfc30..58cb2d5b 100644
--- a/src/core/lib/Stream.mjs
+++ b/src/core/lib/Stream.mjs
@@ -189,7 +189,7 @@ export default class Stream {
             found = true;
 
             // Loop through the elements comparing them to val.
-            for (let x = length-1; x !== -1; x--) {
+            for (let x = length-1; x+1; x--) {
                 if (this.bytes[(this.position-length) + x] !== val[x]) {
                     found = false;