fix: extractor.py extract_file_zip hang when processing .dll file

[jni2000]

Description

When running the latest cve-bin-tool against a package containing .dll files, cve-bin-tool hang and showed an ERROR message like below:

"Failed to extract xxxx using unzip. Trying 7z."

The latest release of cve-bin-tool does NOT have the problem

To reproduce

Steps to reproduce the behaviour:

Run cve-bin-tool against an .dll file (might be credential protected)
Expected behaviour:
Actual behaviour: cve-bin-tool hang

Version/platform info

Version of CVE-bin-tool( e.g. output of cve-bin-tool --version): the latest main branch

Anything else?

I did a manual test by replacing the extract_file_zip method using the one in the latest release as below. The problem is resolved. I am not sure if what I did is correct and thus post it here and seek correct fixes.

Code in master latest branch that caused hang when processing .dll file

    async def extract_file_zip(filename, extraction_path, process_can_fail=True):
        """Extracts ZIP files using an invalid key to prevent
        freezing during extraction if they are password protected.
        Providing a key during extraction has no effect if the zip file is
        not password protected and extraction will happen as normal."""
        if await aio_inpath("unzip"):
            result = await unzip_file(filename, extraction_path, process_can_fail)
            if result == 0:
                return result
            LOGGER.debug(f"Failed to extract {filename} using unzip. Trying 7z.")
        if await aio_inpath("7z"):
            return await unzip_7z(filename, extraction_path, process_can_fail)
        else:
            with ErrorHandler(mode=ErrorMode.Ignore) as e:
                await aio_unpack_archive(filename, extraction_path)
            return e.exit_code

Code from the latest official release -- worked without any issues.

    async def extract_file_zip(filename, extraction_path, process_can_fail=True):
        """Extracts ZIP files using an invalid key to prevent
        freezing during extraction if they are password protected.
        Providing a key during extraction has no effect if the zip file is
        not password protected and extraction will happen as normal."""

        is_exe = filename.endswith(".exe")
        key = "StaticInvalidKey"
        if await aio_inpath("unzip"):
            stdout, stderr, _ = await aio_run_command(
                ["unzip", "-P", key, "-n", "-d", extraction_path, filename],
                process_can_fail,
            )
            if stderr:
                if "incorrect password" in stderr.decode():
                    LOGGER.error(
                        f"Failed to extract {filename}: The file is password protected"
                    )
                    return 0
                if is_exe:
                    return 0  # not all .exe files are zipfiles, no need for error
                return 1
        elif await aio_inpath("7z"):
            stdout, stderr, _ = await aio_run_command(
                ["7z", "x", f"-p{key}", filename], process_can_fail
            )
            if stderr or not stdout:
                if "Wrong password" in stderr.decode():
                    LOGGER.error(
                        f"Failed to extract {filename}: The file is password protected"
                    )
                    return 0
                if is_exe:
                    return 0  # not all .exe files are zipfiles, no need for error
                return 1
        else:
            with ErrorHandler(mode=ErrorMode.Ignore) as e:
                await aio_unpack_archive(filename, extraction_path)
            return e.exit_code
        return 0

[ffontaine]

@captainreality, you are the author of commit 2039f7a, could you help fixing this issue (without breaking your use case)?