Commit 48057ab38490e0676ace74a154443000eb8e73fc
Committed by
GitHub
GitHub
Merge pull request #604 from matthieuxyz/master
olevba: prevent side effects on python lib "email"
Showing
1 changed file
with
14 additions
and
10 deletions
oletools/olevba.py
| @@ -276,6 +276,7 @@ import binascii | @@ -276,6 +276,7 @@ import binascii | ||
| 276 | import base64 | 276 | import base64 |
| 277 | import zlib | 277 | import zlib |
| 278 | import email # for MHTML parsing | 278 | import email # for MHTML parsing |
| 279 | +import email.feedparser | ||
| 279 | import string # for printable | 280 | import string # for printable |
| 280 | import json # for json output mode (argument --json) | 281 | import json # for json output mode (argument --json) |
| 281 | 282 | ||
| @@ -330,11 +331,6 @@ from oletools import crypto | @@ -330,11 +331,6 @@ from oletools import crypto | ||
| 330 | from oletools.common.io_encoding import ensure_stdout_handles_unicode | 331 | from oletools.common.io_encoding import ensure_stdout_handles_unicode |
| 331 | from oletools.common import codepages | 332 | from oletools.common import codepages |
| 332 | 333 | ||
| 333 | -# monkeypatch email to fix issue #32: | ||
| 334 | -# allow header lines without ":" | ||
| 335 | -import email.feedparser | ||
| 336 | -email.feedparser.headerRE = re.compile(r'^(From |[\041-\071\073-\176]{1,}:?|[\t ])') | ||
| 337 | - | ||
| 338 | # === PYTHON 2+3 SUPPORT ====================================================== | 334 | # === PYTHON 2+3 SUPPORT ====================================================== |
| 339 | 335 | ||
| 340 | if sys.version_info[0] <= 2: | 336 | if sys.version_info[0] <= 2: |
| @@ -2946,11 +2942,19 @@ class VBA_Parser(object): | @@ -2946,11 +2942,19 @@ class VBA_Parser(object): | ||
| 2946 | elif content_offset > -1: | 2942 | elif content_offset > -1: |
| 2947 | stripped_data = stripped_data[content_offset:] | 2943 | stripped_data = stripped_data[content_offset:] |
| 2948 | # TODO: quick and dirty fix: insert a standard line with MIME-Version header? | 2944 | # TODO: quick and dirty fix: insert a standard line with MIME-Version header? |
| 2949 | - if PYTHON2: | ||
| 2950 | - mhtml = email.message_from_string(stripped_data) | ||
| 2951 | - else: | ||
| 2952 | - # on Python 3, need to use message_from_bytes instead: | ||
| 2953 | - mhtml = email.message_from_bytes(stripped_data) | 2945 | + # monkeypatch email to fix issue #32: |
| 2946 | + # allow header lines without ":" | ||
| 2947 | + oldHeaderRE = email.feedparser.headerRE | ||
| 2948 | + loosyHeaderRE = re.compile(r'^(From |[\041-\071\073-\176]{1,}:?|[\t ])') | ||
| 2949 | + email.feedparser.headerRE = loosyHeaderRE | ||
| 2950 | + try: | ||
| 2951 | + if PYTHON2: | ||
| 2952 | + mhtml = email.message_from_string(stripped_data) | ||
| 2953 | + else: | ||
| 2954 | + # on Python 3, need to use message_from_bytes instead: | ||
| 2955 | + mhtml = email.message_from_bytes(stripped_data) | ||
| 2956 | + finally: | ||
| 2957 | + email.feedparser.headerRE = oldHeaderRE | ||
| 2954 | # find all the attached files: | 2958 | # find all the attached files: |
| 2955 | for part in mhtml.walk(): | 2959 | for part in mhtml.walk(): |
| 2956 | content_type = part.get_content_type() # always returns a value | 2960 | content_type = part.get_content_type() # always returns a value |