diff --git a/oletools/oleobj.py b/oletools/oleobj.py index d18c1e4..8ed34f2 100644 --- a/oletools/oleobj.py +++ b/oletools/oleobj.py @@ -14,7 +14,7 @@ http://www.decalage.info/python/oletools # === LICENSE ================================================================= -# oleobj is copyright (c) 2015-2019 Philippe Lagadec (http://www.decalage.info) +# oleobj is copyright (c) 2015-2020 Philippe Lagadec (http://www.decalage.info) # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -86,8 +86,9 @@ from oletools.common.io_encoding import ensure_stdout_handles_unicode # 2018-03-27 PL: - fixed issue #274 in read_length_prefixed_string # 2018-09-11 v0.54 PL: - olefile is now a dependency # 2018-10-30 SA: - added detection of external links (PR #317) +# 2020-03-03 v0.56 PL: - fixed bug #541, "Ole10Native" is case-insensitive -__version__ = '0.55' +__version__ = '0.56dev2' # ----------------------------------------------------------------------------- # TODO: @@ -771,7 +772,7 @@ def process_file(filename, data, output_dir=None): for path_parts in ole.listdir(): stream_path = '/'.join(path_parts) log.debug('Checking stream %r', stream_path) - if path_parts[-1] == '\x01Ole10Native': + if path_parts[-1].lower() == '\x01ole10native': stream = None try: stream = ole.openstream(path_parts) diff --git a/setup.py b/setup.py index f2e6bea..e62f38c 100644 --- a/setup.py +++ b/setup.py @@ -52,7 +52,7 @@ import os, fnmatch #--- METADATA ----------------------------------------------------------------- name = "oletools" -version = '0.56dev1' +version = '0.56dev2' desc = "Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response #DFIR" long_desc = open('oletools/README.rst').read() author = "Philippe Lagadec"