Commit 755ac5d117a6d1adb6c51eaf4e668445da92d6f2
1 parent
8526b4f0
oleobj: fixed #541, "Ole10Native" is case-insensitive
Showing
2 changed files
with
5 additions
and
4 deletions
oletools/oleobj.py
| @@ -14,7 +14,7 @@ http://www.decalage.info/python/oletools | @@ -14,7 +14,7 @@ http://www.decalage.info/python/oletools | ||
| 14 | 14 | ||
| 15 | # === LICENSE ================================================================= | 15 | # === LICENSE ================================================================= |
| 16 | 16 | ||
| 17 | -# oleobj is copyright (c) 2015-2019 Philippe Lagadec (http://www.decalage.info) | 17 | +# oleobj is copyright (c) 2015-2020 Philippe Lagadec (http://www.decalage.info) |
| 18 | # All rights reserved. | 18 | # All rights reserved. |
| 19 | # | 19 | # |
| 20 | # Redistribution and use in source and binary forms, with or without | 20 | # Redistribution and use in source and binary forms, with or without |
| @@ -86,8 +86,9 @@ from oletools.common.io_encoding import ensure_stdout_handles_unicode | @@ -86,8 +86,9 @@ from oletools.common.io_encoding import ensure_stdout_handles_unicode | ||
| 86 | # 2018-03-27 PL: - fixed issue #274 in read_length_prefixed_string | 86 | # 2018-03-27 PL: - fixed issue #274 in read_length_prefixed_string |
| 87 | # 2018-09-11 v0.54 PL: - olefile is now a dependency | 87 | # 2018-09-11 v0.54 PL: - olefile is now a dependency |
| 88 | # 2018-10-30 SA: - added detection of external links (PR #317) | 88 | # 2018-10-30 SA: - added detection of external links (PR #317) |
| 89 | +# 2020-03-03 v0.56 PL: - fixed bug #541, "Ole10Native" is case-insensitive | ||
| 89 | 90 | ||
| 90 | -__version__ = '0.55' | 91 | +__version__ = '0.56dev2' |
| 91 | 92 | ||
| 92 | # ----------------------------------------------------------------------------- | 93 | # ----------------------------------------------------------------------------- |
| 93 | # TODO: | 94 | # TODO: |
| @@ -771,7 +772,7 @@ def process_file(filename, data, output_dir=None): | @@ -771,7 +772,7 @@ def process_file(filename, data, output_dir=None): | ||
| 771 | for path_parts in ole.listdir(): | 772 | for path_parts in ole.listdir(): |
| 772 | stream_path = '/'.join(path_parts) | 773 | stream_path = '/'.join(path_parts) |
| 773 | log.debug('Checking stream %r', stream_path) | 774 | log.debug('Checking stream %r', stream_path) |
| 774 | - if path_parts[-1] == '\x01Ole10Native': | 775 | + if path_parts[-1].lower() == '\x01ole10native': |
| 775 | stream = None | 776 | stream = None |
| 776 | try: | 777 | try: |
| 777 | stream = ole.openstream(path_parts) | 778 | stream = ole.openstream(path_parts) |
setup.py
| @@ -52,7 +52,7 @@ import os, fnmatch | @@ -52,7 +52,7 @@ import os, fnmatch | ||
| 52 | #--- METADATA ----------------------------------------------------------------- | 52 | #--- METADATA ----------------------------------------------------------------- |
| 53 | 53 | ||
| 54 | name = "oletools" | 54 | name = "oletools" |
| 55 | -version = '0.56dev1' | 55 | +version = '0.56dev2' |
| 56 | desc = "Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response #DFIR" | 56 | desc = "Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response #DFIR" |
| 57 | long_desc = open('oletools/README.rst').read() | 57 | long_desc = open('oletools/README.rst').read() |
| 58 | author = "Philippe Lagadec" | 58 | author = "Philippe Lagadec" |