Commit 77842b93aa1e2b92e2634003f6d0a9f895a1179d
1 parent
15a9744c
updated olefile to v0.43 (slight changes in _OleDirectoryEntry)
Showing
1 changed file
with
19 additions
and
19 deletions
oletools/thirdparty/olefile/olefile.py
| 1 | 1 | #!/usr/bin/env python |
| 2 | 2 | |
| 3 | -# olefile (formerly OleFileIO_PL) version 0.42 2015-01-25 | |
| 3 | +# olefile (formerly OleFileIO_PL) version 0.43 2015-04-17 | |
| 4 | 4 | # |
| 5 | 5 | # Module to read/write Microsoft OLE2 files (also called Structured Storage or |
| 6 | 6 | # Microsoft Compound Document File Format), such as Microsoft Office 97-2003 |
| ... | ... | @@ -29,8 +29,8 @@ from __future__ import print_function # This version of olefile requires Pytho |
| 29 | 29 | |
| 30 | 30 | |
| 31 | 31 | __author__ = "Philippe Lagadec" |
| 32 | -__date__ = "2015-01-25" | |
| 33 | -__version__ = '0.42.1' | |
| 32 | +__date__ = "2015-04-17" | |
| 33 | +__version__ = '0.43' | |
| 34 | 34 | |
| 35 | 35 | #--- LICENSE ------------------------------------------------------------------ |
| 36 | 36 | |
| ... | ... | @@ -181,6 +181,7 @@ __version__ = '0.42.1' |
| 181 | 181 | # to UTF-8 on Python 2.x (Unicode on Python 3.x) |
| 182 | 182 | # - added path_encoding option to override the default |
| 183 | 183 | # - fixed a bug in _list when a storage is empty |
| 184 | +# 2015-04-17 v0.43 PL: - slight changes in _OleDirectoryEntry | |
| 184 | 185 | |
| 185 | 186 | #----------------------------------------------------------------------------- |
| 186 | 187 | # TODO (for version 1.0): |
| ... | ... | @@ -820,7 +821,7 @@ class _OleDirectoryEntry: |
| 820 | 821 | # struct to parse directory entries: |
| 821 | 822 | # <: little-endian byte order, standard sizes |
| 822 | 823 | # (note: this should guarantee that Q returns a 64 bits int) |
| 823 | - # 64s: string containing entry name in unicode (max 31 chars) + null char | |
| 824 | + # 64s: string containing entry name in unicode UTF-16 (max 31 chars) + null char = 64 bytes | |
| 824 | 825 | # H: uint16, number of bytes used in name buffer, including null = (len+1)*2 |
| 825 | 826 | # B: uint8, dir entry type (between 0 and 5) |
| 826 | 827 | # B: uint8, color: 0=black, 1=red |
| ... | ... | @@ -865,8 +866,8 @@ class _OleDirectoryEntry: |
| 865 | 866 | self.used = False |
| 866 | 867 | # decode DirEntry |
| 867 | 868 | ( |
| 868 | - name, | |
| 869 | - namelength, | |
| 869 | + self.name_raw, # 64s: string containing entry name in unicode UTF-16 (max 31 chars) + null char = 64 bytes | |
| 870 | + self.namelength, # H: uint16, number of bytes used in name buffer, including null = (len+1)*2 | |
| 870 | 871 | self.entry_type, |
| 871 | 872 | self.color, |
| 872 | 873 | self.sid_left, |
| ... | ... | @@ -877,8 +878,8 @@ class _OleDirectoryEntry: |
| 877 | 878 | self.createTime, |
| 878 | 879 | self.modifyTime, |
| 879 | 880 | self.isectStart, |
| 880 | - sizeLow, | |
| 881 | - sizeHigh | |
| 881 | + self.sizeLow, | |
| 882 | + self.sizeHigh | |
| 882 | 883 | ) = struct.unpack(_OleDirectoryEntry.STRUCT_DIRENTRY, entry) |
| 883 | 884 | if self.entry_type not in [STGTY_ROOT, STGTY_STORAGE, STGTY_STREAM, STGTY_EMPTY]: |
| 884 | 885 | olefile._raise_defect(DEFECT_INCORRECT, 'unhandled OLE storage type') |
| ... | ... | @@ -890,17 +891,17 @@ class _OleDirectoryEntry: |
| 890 | 891 | #debug (struct.unpack(fmt_entry, entry[:len_entry])) |
| 891 | 892 | # name should be at most 31 unicode characters + null character, |
| 892 | 893 | # so 64 bytes in total (31*2 + 2): |
| 893 | - if namelength>64: | |
| 894 | - olefile._raise_defect(DEFECT_INCORRECT, 'incorrect DirEntry name length') | |
| 894 | + if self.namelength>64: | |
| 895 | + olefile._raise_defect(DEFECT_INCORRECT, 'incorrect DirEntry name length >64 bytes') | |
| 895 | 896 | # if exception not raised, namelength is set to the maximum value: |
| 896 | - namelength = 64 | |
| 897 | + self.namelength = 64 | |
| 897 | 898 | # only characters without ending null char are kept: |
| 898 | - name = name[:(namelength-2)] | |
| 899 | + self.name_utf16 = self.name_raw[:(self.namelength-2)] | |
| 899 | 900 | #TODO: check if the name is actually followed by a null unicode character ([MS-CFB] 2.6.1) |
| 900 | 901 | #TODO: check if the name does not contain forbidden characters: |
| 901 | 902 | # [MS-CFB] 2.6.1: "The following characters are illegal and MUST NOT be part of the name: '/', '\', ':', '!'." |
| 902 | 903 | # name is converted from UTF-16LE to the path encoding specified in the OleFileIO: |
| 903 | - self.name = olefile._decode_utf16_str(name) | |
| 904 | + self.name = olefile._decode_utf16_str(self.name_utf16) | |
| 904 | 905 | |
| 905 | 906 | debug('DirEntry SID=%d: %s' % (self.sid, repr(self.name))) |
| 906 | 907 | debug(' - type: %d' % self.entry_type) |
| ... | ... | @@ -912,15 +913,14 @@ class _OleDirectoryEntry: |
| 912 | 913 | # sectors, BUT apparently some implementations set it as 0xFFFFFFFF, 1 |
| 913 | 914 | # or some other value so it cannot be raised as a defect in general: |
| 914 | 915 | if olefile.sectorsize == 512: |
| 915 | - if sizeHigh != 0 and sizeHigh != 0xFFFFFFFF: | |
| 916 | + if self.sizeHigh != 0 and self.sizeHigh != 0xFFFFFFFF: | |
| 916 | 917 | debug('sectorsize=%d, sizeLow=%d, sizeHigh=%d (%X)' % |
| 917 | - (olefile.sectorsize, sizeLow, sizeHigh, sizeHigh)) | |
| 918 | + (olefile.sectorsize, self.sizeLow, self.sizeHigh, self.sizeHigh)) | |
| 918 | 919 | olefile._raise_defect(DEFECT_UNSURE, 'incorrect OLE stream size') |
| 919 | - self.size = sizeLow | |
| 920 | + self.size = self.sizeLow | |
| 920 | 921 | else: |
| 921 | - self.size = sizeLow + (long(sizeHigh)<<32) | |
| 922 | - debug(' - size: %d (sizeLow=%d, sizeHigh=%d)' % (self.size, sizeLow, sizeHigh)) | |
| 923 | - | |
| 922 | + self.size = self.sizeLow + (long(self.sizeHigh)<<32) | |
| 923 | + debug(' - size: %d (sizeLow=%d, sizeHigh=%d)' % (self.size, self.sizeLow, self.sizeHigh)) | |
| 924 | 924 | self.clsid = _clsid(clsid) |
| 925 | 925 | # a storage should have a null size, BUT some implementations such as |
| 926 | 926 | # Word 8 for Mac seem to allow non-null values => Potential defect: | ... | ... |