From 7fa1d75ceaa75401bf7eac3bd1ba6b337ebf318c Mon Sep 17 00:00:00 2001
From: decalage2 <decalage@laposte.net>
Date: Tue, 6 Sep 2016 21:52:43 +0200
Subject: [PATCH] rtfobj, pyxswf: fixed issue #83, backward compatible API

---
 oletools/pyxswf.py |  7 ++++---
 oletools/rtfobj.py | 13 +++++++++----
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/oletools/pyxswf.py b/oletools/pyxswf.py
index 9eb90d7..08d8f04 100755
--- a/oletools/pyxswf.py
+++ b/oletools/pyxswf.py
@@ -25,7 +25,7 @@ http://www.decalage.info/python/oletools
 
 #=== LICENSE =================================================================
 
-# pyxswf is copyright (c) 2012-2015, Philippe Lagadec (http://www.decalage.info)
+# pyxswf is copyright (c) 2012-2016, Philippe Lagadec (http://www.decalage.info)
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without modification,
@@ -54,8 +54,9 @@ http://www.decalage.info/python/oletools
 # 2012-11-09 v0.02 PL: - added RTF embedded objects extraction
 # 2014-11-29 v0.03 PL: - use olefile instead of OleFileIO_PL
 #                      - improved usage display with -h
+# 2016-09-06 v0.50 PL: - updated to match the rtfobj API
 
-__version__ = '0.03'
+__version__ = '0.50'
 
 #------------------------------------------------------------------------------
 # TODO:
@@ -126,7 +127,7 @@ def main():
     # RTF MODE:
     elif options.rtf:
         for filename in args:
-            for index, data in rtfobj.rtf_iter_objects(filename):
+            for index, orig_len, data in rtfobj.rtf_iter_objects(filename):
                 if 'FWS' in data or 'CWS' in data:
                     print 'RTF embedded object size %d at index %08X' % (len(data), index)
                     f = StringIO.StringIO(data)
diff --git a/oletools/rtfobj.py b/oletools/rtfobj.py
index 76888f9..c910de6 100755
--- a/oletools/rtfobj.py
+++ b/oletools/rtfobj.py
@@ -63,6 +63,7 @@ http://www.decalage.info/python/oletools
 # 2016-08-01       PL: - detect executable filenames in OLE Package
 # 2016-08-08       PL: - added option -s to save objects to files
 # 2016-08-09       PL: - fixed issue #78, improved regex
+# 2016-09-06       PL: - fixed issue #83, backward compatible API
 
 __version__ = '0.50'
 
@@ -580,16 +581,20 @@ def rtf_iter_objects(filename, min_size=32):
     """
     [DEPRECATED] Backward-compatible API, for applications using the old rtfobj:
     Open a RTF file, extract each embedded object encoded in hexadecimal of
-    size > min_size, yield the index of the object in the RTF file and its data
-    in binary format.
+    size > min_size, yield the index of the object in the RTF file, the original
+    length in the RTF file, and the decoded object data in binary format.
     This is an iterator.
+
+    :param filename: str, RTF file name/path to open on disk
+    :param min_size: ignored, kept for backward compatibility
+    :returns: iterator, yielding tuples (start index, original length, binary data)
     """
     data = open(filename, 'rb').read()
     rtfp = RtfObjParser(data)
     rtfp.parse()
     for obj in rtfp.objects:
-        # orig_len = obj.end - obj.start
-        yield obj.start, obj.rawdata
+        orig_len = obj.end - obj.start
+        yield obj.start, orig_len, obj.rawdata
 
 
 
--
libgit2 0.21.4