msodde: reconcile json with logging

Log output is not json-compatible, so warn if -ldebug -j is given to msodde. (Could create a logger formatter that always creates json-compatible output but that is probably overkill right now) Replace old commented debug-prints with log.debug() or remove them.

msodde: reconcile json with logging
Log output is not json-compatible, so warn if -ldebug -j is given to msodde. (Could create a logger formatter that always creates json-compatible output but that is probably overkill right now) Replace old commented debug-prints with log.debug() or remove them.
Christian Herdtweck
1 parent f47d572f
Showing 1 changed file with 14 additions and 22 deletions
oletools/msodde.py
@@ -185,10 +185,10 @@ def process_args(cmd_line_args=None):
     parser.add_argument("filepath", help="path of the file to be analyzed",
                         type=existing_file, metavar='FILE')
     parser.add_argument("--json", '-j', action='store_true',
-                        help="Output in json format")
+                        help="Output in json format. Do not use with -ldebug")
     parser.add_argument("--nounquote", help="don't unquote values",action='store_true')
     parser.add_argument('-l', '--loglevel', dest="loglevel", action="store", default=DEFAULT_LOG_LEVEL,
-                            help="logging level debug/info/warning/error/critical (default=warning)")
+                        help="logging level debug/info/warning/error/critical (default=%(default)s)")
     return parser.parse_args(cmd_line_args)
@@ -212,10 +212,10 @@ def process_ole_field(data):
     """ check if field instructions start with DDE
     expects unicode input, returns unicode output (empty if not dde) """
-    #print('processing field {0}'.format(data))
+    #log.debug('processing field {0}'.format(data))
     if data.lstrip().lower().startswith(u'dde'):
-        #print('--> is DDE!')
+        #log.debug('--> is DDE!')
         return data
     else:
         return u''
@@ -248,10 +248,6 @@ def process_ole_stream(stream):
             char = ord(char)
         if char == OLE_FIELD_START:
-            #print('DEBUG: have start at {}'.format(idx))
-            #if have_start:
-            #    print("DEBUG: dismissing previous contents of length {}"
-            #          .format(len(field_contents)))
             have_start = True
             have_sep = False
             max_size_exceeded = False
@@ -262,11 +258,8 @@ def process_ole_stream(stream):
         # now we are after start char but not at end yet
         if char == OLE_FIELD_SEP:
-            #print('DEBUG: have sep at {}'.format(idx))
             have_sep = True
         elif char == OLE_FIELD_END:
-            #print('DEBUG: have end at {}'.format(idx))
-
             # have complete field now, process it
             result_parts.append(process_ole_field(field_contents))
@@ -279,20 +272,18 @@ def process_ole_stream(stream):
             if max_size_exceeded:
                 pass
             elif len(field_contents) > OLE_FIELD_MAX_SIZE:
-                #print('DEBUG: exceeded max size')
+                log.debug('field exceeds max size of {0}. Ignore rest'
+                          .format(OLE_FIELD_MAX_SIZE))
                 max_size_exceeded = True
             # appending a raw byte to a unicode string here. Not clean but
             # all we do later is check for the ascii-sequence 'DDE' later...
             elif char < 128:
                 field_contents += unichr(char)
-                #print('DEBUG: at idx {:4d}: add byte {} ({})'
-                #      .format(idx, unichr(char), char))
             else:
                 field_contents += u'?'
-                #print('DEBUG: at idx {:4d}: add byte ? ({})'
-                #      .format(idx, char))
-    #print('\nstream len = {}'.format(idx))
+    log.debug('Checked {0} characters, found {1} fields'
+              .format(idx, len(result_parts)))
     # copy behaviour of process_xml: Just concatenate unicode strings
     return u''.join(result_parts)
@@ -308,7 +299,7 @@ def process_ole_storage(ole):
             links = ''
             try:
                 stream = ole.openstream(st)
-                #print('Checking stream {0}'.format(st))
+                log.debug('Checking stream {0}'.format(st))
                 links = process_ole_stream(stream)
             except:
                 raise
@@ -318,13 +309,13 @@ def process_ole_storage(ole):
             if links:
                 results.append(links)
         elif st_type == olefile.STGTY_STORAGE:   # a storage
-            #print('Checking storage {0}'.format(st))
+            log.debug('Checking storage {0}'.format(st))
             links = process_ole_storage(st)
             if links:
                 results.extend(links)
         else:
-            #print('Warning: unexpected type {0} for entry {1}. Ignore it'
-            #      .format(st_type, st))
+            log.info('unexpected type {0} for entry {1}. Ignore it'
+                     .format(st_type, st))
             continue
     return results
@@ -338,7 +329,6 @@ def process_ole(filepath):
     word (possibly after some whitespace)
     """
     log.debug('process_ole')
-    #print('Looks like ole')
     ole = olefile.OleFileIO(filepath, path_encoding=None)
     text_parts = process_ole_storage(ole)
     return u'\n'.join(text_parts)
@@ -452,6 +442,8 @@ def main(cmd_line_args=None):
     # enable logging in the modules:
     log.setLevel(logging.NOTSET)
+    if args.json and args.loglevel.lower() == 'debug':
+        log.warning('Debug log output will not be json-compatible!')
     if args.nounquote :
         global NO_QUOTES