Commit ea91bcc21b3f18e9af4e1cb1dd97764b6bb5e975
1 parent
db05c60b
olevba: fixed pcode display for python 3 (unicode)
Showing
1 changed file
with
14 additions
and
4 deletions
oletools/olevba.py
| ... | ... | @@ -256,7 +256,7 @@ import sys |
| 256 | 256 | import os |
| 257 | 257 | import logging |
| 258 | 258 | import struct |
| 259 | -from io import BytesIO | |
| 259 | +from io import BytesIO, StringIO | |
| 260 | 260 | import math |
| 261 | 261 | import zipfile |
| 262 | 262 | import re |
| ... | ... | @@ -3605,10 +3605,18 @@ class VBA_Parser_CLI(VBA_Parser): |
| 3605 | 3605 | if pcode: |
| 3606 | 3606 | print('-' * 79) |
| 3607 | 3607 | print('P-CODE disassembly:') |
| 3608 | - # save sys.stdout, then modify it to capture pcodedmp's output | |
| 3608 | + # pcodedmp prints all its output to sys.stdout, so we need to capture it so that | |
| 3609 | + # we can process the results later on. | |
| 3610 | + # save sys.stdout, then modify it to capture pcodedmp's output: | |
| 3609 | 3611 | stdout = sys.stdout |
| 3610 | - output = BytesIO() | |
| 3612 | + if PYTHON2: | |
| 3613 | + # on Python 2, console output is bytes | |
| 3614 | + output = BytesIO() | |
| 3615 | + else: | |
| 3616 | + # on Python 3, console output is unicode | |
| 3617 | + output = StringIO() | |
| 3611 | 3618 | sys.stdout = output |
| 3619 | + # we need to fake an argparser for those two args used by pcodedmp: | |
| 3612 | 3620 | class args: |
| 3613 | 3621 | disasmOnly = True |
| 3614 | 3622 | verbose = False |
| ... | ... | @@ -3617,7 +3625,9 @@ class VBA_Parser_CLI(VBA_Parser): |
| 3617 | 3625 | pcodedmp.processFile(self.filename, args) |
| 3618 | 3626 | except Exception: |
| 3619 | 3627 | log.error('Error while running pcodedmp') |
| 3620 | - sys.stdout = stdout | |
| 3628 | + finally: | |
| 3629 | + # set sys.stdout back to its original value | |
| 3630 | + sys.stdout = stdout | |
| 3621 | 3631 | print(output.getvalue()) |
| 3622 | 3632 | |
| 3623 | 3633 | if not vba_code_only: | ... | ... |