olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file formats, McAfee antivirus quarantine files, etc.
When a file is corrupted or from untrusted source (possibly a malware), the number of property can be extremely large and exceed the longer of the stream.
Instead of looping over and over for unparsable properties, we should exit the loop early.
When a file is corrupted or from untrusted source (possibly a malware), the number of property can be extremely large and exceed the longer of the stream.
Instead of looping over and over for unparsable properties, we should exit the loop early.
Sample that cause the issue: https://www.virustotal.com/gui/file/250ff87ba85b2cb7bd04c9e4442eb08f70d5c1d555347c16addaa0d05bda8cb0/detection https://app.any.run/tasks/f9e1d49a-5eec-4392-97b3-a109a2db8007/