Raise an exception when sector cannot be converted to array

decalage2 / olefile

olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file formats, McAfee antivirus quarantine files, etc.

http://www.decalage.info/olefile

Other

231 stars 77 forks source link

Raise an exception when sector cannot be converted to array #150

Open ret2libc opened 2 years ago

ret2libc commented 2 years ago

This can happen for example if _raise_defects_level is DETECT_FATAL and sector_size is computed to be 1 (sector_shift==0).

decalage2 commented 2 years ago

Thank you for the suggestion. Two questions:

do you have any functioning sample with a sector size different from the standard 512 or 4096 bytes? Personally I have never seen any. So when parsing the header, other values could raise a DEFECT_FATAL error instead of DEFECT_INCORRECT.
if we accept non-standard sector sizes, wouldn't it be simpler to check that sector_shift is at least 2 when parsing the header? (since the function is parsing an array of 32 bit integers, the minimum sector size should be 4)

ret2libc commented 2 years ago

Thank you for the suggestion. Two questions:

do you have any functioning sample with a sector size different from the standard 512 or 4096 bytes? Personally I have never seen any. So when parsing the header, other values could raise a DEFECT_FATAL error instead of DEFECT_INCORRECT.

Not functioning, but fuzzed files that reach the sect2array function and generate an exception there exists.

if we accept non-standard sector sizes, wouldn't it be simpler to check that sector_shift is at least 2 when parsing the header? (since the function is parsing an array of 32 bit integers, the minimum sector size should be 4)

I agree, I can do the change.