[bug] OleFileIO.getproperties creates immense for-loop

decalage2 / olefile

olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file formats, McAfee antivirus quarantine files, etc.

http://www.decalage.info/olefile

Other

231 stars 77 forks source link

[bug] OleFileIO.getproperties creates immense for-loop #162

Open andrew0411 opened 11 months ago

andrew0411 commented 11 months ago

getproperties function creates massive property_type (ex.4294967295) that derives from unpacking '\xff\xff\xff\xff'.

The picture depicts s, offset, property_id, property_type, which are the inputs of OleFileIO._parse_property() respectively.

The for-loop with 4294967295 iteraions are made in OleFileIO._parse_property() which occurs system and resource instability.

Also, the bug in getproperties causes lots of function fail in the oletools as well.

andrew0411 commented 11 months ago

To add, the last version of olefile (v0.46) has returned None for all properties in the same file. I think the if-else syntax in the latest getproperties needs to be fixed.

decalage2 commented 11 months ago

Hello, thanks for reporting the bug. Could you please share a sample file that triggers the issue?

andrew0411 commented 10 months ago

Apologies for the delayed response. Please see the attachments that you requested. sample.zip