[bug] OleFileIO.getproperties creates immense for-loop

decalage2 / olefile

olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file formats, McAfee antivirus quarantine files, etc.

http://www.decalage.info/olefile

Other

225 stars 76 forks source link

[bug] OleFileIO.getproperties creates immense for-loop #162

Open andrew0411 opened 9 months ago

andrew0411 commented 9 months ago

getproperties function creates massive property_type (ex.4294967295) that derives from unpacking '\xff\xff\xff\xff'.

The picture depicts s, offset, property_id, property_type, which are the inputs of OleFileIO._parse_property() respectively.

The for-loop with 4294967295 iteraions are made in OleFileIO._parse_property() which occurs system and resource instability.

Also, the bug in getproperties causes lots of function fail in the oletools as well.

andrew0411 commented 9 months ago

To add, the last version of olefile (v0.46) has returned None for all properties in the same file. I think the if-else syntax in the latest getproperties needs to be fixed.

decalage2 commented 9 months ago

Hello, thanks for reporting the bug. Could you please share a sample file that triggers the issue?

andrew0411 commented 8 months ago

Apologies for the delayed response. Please see the attachments that you requested. sample.zip