search

decalage2 / oletools

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
http://www.decalage.info/python/oletools
Other
2.81k stars 560 forks source link

Remove cycle between oletools and pcodedmp #820

Open youngcho22 opened 11 months ago

youngcho22 commented 11 months ago

Affected tool: bazel

Describe the bug There's a cycle between oletools and pcodedmp, as the maintainers would already know, and this is causing an issue when bazel tries to pull these packages using pip_parse. The difference between bazel and pip comes from the fact that pip doesn't enforce acyclic dependency graphs in dependencies as opposed to bazel that can build a DAG only.

File/Malware sample to reproduce the bug

ERROR: /private/var/tmp/_bazel_youngmokcho/994b3e899f1f2de61f63ee481ccf26ec/external/python39_deps_oletools/BUILD.bazel:22:11: in py_library rule @python39_deps_oletools//:pkg: cycle in dependency graph:
   ...
   ...
    @python39_deps_extract_msg//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
    @python39_deps_rtfde//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
.-> @python39_deps_oletools//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
|   @python39_deps_pcodedmp//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
`-- @python39_deps_oletools//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)

How To Reproduce the bug You can create a bazel workspace that pulls oletools==0.60.1 using pip_parse rule from rules_python.

Expected behavior The expected behaviour is that there's no cycle in transitive dependencies of oletools including itself.

Console output / Screenshots n/a

Version information:

Additional context n/a