search

koodaamo / tnefparse

a TNEF decoding library written in python, without external dependencies
GNU Lesser General Public License v3.0
49 stars 37 forks source link

ensure attachment file name #114

Closed albrechtd closed 3 years ago

albrechtd commented 3 years ago

Attached messages may have no file name. In this case, set the name to 'unlabeled_attachment.bin' so it visible in the listing (option '-o') and can be extracted ('-a', '-z'). See also issue koodaamo/tnefparse#74.

Signed-off-by: Albrecht Dreß albrecht.dress@arcor.de

codecov[bot] commented 3 years ago

Codecov Report

Merging #114 (8bc78cc) into master (a989944) will not change coverage. The diff coverage is 100.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #114   +/-   ##
=======================================
  Coverage   97.50%   97.50%           
=======================================
  Files           7        7           
  Lines        1283     1283           
  Branches      119      119           
=======================================
  Hits         1251     1251           
  Misses         25       25           
  Partials        7        7
Flag Coverage Δ
unittests 97.50% <100.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
tnefparse/tnef.py 95.25% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update a989944...8bc78cc. Read the comment docs.

jrideout commented 3 years ago

@albrechtd can you please add a test case as well?

albrechtd commented 3 years ago

I'm really sorry, but I can't…

As I mentioned in the original issue, the only sample I have left contains an Emotet malware document. Running the current git version on it results in

albrecht@deneb:~$ tnefparse -a winmail.dat
Traceback (most recent call last):
  File "/usr/local/bin/tnefparse", line 11, in <module>
    load_entry_point('tnefparse==1.4.1.dev0', 'console_scripts', 'tnefparse')()
  File "/usr/local/lib/python3.8/dist-packages/tnefparse-1.4.1.dev0-py3.8.egg/tnefparse/cmdline.py", line 97, in tnefparse
  File "/usr/lib/python3.8/pathlib.py", line 1241, in write_bytes
    with self.open(mode='wb') as f:
  File "/usr/lib/python3.8/pathlib.py", line 1218, in open
    return io.open(self, mode, buffering, encoding, errors, newline,
  File "/usr/lib/python3.8/pathlib.py", line 1074, in _opener
    return self._accessor.open(self, flags, mode)
IsADirectoryError: [Errno 21] Is a directory: '.'

With the change of this PR, it dumps a single attachment which again is a TNEF. As I presumed, the latter contains a text and a html body, being a fake “reply” to an older (private) message, and the Emotet DOC file. The recipient of the message (and author of the original one) strictly refused to give me permission to share this message. Again, I'm sorry, but I have to respect her!

Thanks, Albrecht.