diff options
| author | Miklos Vajna <vmiklos@collabora.com> | 2018-11-21 11:15:00 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.com> | 2018-11-21 11:15:00 +0100 |
| commit | e73d6479e0431539cd5722d85bab457f2e684907 (patch) | |
| tree | 52f00c07aca45a45f57ded9592db17635915b813 /msodumper | |
| parent | 0c1a03000e29219ce754df8bb99781d1564bf41a (diff) | |
Add OLE1 and OLE2 preview dumper
All this is documented in [MS-OLEDS].
Diffstat (limited to 'msodumper')
| -rw-r--r-- | msodumper/ole1previewrecord.py | 89 | ||||
| -rw-r--r-- | msodumper/ole2previewrecord.py | 73 |
2 files changed, 162 insertions, 0 deletions
diff --git a/msodumper/ole1previewrecord.py b/msodumper/ole1previewrecord.py new file mode 100644 index 0000000..115ec69 --- /dev/null +++ b/msodumper/ole1previewrecord.py @@ -0,0 +1,89 @@ +#!/usr/bin/env python3 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# + +from . import globals +from .binarystream import BinaryStream + + +class Ole1PreviewStream(BinaryStream): + def __init__(self, bytes): + BinaryStream.__init__(self, bytes) + + def dump(self): + print('<stream type="Ole1Preview" size="%d">' % self.size) + header = StandardPresentationObject(self, "Header") + header.dump() + self.printAndSet("PresentationDataSize", self.readuInt32(), hexdump=False, offset=True) + self.printAndSet("Reserved1", self.readuInt16()) + self.printAndSet("Reserved2", self.readuInt16()) + self.printAndSet("Reserved3", self.readuInt16()) + self.printAndSet("Reserved4", self.readuInt16()) + print('<PresentationData offset="%s" size="%s"/>' % (self.pos, int(self.PresentationDataSize) - 8)) + print('</stream>') + + +class Record(BinaryStream): + def __init__(self, parent): + BinaryStream.__init__(self, parent.bytes) + self.parent = parent + self.pos = parent.pos + + +class LengthPrefixedAnsiString(Record): + """Specified by [MS-OLEDS] 2.1.4, specifies a length-prefixed and + null-terminated ANSI string.""" + def __init__(self, parent, name): + Record.__init__(self, parent) + self.parent = parent + self.pos = parent.pos + self.name = name + + def dump(self): + print('<%s type="LengthPrefixedAnsiString">' % self.name) + self.printAndSet("Length", self.readuInt32(), offset=True) + bytes = [] + for dummy in range(self.Length): + c = self.readuInt8() + bytes.append(c) + + self.printAndSet("String", globals.encodeName("".join(map(lambda c: chr(c), bytes[:-1])), lowOnly=True).encode('utf-8'), hexdump=False, offset=True) + + print('</%s>' % self.name) + self.parent.pos = self.pos + + +class StandardPresentationObject(Record): + def __init__(self, parent, name): + Record.__init__(self, parent) + self.name = name + + def dump(self): + print('<%s type="StandardPresentationObject">' % self.name) + header = PresentationObjectHeader(self, "Header") + header.dump() + self.printAndSet("Width", self.readuInt32()) + self.printAndSet("Height", self.readInt32() * -1) + + print('</%s>' % self.name) + self.parent.pos = self.pos + + +class PresentationObjectHeader(Record): + def __init__(self, parent, name): + Record.__init__(self, parent) + self.name = name + + def dump(self): + print('<%s type="PresentationObjectHeader">' % self.name) + self.printAndSet("OLEVersion", self.readuInt32()) + self.printAndSet("FormatID", self.readuInt32()) + LengthPrefixedAnsiString(self, "ClassName").dump() + + print('</%s>' % self.name) + self.parent.pos = self.pos + +# vim:set filetype=python shiftwidth=4 softtabstop=4 expandtab: diff --git a/msodumper/ole2previewrecord.py b/msodumper/ole2previewrecord.py new file mode 100644 index 0000000..39016d9 --- /dev/null +++ b/msodumper/ole2previewrecord.py @@ -0,0 +1,73 @@ +#!/usr/bin/env python3 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# + +from . import globals +from .binarystream import BinaryStream + + +class Ole2PreviewStream(BinaryStream): + def __init__(self, bytes): + BinaryStream.__init__(self, bytes) + + def dump(self): + print('<stream type="Ole2Preview" size="%d">' % self.size) + + ansiClipboardFormat = ClipboardFormatOrAnsiString(self, "AnsiClipboardFormat") + ansiClipboardFormat.dump() + self.printAndSet("TargetDeviceSize", self.readuInt32()) + if self.TargetDeviceSize == 0x00000004: + # TargetDevice is not present + pass + else: + print('<todo what="TargetDeviceSize != 0x00000004"/>') + self.printAndSet("Aspect", self.readuInt32()) + self.printAndSet("Lindex", self.readuInt32()) + self.printAndSet("Advf", self.readuInt32()) + self.printAndSet("Reserved1", self.readuInt32()) + self.printAndSet("Width", self.readuInt32(), hexdump=False) + self.printAndSet("Height", self.readuInt32(), hexdump=False) + self.printAndSet("Size", self.readuInt32(), hexdump=False) + print('<Data offset="%s" size="%s"/>' % (self.pos, self.Size)) + + print('</stream>') + + +class Record(BinaryStream): + def __init__(self, parent): + BinaryStream.__init__(self, parent.bytes) + self.parent = parent + self.pos = parent.pos + + +class ClipboardFormatOrAnsiString(Record): + def __init__(self, parent, name): + Record.__init__(self, parent) + self.parent = parent + self.pos = parent.pos + self.name = name + + def dump(self): + print('<%s type="ClipboardFormatOrAnsiString">' % self.name) + + self.printAndSet("MarkerOrLength", self.readuInt32()) + if self.MarkerOrLength == 0xffffffff: + self.printAndSet("FormatOrAnsiLength", self.readuInt32(), dict=ClipboardFormats) + else: + print('<todo what="MarkerOrLength != 0xffffffff"/>') + + print('</%s>' % self.name) + self.parent.pos = self.pos + + +ClipboardFormats = { + 0x00000002: "CF_BITMAP", + 0x00000003: "CF_METAFILEPICT", + 0x00000008: "CF_DIB", + 0x0000000E: "CF_ENHMETAFILE", +} + +# vim:set filetype=python shiftwidth=4 softtabstop=4 expandtab: |