7405955ab5
parsers: Inherit the sandbox option when creating additional parsers
2023-11-13 13:11:35 +01:00
1bcb945360
Harden get_meta in archive.py against variants of CVE-2022-35410
2023-07-11 21:31:53 +02:00
1b9608aecf
Use proper type annotations instead of comments
2023-05-03 22:28:02 +02:00
2ac8c24dac
Make use of is_dir/isdir for archives
2023-05-03 22:19:19 +02:00
3cb3f58084
Another typing pass
2023-01-28 17:22:26 +01:00
39fb254e01
Fix the type annotations
2023-01-28 15:57:20 +00:00
180ea24e5a
Remove pyflakes
...
Isn't borderline useless compared to mypy and pylint
2022-11-21 19:57:38 +01:00
6d93cf9397
Remove deprecated pylint checks
2022-10-09 21:14:20 +02:00
cc5be8608b
Simplify the typing annotations
2022-08-28 22:29:06 +02:00
beebca4bf1
Prevent arbitrary file read via zip archives
...
A zip file with a file pointing to /etc/passwd would, upon being cleaned by
mat2, produce a file with the filesystem's /etc/passwd file.
2022-07-05 16:27:07 +02:00
e2c4dbf721
Show a scary message in case of path traversal attempt
2022-07-05 15:30:10 +02:00
2639713709
Minor cleanup
2022-05-05 22:00:09 +02:00
01b39aa68c
Make libmat2 more robust against corrupted zip files
2021-12-13 19:44:44 +01:00
22199df4d0
Please the linters wrt. the previous commit
2021-12-09 16:58:24 +01:00
1703ed6ebb
zip archives: keep individual files compression type
...
While hardcoding the compression to zipfile.ZIP_DEFLATED works for
most use cases of mat, being able to produce cleaned up uncompressed
zip files is useful for content that cannot be compressed more.
In addition it also enables to use mat2 for reproducible builds of
Android bootanimation files file that don't support compression.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-12-08 18:36:39 +01:00
1c4e98425a
Make the linter happier
2021-11-23 17:34:14 +01:00
d7a03d907b
Vastly improve ppt compatibility
2020-03-08 14:06:27 +01:00
697cb36b81
This is mat2, not MAT2
...
Closes #131
2019-11-30 01:14:41 -08:00
12489bb682
Remove a useless `\`
2019-10-12 21:36:28 +02:00
4483c06f19
Replace abstractstaticmethod with abstractmethod
...
Apparently, abstractstaticmethod is deprecated
since python3.3.
2019-10-12 21:28:27 +02:00
1678d37856
Mark a comment as FP
2019-09-01 19:01:33 +02:00
5c33b290ae
Fix mypy
2019-07-20 16:05:55 +02:00
bdd5581033
Compress cleaned zip archives by default
2019-07-13 15:04:43 +02:00
9516990693
Add some verification for "dangerous" tarfiles
2019-05-01 17:55:35 +02:00
a7ebb587e1
Handle weird permissions in tar archives
2019-04-27 22:48:40 +02:00
14a4cddb8b
Improve the display of tarfile's members mtime
2019-04-27 21:15:06 +02:00
8e41b098d6
Add support for compressed tar files
2019-04-27 06:03:09 -07:00
82cc822a1d
Add tar archive support
2019-04-27 04:05:36 -07:00
eb2e702f37
Document the previous commit
2019-02-25 15:37:44 +01:00
545dccc352
In archive-based formats, the `mimetype` file comes first
...
This should improve epub compatibility,
along with other formats as a side-effect
2019-02-24 23:32:32 +01:00
b9a62d798a
Refactor a bit office get_meta handling
...
This should make easier to get more metadata from
archive-based file formats.
2019-02-04 00:31:26 +01:00
e8c1bb0e3c
Whenever possible, use bwrap for subprocesses
...
This should closes #90
2019-02-03 19:18:41 +01:00
3a070b0ab7
Add support for zip files
2018-10-25 11:56:46 +02:00
283e5e5787
Improve archive-based parser's robustness against corrupted embedded files
2018-10-25 11:56:12 +02:00
513d897ea0
Implement get_meta() for archives
2018-10-25 11:29:50 +02:00
2ba38dd2a1
Bump mypy typing coverage
2018-10-12 14:32:09 +02:00
1b356b8c6f
Improve mat2's cli reliability
...
- Replace some class members by instance members
- Don't thread the cleaning process anymore for now
2018-10-03 15:22:36 +02:00
c67bbafb2c
Use [Content_Types].xml to improve MS Office coverage
2018-10-02 11:55:42 -07:00
719cdf20fa
Second pass of minor formatting
2018-09-24 20:15:07 +02:00
2e243355f5
Fix some minor formatting issues
2018-09-24 19:50:24 +02:00
a1a06d023e
Insert archive members in lexicographic order
2018-09-18 22:44:21 +02:00
9fe6f1023b
Make pylint happy
2018-09-06 11:36:04 +02:00
e3d817f57e
Split office and archives
2018-09-06 11:34:14 +02:00
Romain Vigier