security-and-privacy/mat2
security-and-privacy/mat2
1
0
Fork 0
mirror of synced 2024-11-22 09:14:23 +01:00
Code Releases Activity
163 Commits 1 Branch 26 Tags 12 MiB
11008f8fd4
Commit Graph

163 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jvoisin
11008f8fd4 Improve a bit the README 2018-07-01 23:35:04 +02:00
jvoisin
a430403c7e Document in our implementation notes how revisions are handled and why 2018-07-01 23:27:24 +02:00
jvoisin
bee56a57ce Remove docx revisions 2018-07-01 23:16:14 +02:00
jvoisin
02f7605ac1 MAT2 is now cleaning revisions from odt files! 2018-07-01 21:09:20 +02:00
jvoisin
80fc4ffb40 Remove the thumbnails from libreoffice files 2018-07-01 17:29:05 +02:00
jvoisin
177184ac67 Massively simplify how we're cleaning office files 2018-06-27 21:48:46 +02:00
jvoisin
f44769df41 Ensure Poppler's minimal version 
We're using methods that aren't available in Poppler
below 0.46, so we're checking for this upon import.

This commit is based on ideas from @LogicalDash ♥
 2018-06-24 22:40:57 +02:00
jvoisin
1e9906de29 Document that we tests against corrupted files 2018-06-22 21:21:03 +02:00
jvoisin
63b19416ef Pyflakes should run on the testsuite too 2018-06-22 21:18:22 +02:00
jvoisin
74f2d50433 Split the testsuite a bit and add more tests 2018-06-22 21:16:55 +02:00
jvoisin
b4ef0c9622 Improve reliability against corrupted image files 2018-06-22 20:38:29 +02:00
jvoisin
dfccf79f22 Bump the changelog 2018-06-21 23:34:12 +02:00
jvoisin
8810564b8e Fix some deprecated directives in the COTNRIBUTING.md file 2018-06-21 23:33:56 +02:00
jvoisin
5b38bd7ccd Improve the reliability of the office parser 2018-06-21 23:18:59 +02:00
jvoisin
846a261465 Fix some linter warnings 2018-06-21 23:07:21 +02:00
jvoisin
09e748fa4c Refactor how offices files are handled 
- xml files are no longer considered harmless
- Factorization of the `remove_all` method for office files
- Explicit whitelist are used
- Blacklist are used to skip files completely
  - Non-blacklisted files are _still cleaned_
  - Unsupported files are still triggering an error
 2018-06-21 23:02:41 +02:00
jvoisin
a89dae054a Minor simplification of the office-related code 2018-06-21 21:24:53 +02:00
jvoisin
c1f4426612 Improve the threat-model again, thanks to @joe 2018-06-20 00:10:21 +02:00
jvoisin
120c3bf72f Improve a bit our threat model 2018-06-19 23:39:06 +02:00
jvoisin
84277740a9 Add fedora in the CI 
refactor
 2018-06-19 00:01:28 +02:00
Antoine Tenart
3a776ff1ca README: software is always singular 
Fix on small typo. Cosmetic patch.

Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
 2018-06-18 23:49:54 +02:00
Antoine Tenart
cce5de82e5 libmat2: harmless: add the text/xml mime type 
Fedora defines the 'text/xml' mime type for xml files. Adds this mime
type to the harmless parser.

Fixes #36.

Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
 2018-06-12 21:34:47 +02:00
Antoine Tenart
484e26dd9c libmat2: audio: add the audio/x-flac mime type 
The FLAC parser looks for the 'audio/flac' mime type, but Fedora
defines 'audio/x-flac' in /etc/mime.types for FLAC files. Add this mime
type to the audio parser.

Fixes #36.

Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
 2018-06-12 21:34:47 +02:00
Antoine Tenart
3359f36b67 README: fix one typo 
Fixes one small typo in the README.

Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
 2018-06-12 18:59:51 +02:00
Antoine Tenart
c19cbc48e2 README: fix the Jessie python3 URL 
Fixes the scheme in Jessie's Python3 URL.

Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
 2018-06-12 18:59:03 +02:00
Antoine Tenart
6f8427abf9 README: remove extra empty spaces 
This patch removes extra empty spaces at the end of some lines in
README.md. This is a cosmetic patch.

Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
 2018-06-12 18:55:22 +02:00
jvoisin
4600ce3490 Improve a bit the coverage 2018-06-10 20:20:45 +02:00
jvoisin
545887af98 Minor code simplification 2018-06-10 20:20:32 +02:00
jvoisin
7dad77a785 Make the parsing of office format's metadata more robust 2018-06-10 20:20:00 +02:00
jvoisin
8c7979aae3 Add some tests for non-supported embedded fileformats 2018-06-10 20:19:35 +02:00
jvoisin
b310a18e69 Add branch coverage to the CI 2018-06-10 01:02:21 +02:00
jvoisin
87bdcd1a95 Improve a bit our coverage wrt. torrent files handling 2018-06-10 00:56:55 +02:00
jvoisin
3c56fa3237 Improve a bit the performances wrt. image's metadata display 2018-06-10 00:43:38 +02:00
jvoisin
9c7aa34f50 Bump a bit the coverage 2018-06-10 00:43:25 +02:00
jvoisin
e81ce6cd1a Fix and add a test for explicitly non-supported formats 2018-06-10 00:28:43 +02:00
jvoisin
633654376a Improve a bit parsers autoloading 2018-06-10 00:28:26 +02:00
jvoisin
0079b4e8e9 Improve a bit how we're handling "problematic" files in the CLI 2018-06-10 00:07:49 +02:00
jvoisin
3cba2944d7 Remove the badges 
They are now living directly in the gitlab instance.
 2018-06-10 00:06:38 +02:00
jvoisin
aa42b905d5 Speed up a bit the processing of get_meta for images with a "regular" name 2018-06-08 23:30:12 +02:00
jvoisin
e86e8e3c23 Improve the code to handle problematic filenames 2018-06-08 17:34:53 +02:00
jvoisin
11261c3d87 Document the fact that tests for MR are appreciated 2018-06-07 00:11:50 +02:00
jvoisin
1adb6c0f2e Add a security contact 2018-06-07 00:09:53 +02:00
jvoisin
6a832a4104 Prevent exiftool-based parameter-injection 2018-06-06 23:50:25 +02:00
jvoisin
fa6c06ed8a Add some links into the readme 2018-06-04 23:50:55 +02:00
jvoisin
8368de7fa7 Sort the output of mat2 -l 2018-06-04 23:32:13 +02:00
jvoisin
6a1b0b31f0 Add more typing and use mypy in the CI 2018-06-04 23:20:30 +02:00
jvoisin
4ebf9754f8 Import the dynamic import system 
The dynamic import should now work when MAT2 is
installed system-wide, either via the distribution's
packaging system, or via pip.
 2018-06-04 20:53:21 +02:00
jvoisin
e71eff4814 Make bandit happier too. 2018-06-04 20:46:22 +02:00
jvoisin
d1392de6f5 Make pyflakes happier 2018-06-04 20:43:28 +02:00
totallylegit
183667a7f9 Improve a bit the typing, again 2018-06-04 20:39:27 +02:00