Fix infinite loop when printing certain charmaps

michelcrypt4d4mus · Oct 18, 2022 · de453cd · de453cd
1 parent c2cd82e
commit de453cd
Show file tree

Hide file tree

Showing 7 changed files with 14 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,7 @@
 # NEXT RELEASE
 
+### 1.13.2
+
 ### 1.13.1
 * Add **all** the possible PDF internal commands that can lead to JavaScript execution or local/remote command exection to `DANGEROUS_PDF_KEYS` list.
 

diff --git a/doc/svgs/rendered_images/pdfalyze_help.png b/doc/svgs/rendered_images/pdfalyze_help.png
diff --git a/pdfalyzer/helpers/rich_text_helper.py b/pdfalyzer/helpers/rich_text_helper.py
@@ -18,7 +18,7 @@ def quoted_text(
     ) -> Text:
     """Wrap _string in 'quote_char'. Style 'quote_char' with 'quote_char_style'."""
     quote_char_txt = Text(quote_char, style=quote_char_style)
-    txt = quote_char_txt.append(_string, style=style).append_text(quote_char_txt)
+    txt = quote_char_txt + Text(_string, style=style) + quote_char_txt
     txt.justify = 'center'
     return txt
 

diff --git a/pdfalyzer/yara_rules/PDF.yara b/pdfalyzer/yara_rules/PDF.yara
@@ -6,6 +6,7 @@ import "math"
 //     meta:
 //         author = "Jaume Martin"
 //         description = "Matches '%PDF' to '%%EOF'. Works even on raw bytes (e.g. raw dd image of a drive)"
+//         reference = "https://github.com/Xumeiquer/yara-forensics/blob/bccefe4bac824956cd0694b6681a2d555bf6b0fe/raw/pdf.yar"
 
 //     strings:
 //         $pdf_start = {25 50 44 46}

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "pdfalyzer"
-version = "1.13.1"
+version = "1.13.2"
 description = "A PDF analysis toolkit. Scan a PDF with relevant YARA rules, visualize its inner tree-like data structure in living color (lots of colors), force decodes of suspicious font binaries, and more."
 authors = ["Michel de Cryptadamus <[email protected]>"]
 license = "GPL-3.0-or-later"

diff --git a/scripts/test_against_all_pdfs_in_Documents_folder.sh b/scripts/test_against_all_pdfs_in_Documents_folder.sh
@@ -17,7 +17,7 @@ pdfalyze_doc() {
         return
     fi
 
-    cmd="$PDFALYZER_EXECUTABLE -r -t -d \"$pdf_full_path\""
+    cmd="$PDFALYZER_EXECUTABLE -f -t \"$pdf_full_path\""
     echo -e "\nCommand to run: $cmd"
 
     eval $cmd

diff --git a/tests/pdfalyzer/helpers/test_rich_text_helper.py b/tests/pdfalyzer/helpers/test_rich_text_helper.py
@@ -0,0 +1,8 @@
+from rich.text import Text
+
+from pdfalyzer.helpers.rich_text_helper import quoted_text
+
+
+def test_quoted_text():
+    assert quoted_text('xyz').plain == "'xyz'"
+    assert quoted_text('-1', quote_char='"').plain == '"-1"'