Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vmonkey, read_ole_fields: use zipfile with in-memory buffer instead of temp file #107

Open
decalage2 opened this issue Feb 18, 2021 · 1 comment
Open

vmonkey, read_ole_fields: use zipfile with in-memory buffer instead of temp file #107

decalage2 opened this issue Feb 18, 2021 · 1 comment
Assignees
@decalage2
Labels
enhancement
Milestone
ViperMonkey 0.08

Comments

@decalage2
Copy link
Owner

decalage2 commented Feb 18, 2021
edited

In several places a temporary file on disk is used to parse a zip file and extract files. It should all be done in memory to avoid issues with temp files.
(search for "unzip", "/tmp", "tempfile", ...)

Issues due to temp files on disk:

  • exceptions on Windows when trying to delete temp file without closing the zipfile first
  • if there is an antivirus running, it can detect and delete temp files before we process them
@decalage2 decalage2 added this to the ViperMonkey 0.08 milestone Feb 18, 2021
@decalage2 decalage2 self-assigned this Feb 18, 2021
@decalage2
Copy link
Owner Author

done for vmonkey/pull_embedded_pe_files in commit b0fb1b2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@decalage2 decalage2

Labels
enhancement
Projects
None yet
Milestone
ViperMonkey 0.08
Development

No branches or pull requests
1 participant
@decalage2