Books and toys for geeks and other kids (Amazon "top sellers")
O'Reilly Linux Unix shell C / C++ Perl	PHP Python Java JavaScript TCP/IP	HTML XML .NET PhotoShop Dreamweaver	DirectX Excel Windows 2000 Windows XP VBScript	MCSE Security Tops BigRead Dilbert	Far Side Low Carb Diet PDAs/Handhelds Digital Cameras Flash Sticks

check_msole

Part of protector (http://protector.sourceforge.net)
By Chris Lowth, (protector@lowth.com)

Synopsis

   check_msole [-l] [-d] [-D] [-s directory] filename

check_msole is the module used by the protector suite to validate the safety of Microsoft OLE compound documents such as those created by the MS-Office suite. The program identifies the type of the file and it's embedded objects (if any) by looking at the internal document file system structure and contents. It then verifies that the document and all it's objects are of safe types, and contain no macros or other executable code.

The results of the program's deliberations are written to the standard output in such a format that the protector's part_filter can collect and use them.

The program is cable of identifying (with varying degrees of accuracy) and verifying the safety of the following types of file..

application/ms-clipart
application/ms-drawing
application/ms-equation
application/ms-html-hidden-field
application/ms-mail-attachment
application/ms-mailstream
application/ms-office-binder
application/ms-ole-package
application/ms-paintbrush
application/ms-photo-ed-3
application/ms-publisher
application/ms-visio
application/msword
application/msword-art
application/msword-picture
application/vnd.ms-excel
application/vnd.ms-powerpoint
video/avi

Output

The program outputs its information using a combination of lines in the following formats..

error=	The value "none" means that everything has worked well. Other values give details of the reason for failure.
type=	This value gives the mime type of the document, if it was possible to determine it.
safe=	The value "yes" means that the document is free of viruses and consists only of known safe components. "no" means that the document contains macros or other potentially unsafe components. "Unknown" means that the document contains components that could not be checked for safety (most probably because the author does not know how).

Options

-l	List the directory structure of the internal document file system
-d	Turn on debugging, and the display of various internal variables.
-D	Dump the internal file system components into the working directory. This option is really only useful for development and diagnostic purposes.
-s directory	Save the files from the OLE document internal file system to disk.

Background and credits

In order to write this program, I have made extensive use of the published source code of Sun's StarOffice and the excellent documentation provided with "Elsa" and "Laola" by Martin Schwartz (http://www.wbs.cs.tu-berlin.de/~schwartz/pmh/index.html or http://user.cs.tu-berlin.de/~schwartz/pmh/index.html). Thank you Sun and Martin for some superb code and sources of information

All material on this page, and the "protector" software to which it relates is Copyright (C) 2002 by Lowth.com. "Protector" is free, open source software, licensed according to the terms of the GNU Public License

check_msole

Synopsis

Description

Output

Options

Background and credits