mirror of https://github.com/MISP/PyMISP
07137209e2
eml files downloaded from Windows Online security on some Windows 11 systems are automatically encoded in UTF with a byte order mark (BOM) at the front of the file. This will cause the email parser to fail. This is a somewhat isolated problem. It only will affects a small subset of Windows users who download and re-upload eml files. But, this small subset of users is the target user-base for the MISP email module: low expertiese users who wish to quickly share high-value indicators on an ad-hoc basis. While this fix could be tacked onto the MISP email module instead of here, I beleive that this fix is more appropriate in the PyMISP object code. As the "email" object parser this object should be built to parse all manner of emails that it may encounter. This includes common malformations such as this one and, even horrors such as, the .msg format. This commit adds a generically named "attempt_decoding" function which can be expanded to address all manner of sins that are encountered in the future. |
||
|---|---|---|
| .. | ||
| data | ||
| tools | ||
| __init__.py | ||
| abstract.py | ||
| api.py | ||
| exceptions.py | ||
| mispevent.py | ||
| py.typed | ||