Remove cycle between oletools and pcodedmp
youngcho22 opened this issue · 0 comments
Affected tool:
bazel
Describe the bug
There's a cycle between oletools and pcodedmp, as the maintainers would already know, and this is causing an issue when bazel tries to pull these packages using pip_parse. The difference between bazel and pip comes from the fact that pip doesn't enforce acyclic dependency graphs in dependencies as opposed to bazel that can build a DAG only.
File/Malware sample to reproduce the bug
ERROR: /private/var/tmp/_bazel_youngmokcho/994b3e899f1f2de61f63ee481ccf26ec/external/python39_deps_oletools/BUILD.bazel:22:11: in py_library rule @python39_deps_oletools//:pkg: cycle in dependency graph:
...
...
@python39_deps_extract_msg//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
@python39_deps_rtfde//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
.-> @python39_deps_oletools//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
| @python39_deps_pcodedmp//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
`-- @python39_deps_oletools//:pkg (a67e7319e1c7c12c19874dc7398a81096687d91bef4f7e6484f8c2d3ac4fea7f)
How To Reproduce the bug
You can create a bazel workspace that pulls oletools==0.60.1 using pip_parse rule from rules_python.
Expected behavior
The expected behaviour is that there's no cycle in transitive dependencies of oletools including itself.
Console output / Screenshots
n/a
Version information:
- OS: Mac x86_64 (using Rosetta2)
- OS version: 64 bits
- Python version: 3.9.15
- oletools version: 0.60.1
Additional context
n/a