WEBP Support

[ryanohoro]

Describe the change

Adds webp mime to ScanExiftool, ScanQr, ScanOcr, ScanLsb, ScanNf

Updates tests for ScanOcr and ScanQr

Fixes a small exception handling bug in ScanQr

Closes #283

Describe testing procedures

./strelka-oneshot -l - -f src/python/strelka/tests/fixtures/test_qr.webp

{
    "file": {
        "depth": 0,
        "flavors": {
            "mime": ["image/webp"]
        },
        "scanners": ["ScanEntropy", "ScanExiftool", "ScanFooter", "ScanHash", "ScanHeader", "ScanLsb", "ScanNf", "ScanOcr", "ScanQr", "ScanYara"],
        "size": 66296,
        "tree": {
            "node": "bac5a99b-cc4c-4cc9-80e1-b06a9921e36b",
            "root": "bac5a99b-cc4c-4cc9-80e1-b06a9921e36b"
        }
    },
    "request": {
        "attributes": {
            "filename": "src/python/strelka/tests/fixtures/test_qr.webp"
        },
        "client": "go-oneshot",
        "id": "bac5a99b-cc4c-4cc9-80e1-b06a9921e36b",
        "source": "ubuntu",
        "time": 1673993876
    },
    "scan": {
        "entropy": {
            "elapsed": 0.000067,
            "entropy": 7.99652831935866
        },
        "exiftool": {
            "elapsed": 0.133048,
            "keys": [{
                    "key": "ImageWidth",
                    "value": 999
                }, {
                    "key": "ImageHeight",
                    "value": 609
                }
            ]
        },
        "footer": {
            "backslash": "\\xfd\\x84\\x84-\\xc9\\x11\\x19;\\xffy`\u0026|\\xdbD\\x18\\xfb\u0026D\\xa6\\xc3\\xfd\\x8fDKA3A\\x03@\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00",
            "elapsed": 0.000039,
            "footer": "���-�\u0011\u0019;�y`\u0026|�D\u0018�\u0026D����DKA3A\u0003@\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000"
        },
        "hash": {
            "elapsed": 0.004669,
            "md5": "4a979851ea48ec8c3a802a602b14be8e",
            "sha1": "4d2dddb63bad673c370ec5bde03ba1fe7ad1fe21",
            "sha256": "e171609a4869e75b2489988d3ced2ee264eb856e01cae35466af16d6f44046e4",
            "ssdeep": "1536:ve9kBZY7FrCN14u832UMCCQ9u96kKKlNXbAco6B9F:veIY7Y4u8GzCCgkKK/bRfB",
            "tlsh": "T1C95302486B173AC6246A3D06F6E3ED34DD7B49BE39881A01743DC555CF2760ACD0AE74"
        },
        "header": {
            "backslash": "RIFF\\xf0\\x02\\x01\\x00WEBPVP8 \\xe4\\x02\\x01\\x000@\\x03\\x9d\\x01*\\xe7\\x03a\\x02\u003e\\x91B\\x9bJ%\\xa3\\xa3$\\xa7\\xb4*\\xc8\\xb0\\x12\\ten\\xd7\\xe6",
            "elapsed": 0.000035,
            "header": "RIFF�\u0002\u0001\u0000WEBPVP8 �\u0002\u0001\u00000@\u0003�\u0001*�\u0003a\u0002\u003e�B�J%��$��*Ȱ\u0012\ten��"
        },
        "lsb": {
            "elapsed": 0.010225,
            "lsb": false
        },
        "nf": {
            "elapsed": 0.011744,
            "noise_floor": true,
            "percentage": 0.07232355508217578,
            "threshold": 0.25
        },
        "ocr": {
            "elapsed": 0.755836,
            "text": ["Lorem", "Ipsum", "Lorem", "ipsum", "dolor", "sit", "amet,", "consectetur", "adipiscing", "elit.", "Cras", "lobortis", "sem", "dui.", "Morbi", "at", "magna", "quis", "ligula", "faucibus", "consectetur", "feugiat", "at", "purus.", "Sed", "nec", "lorem", "nibh.", "Nam", "vel", "libero", "odio.", "Vivamus", "tempus", "non", "enim", "egestas", "pretium.", "Vestibulum", "turpis", "arcu,", "maximus", "nec", "libero", "quis,", "imperdiet", "suscipit", "purus.", "Vestibulum", "blandit", "quis", "lacus", "non", "sollicitudin.", "Nullam", "non", "convallis", "dui,", "et", "aliquet", "risus.", "Sed", "accumsan", "ullamcorper", "vehicula.", "Proin", "non", "urna", "facilisis,", "condimentum", "eros", "quis,", "suscipit", "purus.", "Morbi", "euismod", "imperdiet", "neque", "fermentum", "dictum.", "Integer", "aliquam,", "erat", "sit", "amet", "fringilla", "tempus,", "mauris", "ligula", "blandit", "sapien,", "et", "varius", "sem", "mauris", "eu", "diam.", "Sed", "fringilla", "neque", "est,", "in", "laoreet", "felis", "tristique", "in.", "Donec", "luctus", "velit", "a", "posuere", "posuere.", "Suspendisse", "sodales", "pellentesque", "quam."]
        },
        "qr": {
            "data": "https://www.example.com/",
            "elapsed": 0.088344,
            "type": "url"
        },
        "yara": {
            "elapsed": 0.002177,
            "matches": ["test"]
        }
    }
}

============================= test session starts ==============================
platform linux -- Python 3.10.6, pytest-7.2.0, pluggy-1.0.0
rootdir: /strelka
plugins: mock-3.10.0, unordered-0.5.2
collected 93 items
...
tests/test_scan_ocr.py .
tests/test_scan_ole.py ....
tests/test_scan_pcap.py ..
tests/test_scan_pdf.py .
tests/test_scan_pe.py .
tests/test_scan_pgp.py ....
tests/test_scan_plist.py .
tests/test_scan_png_eof.py ...
tests/test_scan_qr.py .

...
======================= 93 passed, 28 warnings in 29.15s =======================

Sample output

No changes

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of and tested my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings

[phutelmyer]

👍