WIP: Fix: Work around bug in oletools where vba macros are not detected properlyfix-oletools-bug-detect_vba_macros

This patch works around a bug[0] in the oletools where the library does
not detect vba macros properly in `VBA_Parser.detect_vba_macros()`
returns true but `VBA_Parser.extract_all_macros()` returns an empty list
because there is no macro.

This test is not tested by me because I do not have the test setup.

[0] https://github.com/decalage2/oletools/issues/501

Signed-off-by: Matthias Beyer <mail@beyermatthias.de>

1 files changed, 10 insertions, 1 deletions

diff --git a/peekaboo/toolbox/ole.py b/peekaboo/toolbox/ole.py
index d1fe4b4..5dff13c 100644
--- a/peekaboo/toolbox/ole.py
+++ b/peekaboo/toolbox/ole.py
@@ -44,7 +44,7 @@ class Oletools(object):
             vbaparser = VBA_Parser(sample.file_path)
 
             # VBA_Parser reports macros for office documents
-            report['has_macros'] = vbaparser.detect_vba_macros() or vbaparser.detect_xlm_macros()
+            report['has_macros'] = Oletools.__parser_has_vba_macros(vbaparser) or vbaparser.detect_xlm_macros()
             try:
                 report['vba'] = vbaparser.reveal()
             except TypeError:
@@ -61,6 +61,15 @@ class Oletools(object):
         sample.register_oletools_report(OletoolsReport(report))
         return report
 
+    def __parser_has_vba_macros(vbaparser):
+        has_macros = vbaparser.detect_vba_macros()
+        if !has_macros:
+            return len(vbaparser.extract_all_macros()) == 0
+        else:
+            return has_macros
+
+
+
 
 class OletoolsReport(object):
     """ Represents a custom Oletools report. """