From 97b2edb18453d9b5dad7b7c6c7ba555e20f80f01 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= <raphael@vinot.info>
Date: Thu, 29 Aug 2019 11:44:52 +0200
Subject: [PATCH] chg: Update oletools usage

---
 filecheck/filecheck.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/filecheck/filecheck.py b/filecheck/filecheck.py
index 28bdb15..c7246b4 100644
--- a/filecheck/filecheck.py
+++ b/filecheck/filecheck.py
@@ -404,9 +404,6 @@ class File(FileBase):
                     self.make_dangerous('WinOffice file containing a macro')
         else:
             indicators = oid.check()
-            if oid.macros.value or oid.ole.exists('macros/vba') or oid.ole.exists('Macros') \
-                    or oid.ole.exists('_VBA_PROJECT_CUR') or oid.ole.exists('VBA'):
-                self.make_dangerous('WinOffice file containing a macro')
             for i in indicators:
                 if i.id == 'ObjectPool' and i.value:
                     self.make_dangerous('WinOffice file containing an object pool')
@@ -414,6 +411,8 @@ class File(FileBase):
                     self.make_dangerous('WinOffice file with embedded flash')
                 elif i.id == 'encrypted' and i.value:
                     self.make_dangerous('Encrypted WinOffice file')
+                elif i.id == 'vba_macros' and i.value:
+                    self.make_dangerous('WinOffice file containing a macro')
 
         self.add_description('WinOffice file')