When trying to read in a value from the text associated with an object like a Shape (_read_from_object_text function in vba_object.py) there is a case where arg.lhs will have an attribute 'eval' which is an empty string. This raises an exception when executing lhs.eval(context) (line 253) because it is not callable.
Parsing text values of shapes does not return the correct name of the shape. Parsing which is done in vmonkey.py (_get_shapes_text_values function) always uses the format "Shapes()" for the variable. When a macro accesses a shape alternative text via the Shapes name (Shapes() takes an id or a name as seen here https://docs.microsoft.com/en-us/office/vba/api/excel.shapes.item) it will not be identified by ViperMonkey because the correct variable doesn't exist. For example the macro has the following line Shell Shapes("sm8epsd9jf16kh").AlternativeText, vbHide but the parsed doc variables only has Shapes("1").AlternativeText. By looking at the hex of two .doc files containing shapes with custom names, it looks like the name exists in the file before the unicode text value (Screenshots 1,2).
The exception described in the first issue should be raised
Bypass the exception (for example add a condition that verifies that lhs.eval does not evaluate to false - (hasattr(lhs, "eval") and lhs.eval) line 252)
Execute ViperMonkey with the same input
The actual command line found in the shape's alternative text will not be parsed
Expected behavior
String objects should not be called
Macros using the technique of hiding the command line in a custom named shape's alternative text field should be identified and parsed
Screenshots
Desktop (please complete the following information):
OS: Win10
Browser N/A
Version N/A
Smartphone (please complete the following information):
N/A
Describe the bug
arg.lhswill have an attribute 'eval' which is an empty string. This raises an exception when executinglhs.eval(context)(line 253) because it is not callable.Shell Shapes("sm8epsd9jf16kh").AlternativeText, vbHidebut the parsed doc variables only has Shapes("1").AlternativeText. By looking at the hex of two .doc files containing shapes with custom names, it looks like the name exists in the file before the unicode text value (Screenshots 1,2).To Reproduce Steps to reproduce the behavior:
(hasattr(lhs, "eval") and lhs.eval)line 252)Expected behavior
Screenshots
Desktop (please complete the following information):
Smartphone (please complete the following information): N/A