[THOG-608] - Fix linter errors. (#701)

* Fix linter errors. * Fix gist adding test. * Update test string for mock JSON reply. * Remove if.
2024-09-20 14:42:03 +00:00 · 2022-08-09 19:20:02 -07:00 · 2022-08-09 19:20:02 -07:00 · 30ebe84e3e
commit 30ebe84e3e
parent 8826e369cf
11 changed files with 50 additions and 28 deletions
--- a/pkg/detectors/api2cart/api2cart.go
+++ b/pkg/detectors/api2cart/api2cart.go
@ -61,7 +61,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result

 				var result Response
 				if errBody == nil {
-					json.Unmarshal(body, &result)
+					if err := json.Unmarshal(body, &result); err != nil {
+						continue
+					}

 					if res.StatusCode >= 200 && res.StatusCode < 300 && result.ReturnCode == 0 {
 						s1.Verified = true
--- a/pkg/detectors/cexio/cexio.go
+++ b/pkg/detectors/cexio/cexio.go
@ -102,7 +102,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 						}

 						var responseObject Response
-						json.Unmarshal(body, &responseObject)
+						if err := json.Unmarshal(body, &responseObject); err != nil {
+							continue
+						}

 						if res.StatusCode >= 200 && res.StatusCode < 300 && validResponse {
 							s1.Verified = true
--- a/pkg/detectors/gengo/gengo.go
+++ b/pkg/detectors/gengo/gengo.go
@ -28,7 +28,7 @@ var (
 	client = common.SaneHttpClient()

 	// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
-	//Removed bounds since there are some cases where the start and end of the token is a special character
+	// Removed bounds since there are some cases where the start and end of the token is a special character
 	keyPat    = regexp.MustCompile(detectors.PrefixRegex([]string{"gengo"}) + `([ ]{0,1}[0-9a-zA-Z\[\]\-\(\)\{\}|_^@$=~]{64}[ \r\n]{1})`)
 	secretPat = regexp.MustCompile(detectors.PrefixRegex([]string{"gengo"}) + `([ ]{0,1}[0-9a-zA-Z\[\]\-\(\)\{\}|_^@$=~]{64}[ \r\n]{1})`)
 )
@ -80,7 +80,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result

 					if errBody == nil {
 						var response Response
-						json.Unmarshal(body, &response)
+						if err := json.Unmarshal(body, &response); err != nil {
+							continue
+						}

 						if res.StatusCode >= 200 && res.StatusCode < 300 && response.OpStat == "ok" {
 							s1.Verified = true
--- a/pkg/detectors/gocanvas/gocanvas.go
+++ b/pkg/detectors/gocanvas/gocanvas.go
@ -76,7 +76,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result

 					if errBody == nil {
 						response := Response{}
-						xml.Unmarshal(body, &response)
+						if err := xml.Unmarshal(body, &response); err != nil {
+							continue
+						}

 						if res.StatusCode >= 200 && res.StatusCode < 300 && response.Error == nil {
 							s1.Verified = true
--- a/pkg/detectors/slack/slack.go
+++ b/pkg/detectors/slack/slack.go
@ -69,7 +69,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 				if err == nil {
 					defer res.Body.Close()
 					var authResponse authRes
-					json.NewDecoder(res.Body).Decode(&authResponse)
+					if err := json.NewDecoder(res.Body).Decode(&authResponse); err != nil {
+						continue
+					}
 					s.Verified = authResponse.Ok
 				}
 			}
--- a/pkg/engine/git.go
+++ b/pkg/engine/git.go
@ -6,11 +6,11 @@ import (
 	"runtime"

 	"github.com/go-errors/errors"
-	"github.com/go-git/go-git/v5/plumbing/object"
-
 	gogit "github.com/go-git/go-git/v5"
 	"github.com/go-git/go-git/v5/plumbing"
+	"github.com/go-git/go-git/v5/plumbing/object"
 	"github.com/sirupsen/logrus"
+
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
--- a/pkg/engine/git_test.go
+++ b/pkg/engine/git_test.go
@ -56,7 +56,9 @@ func TestGitEngine(t *testing.T) {
 			WithDecoders(decoders.DefaultDecoders()...),
 			WithDetectors(false, DefaultDetectors()...),
 		)
-		e.ScanGit(ctx, path, tTest.branch, tTest.base, tTest.maxDepth, tTest.filter)
+		if err := e.ScanGit(ctx, path, tTest.branch, tTest.base, tTest.maxDepth, tTest.filter); err != nil {
+			return
+		}
 		go e.Finish()
 		resultCount := 0
 		for result := range e.ResultsChan() {
@ -104,7 +106,9 @@ func BenchmarkGitEngine(b *testing.B) {
 	for i := 0; i < b.N; i++ {
 		// TODO: this is measuring the time it takes to initialize the source
 		// and not to do the full scan
-		e.ScanGit(ctx, path, "", "", 0, common.FilterEmpty())
+		if err := e.ScanGit(ctx, path, "", "", 0, common.FilterEmpty()); err != nil {
+			return
+		}
 	}
 	e.Finish()
 }
--- a/pkg/sources/filesystem/filesystem.go
+++ b/pkg/sources/filesystem/filesystem.go
@ -11,22 +11,22 @@ import (

 	"github.com/go-errors/errors"
 	log "github.com/sirupsen/logrus"
+	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/types/known/anypb"
+
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/handlers"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/sanitizer"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/sources"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/types/known/anypb"
 )

 const (
 	// These buffer sizes are mainly driven by our largest credential size, which is GCP @ ~2.25KB.
 	// Having a peek size larger than that ensures that we have complete credential coverage in our chunks.
-	BufferSize     = 10 * 1024        // 10KB
-	PeekSize       = 3 * 1024         // 3KB
-	MaxArchiveSize = 20 * 1024 * 1024 // 20MB
+	BufferSize = 10 * 1024 // 10KB
+	PeekSize   = 3 * 1024  // 3KB
 )

 type Source struct {
@ -58,7 +58,7 @@ func (s *Source) JobID() int64 {
 }

 // Init returns an initialized Filesystem source.
-func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64, verify bool, connection *anypb.Any, concurrency int) error {
+func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64, verify bool, connection *anypb.Any, _ int) error {
 	s.log = log.WithField("source", s.Type()).WithField("name", name)

 	s.aCtx = aCtx
@ -68,9 +68,8 @@ func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64,
 	s.verify = verify

 	var conn sourcespb.Filesystem
-	err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{})
-	if err != nil {
-		errors.WrapPrefix(err, "error unmarshalling connection", 0)
+	if err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{}); err != nil {
+		return errors.WrapPrefix(err, "error unmarshalling connection", 0)
 	}

 	s.paths = conn.Directories
--- a/pkg/sources/git/git.go
+++ b/pkg/sources/git/git.go
@ -95,9 +95,8 @@ func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64,
 	s.verify = verify

 	var conn sourcespb.Git
-	err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{})
-	if err != nil {
-		errors.WrapPrefix(err, "error unmarshalling connection", 0)
+	if err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{}); err != nil {
+		return errors.WrapPrefix(err, "error unmarshalling connection", 0)
 	}

 	s.conn = &conn
--- a/pkg/sources/github/github.go
+++ b/pkg/sources/github/github.go
@ -228,10 +228,14 @@ func (s *Source) enumerateWithToken(ctx context.Context, apiEndpoint, token stri
 		}
 	}

-	s.addGistsByUser(ctx, apiClient, user.GetLogin())
+	if err := s.addGistsByUser(ctx, apiClient, user.GetLogin()); err != nil {
+		return nil, err
+	}
 	for _, org := range s.orgs {
 		// TODO: Test it actually works to list org gists like this.
-		s.addGistsByUser(ctx, apiClient, org)
+		if err := s.addGistsByUser(ctx, apiClient, org); err != nil {
+			log.WithError(err).Errorf("error fetching gists by org: %s", org)
+		}
 	}
 	return apiClient, nil
 }
--- a/pkg/sources/github/github_test.go
+++ b/pkg/sources/github/github_test.go
@ -18,10 +18,11 @@ import (
 	"github.com/google/go-github/v42/github"
 	"github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
-	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/credentialspb"
-	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
 	"google.golang.org/protobuf/types/known/anypb"
 	"gopkg.in/h2non/gock.v1"
+
+	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/credentialspb"
+	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
 )

 func createTestSource(src *sourcespb.GitHub) (*Source, *anypb.Any) {
@ -284,11 +285,16 @@ func TestEnumerateWithToken(t *testing.T) {
 		Reply(200).
 		JSON([]map[string]string{{"clone_url": "super-secret-repo"}})

+	gock.New("https://api.github.com").
+		Get("/users/super-secret-user/gists").
+		Reply(200).
+		JSON([]map[string]string{{"clone_url": ""}})
+
 	s := initTestSource(nil)
 	_, err := s.enumerateWithToken(context.TODO(), "https://api.github.com", "token")
 	assert.Nil(t, err)
-	assert.Equal(t, 1, len(s.repos))
-	assert.Equal(t, []string{"super-secret-repo"}, s.repos)
+	assert.Equal(t, 2, len(s.repos))
+	assert.Equal(t, []string{"super-secret-repo", ""}, s.repos)
 	assert.True(t, gock.IsDone())
 }