Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 15:14:38 +00:00
Code Issues Projects Releases Packages Wiki Activity

[THOG-608] - Fix linter errors. (#701)

Browse source 
* Fix linter errors.

* Fix gist adding test.

* Update test string for mock JSON reply.

* Remove if.
This commit is contained in:
ahrav 2022-08-09 19:20:02 -07:00 committed by GitHub
parent 8826e369cf
commit 30ebe84e3e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 50 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkg/detectors/api2cart/api2cart.go
View file

@ -61,7 +61,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
var result Response var result Response
if errBody == nil { if errBody == nil {
json.Unmarshal(body, &result) if err := json.Unmarshal(body, &result); err != nil {
continue
}
if res.StatusCode >= 200 && res.StatusCode < 300 && result.ReturnCode == 0 { if res.StatusCode >= 200 && res.StatusCode < 300 && result.ReturnCode == 0 {
s1.Verified = true s1.Verified = true

4
pkg/detectors/cexio/cexio.go
View file

@ -102,7 +102,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
} }
var responseObject Response var responseObject Response
json.Unmarshal(body, &responseObject) if err := json.Unmarshal(body, &responseObject); err != nil {
continue
}
if res.StatusCode >= 200 && res.StatusCode < 300 && validResponse { if res.StatusCode >= 200 && res.StatusCode < 300 && validResponse {
s1.Verified = true s1.Verified = true

6
pkg/detectors/gengo/gengo.go
View file

@ -28,7 +28,7 @@ var (
client = common.SaneHttpClient() client = common.SaneHttpClient()
// Make sure that your group is surrounded in boundary characters such as below to reduce false positives. // Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
//Removed bounds since there are some cases where the start and end of the token is a special character // Removed bounds since there are some cases where the start and end of the token is a special character
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"gengo"}) + `([ ]{0,1}[0-9a-zA-Z\[\]\-\(\)\{\}|_^@$=~]{64}[ \r\n]{1})`) keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"gengo"}) + `([ ]{0,1}[0-9a-zA-Z\[\]\-\(\)\{\}|_^@$=~]{64}[ \r\n]{1})`)
secretPat = regexp.MustCompile(detectors.PrefixRegex([]string{"gengo"}) + `([ ]{0,1}[0-9a-zA-Z\[\]\-\(\)\{\}|_^@$=~]{64}[ \r\n]{1})`) secretPat = regexp.MustCompile(detectors.PrefixRegex([]string{"gengo"}) + `([ ]{0,1}[0-9a-zA-Z\[\]\-\(\)\{\}|_^@$=~]{64}[ \r\n]{1})`)
) )
@ -80,7 +80,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
if errBody == nil { if errBody == nil {
var response Response var response Response
json.Unmarshal(body, &response) if err := json.Unmarshal(body, &response); err != nil {
continue
}
if res.StatusCode >= 200 && res.StatusCode < 300 && response.OpStat == "ok" { if res.StatusCode >= 200 && res.StatusCode < 300 && response.OpStat == "ok" {
s1.Verified = true s1.Verified = true

4
pkg/detectors/gocanvas/gocanvas.go
View file

@ -76,7 +76,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
if errBody == nil { if errBody == nil {
response := Response{} response := Response{}
xml.Unmarshal(body, &response) if err := xml.Unmarshal(body, &response); err != nil {
continue
}
if res.StatusCode >= 200 && res.StatusCode < 300 && response.Error == nil { if res.StatusCode >= 200 && res.StatusCode < 300 && response.Error == nil {
s1.Verified = true s1.Verified = true

4
pkg/detectors/slack/slack.go
View file

@ -69,7 +69,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
if err == nil { if err == nil {
defer res.Body.Close() defer res.Body.Close()
var authResponse authRes var authResponse authRes
json.NewDecoder(res.Body).Decode(&authResponse) if err := json.NewDecoder(res.Body).Decode(&authResponse); err != nil {
continue
}
s.Verified = authResponse.Ok s.Verified = authResponse.Ok
} }
} }

4
pkg/engine/git.go
View file

@ -6,11 +6,11 @@ import (
"runtime" "runtime"
"github.com/go-errors/errors" "github.com/go-errors/errors"
"github.com/go-git/go-git/v5/plumbing/object"
gogit "github.com/go-git/go-git/v5" gogit "github.com/go-git/go-git/v5"
"github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/object"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/common"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"

8
pkg/engine/git_test.go
View file

@ -56,7 +56,9 @@ func TestGitEngine(t *testing.T) {
WithDecoders(decoders.DefaultDecoders()...), WithDecoders(decoders.DefaultDecoders()...),
WithDetectors(false, DefaultDetectors()...), WithDetectors(false, DefaultDetectors()...),
) )
e.ScanGit(ctx, path, tTest.branch, tTest.base, tTest.maxDepth, tTest.filter) if err := e.ScanGit(ctx, path, tTest.branch, tTest.base, tTest.maxDepth, tTest.filter); err != nil {
return
}
go e.Finish() go e.Finish()
resultCount := 0 resultCount := 0
for result := range e.ResultsChan() { for result := range e.ResultsChan() {
@ -104,7 +106,9 @@ func BenchmarkGitEngine(b *testing.B) {
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
// TODO: this is measuring the time it takes to initialize the source // TODO: this is measuring the time it takes to initialize the source
// and not to do the full scan // and not to do the full scan
e.ScanGit(ctx, path, "", "", 0, common.FilterEmpty()) if err := e.ScanGit(ctx, path, "", "", 0, common.FilterEmpty()); err != nil {
return
}
} }
e.Finish() e.Finish()
} }

17
pkg/sources/filesystem/filesystem.go
View file

@ -11,22 +11,22 @@ import (
"github.com/go-errors/errors" "github.com/go-errors/errors"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/types/known/anypb"
"github.com/trufflesecurity/trufflehog/v3/pkg/common" "github.com/trufflesecurity/trufflehog/v3/pkg/common"
"github.com/trufflesecurity/trufflehog/v3/pkg/handlers" "github.com/trufflesecurity/trufflehog/v3/pkg/handlers"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
"github.com/trufflesecurity/trufflehog/v3/pkg/sanitizer" "github.com/trufflesecurity/trufflehog/v3/pkg/sanitizer"
"github.com/trufflesecurity/trufflehog/v3/pkg/sources" "github.com/trufflesecurity/trufflehog/v3/pkg/sources"
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/types/known/anypb"
) )
const ( const (
// These buffer sizes are mainly driven by our largest credential size, which is GCP @ ~2.25KB. // These buffer sizes are mainly driven by our largest credential size, which is GCP @ ~2.25KB.
// Having a peek size larger than that ensures that we have complete credential coverage in our chunks. // Having a peek size larger than that ensures that we have complete credential coverage in our chunks.
BufferSize = 10 * 1024 // 10KB BufferSize = 10 * 1024 // 10KB
PeekSize = 3 * 1024 // 3KB PeekSize = 3 * 1024 // 3KB
MaxArchiveSize = 20 * 1024 * 1024 // 20MB
) )
type Source struct { type Source struct {
@ -58,7 +58,7 @@ func (s *Source) JobID() int64 {
} }
// Init returns an initialized Filesystem source. // Init returns an initialized Filesystem source.
func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64, verify bool, connection *anypb.Any, concurrency int) error { func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64, verify bool, connection *anypb.Any, _ int) error {
s.log = log.WithField("source", s.Type()).WithField("name", name) s.log = log.WithField("source", s.Type()).WithField("name", name)
s.aCtx = aCtx s.aCtx = aCtx
@ -68,9 +68,8 @@ func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64,
s.verify = verify s.verify = verify
var conn sourcespb.Filesystem var conn sourcespb.Filesystem
err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{}) if err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{}); err != nil {
if err != nil { return errors.WrapPrefix(err, "error unmarshalling connection", 0)
errors.WrapPrefix(err, "error unmarshalling connection", 0)
} }
s.paths = conn.Directories s.paths = conn.Directories

5
pkg/sources/git/git.go
View file

@ -95,9 +95,8 @@ func (s *Source) Init(aCtx context.Context, name string, jobId, sourceId int64,
s.verify = verify s.verify = verify
var conn sourcespb.Git var conn sourcespb.Git
err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{}) if err := anypb.UnmarshalTo(connection, &conn, proto.UnmarshalOptions{}); err != nil {
if err != nil { return errors.WrapPrefix(err, "error unmarshalling connection", 0)
errors.WrapPrefix(err, "error unmarshalling connection", 0)
} }
s.conn = &conn s.conn = &conn

8
pkg/sources/github/github.go
View file

@ -228,10 +228,14 @@ func (s *Source) enumerateWithToken(ctx context.Context, apiEndpoint, token stri
} }
} }
s.addGistsByUser(ctx, apiClient, user.GetLogin()) if err := s.addGistsByUser(ctx, apiClient, user.GetLogin()); err != nil {
return nil, err
}
for _, org := range s.orgs { for _, org := range s.orgs {
// TODO: Test it actually works to list org gists like this. // TODO: Test it actually works to list org gists like this.
s.addGistsByUser(ctx, apiClient, org) if err := s.addGistsByUser(ctx, apiClient, org); err != nil {
log.WithError(err).Errorf("error fetching gists by org: %s", org)
}
} }
return apiClient, nil return apiClient, nil
} }

14
pkg/sources/github/github_test.go
View file

@ -18,10 +18,11 @@ import (
"github.com/google/go-github/v42/github" "github.com/google/go-github/v42/github"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/credentialspb"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
"google.golang.org/protobuf/types/known/anypb" "google.golang.org/protobuf/types/known/anypb"
"gopkg.in/h2non/gock.v1" "gopkg.in/h2non/gock.v1"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/credentialspb"
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb"
) )
func createTestSource(src *sourcespb.GitHub) (*Source, *anypb.Any) { func createTestSource(src *sourcespb.GitHub) (*Source, *anypb.Any) {
@ -284,11 +285,16 @@ func TestEnumerateWithToken(t *testing.T) {
Reply(200). Reply(200).
JSON([]map[string]string{{"clone_url": "super-secret-repo"}}) JSON([]map[string]string{{"clone_url": "super-secret-repo"}})
gock.New("https://api.github.com").
Get("/users/super-secret-user/gists").
Reply(200).
JSON([]map[string]string{{"clone_url": ""}})
s := initTestSource(nil) s := initTestSource(nil)
_, err := s.enumerateWithToken(context.TODO(), "https://api.github.com", "token") _, err := s.enumerateWithToken(context.TODO(), "https://api.github.com", "token")
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, 1, len(s.repos)) assert.Equal(t, 2, len(s.repos))
assert.Equal(t, []string{"super-secret-repo"}, s.repos) assert.Equal(t, []string{"super-secret-repo", ""}, s.repos)
assert.True(t, gock.IsDone()) assert.True(t, gock.IsDone())
} }