Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apply ValuePemPatternCheck for PEM rule #367

Closed
wants to merge 23 commits into from
Closed

apply ValuePemPatternCheck for PEM rule #367

wants to merge 23 commits into from

Conversation

babenek
Copy link
Contributor

@babenek babenek commented Jun 23, 2023
edited
Loading

Description

REVIEW AFTER #370 !!!

Please include a summary of the change and which is fixed.

  • Applied forgotten ValuePemPatternCheck for PEM scanner
  • fix offset limit for the scanner
  • refactored PEM detector
  • morphemes list updatet with VoC
  • set 2000 as maximal line length

How has this been tested?

Please describe the tests that you ran to verify your changes.

  • UnitTest
  • Test Benchmark

@babenek babenek force-pushed the jwt branch 2 times, most recently from 5c6c7fc to a50a938 Compare June 26, 2023 05:56
@babenek babenek marked this pull request as ready for review June 26, 2023 07:09
@babenek babenek requested a review from a team as a code owner June 26, 2023 07:10
@babenek babenek requested a review from csh519 June 26, 2023 09:37
csh519
csh519 reviewed Jun 26, 2023
View reviewed changes
credsweeper/scanner/scan_type/pem_key_pattern.py Outdated
@@ -58,15 +60,12 @@ def is_pem_key(cls, lines: List[str], config: Config) -> bool:
lines = cls.strip_lines(lines)
lines = cls.remove_leading_config_lines(lines)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

About checking line length is over 190 or not, this method remove_leading_config_lines() can reduce size of lines.
So isn't it good to just remain line length check code here?

Like below.

credsweeper/scanner/scan_type/pem_key_pattern.py Outdated
Comment on lines 61 to 63
for line_num, line in enumerate(lines):
if line_num >= 190:
return False
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

if len(lines) >= 190:
    return False

Copy link
Contributor Author

@babenek babenek Jun 26, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Opposite. It will skip huge files.
```remove_leading_config_lines`` does not trim ending so there might be a long tail over 190 lines with remaining.
If the key will be not found in given 190 lines - it returns False at end of function.

@babenek babenek marked this pull request as draft June 26, 2023 17:07
@babenek
Copy link
Contributor Author

babenek commented Jul 3, 2023

Closing due many conflicts. All the changes will be in #373

@babenek babenek closed this Jul 3, 2023
@babenek babenek deleted the jwt branch July 3, 2023 10:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@csh519 csh519 csh519 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@babenek @csh519