Merge branch 'main' into lc/fix-quickmetrics

trufflesecurity · Oct 25, 2023 · d074952 · d074952
2 parents 7ce506d + 386c54e
commit d074952
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 3 deletions.
diff --git a/pkg/detectors/meaningcloud/meaningcloud.go b/pkg/detectors/meaningcloud/meaningcloud.go
@@ -3,6 +3,7 @@ package meaningcloud
 import (
 	"bytes"
 	"context"
+	"encoding/json"
 	"io"
 	"mime/multipart"
 	"net/http"
@@ -32,6 +33,10 @@ func (s Scanner) Keywords() []string {
 	return []string{"meaningcloud"}
 }
 
+type response struct {
+	DeepTime float64 `json:"deepTime"`
+}
+
 // FromData will find and optionally verify MeaningCloud secrets in a given set of bytes.
 func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
 	dataStr := string(data)
@@ -78,7 +83,14 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			if err == nil {
 				defer res.Body.Close()
 				if res.StatusCode >= 200 && res.StatusCode < 300 {
-					s1.Verified = true
+					var r response
+					if err := json.NewDecoder(res.Body).Decode(&r); err != nil {
+						s1.VerificationError = err
+						continue
+					}
+					if r.DeepTime > 0 {
+						s1.Verified = true
+					}
 				} else {
 					// This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key.
 					if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {

diff --git a/pkg/detectors/screenshotapi/screenshotapi.go b/pkg/detectors/screenshotapi/screenshotapi.go
@@ -2,6 +2,7 @@ package screenshotapi
 
 import (
 	"context"
+	"encoding/json"
 	"net/http"
 	"regexp"
 	"strings"
@@ -30,6 +31,10 @@ func (s Scanner) Keywords() []string {
 	return []string{"screenshotapi"}
 }
 
+type response struct {
+	Screenshot string `json:"screenshot"`
+}
+
 // FromData will find and optionally verify ScreenshotAPI secrets in a given set of bytes.
 func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
 	dataStr := string(data)
@@ -50,14 +55,19 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 		if verify {
 			timeout := 10 * time.Second
 			client.Timeout = timeout
-			req, err := http.NewRequestWithContext(ctx, "GET", "https://shot.screenshotapi.net/screenshot?token="+resMatch+"&url=https://google.com&width=1920&height=1080&output=image", nil)
+			req, err := http.NewRequestWithContext(ctx, "GET", "https://shot.screenshotapi.net/screenshot?token="+resMatch+"&url=https://google.com&width=1920&height=1080", nil)
 			if err != nil {
 				continue
 			}
 			res, err := client.Do(req)
 			if err == nil {
 				defer res.Body.Close()
-				if res.StatusCode >= 200 && res.StatusCode < 300 {
+				var r response
+				if err := json.NewDecoder(res.Body).Decode(&r); err != nil {
+					s1.VerificationError = err
+					continue
+				}
+				if res.StatusCode >= 200 && res.StatusCode < 300 && r.Screenshot != "" {
 					s1.Verified = true
 				} else {
 					// This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key.