Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

File-based Rules + Deduplication logic removal in v7.0.0 #472

Closed
ramimac opened this issue Dec 4, 2020 · 7 comments
Closed

File-based Rules + Deduplication logic removal in v7.0.0 #472

ramimac opened this issue Dec 4, 2020 · 7 comments
Assignees
@zricethezav
Labels
bug Something isn't working

Comments

@ramimac
Copy link

ramimac commented Dec 4, 2020

Describe the bug

When using gitleaks v7.0.0, the removal of deduplication logic means that filename/path rules result in noisy, unnecessary) alerts (1 per line in file).

To Reproduce

  1. Create a rule like:
[[rules]]
	description = "flag txt"
	file = '''(.*?)(txt)$'''
	tags = ["key", "extensions"]
  1. Create a file "trigger.txt" that is multiple lines in length.
  2. Run gitleaks, not that you will see duplicate alerts on "Filename/path offender: trigger.txt" , one per line in file

Expected behavior
I would expect file/path rules to only alert once per file.

Screenshots
If applicable, add screenshots to help explain your problem.

Basic Info (please complete the following information):

  • OS: Using docker
  • Gitleaks Version: 7.0.0

Additional context

cc @zricethezav
@ramimac ramimac added the bug Something isn't working label Dec 4, 2020
@zricethezav zricethezav self-assigned this Dec 4, 2020
@zricethezav
Copy link
Collaborator

Most definitely a bug. Thanks for raising this. Will fix asap

@zricethezav
Copy link
Collaborator

zricethezav commented Dec 4, 2020
edited

@ramimac I was unable to recreate this bug

➜  ~/Go/src/github.com/zricethezav/gitleaks (tmp) ./gitleaks --config-path=test_data/test_configs/onlyFiles.toml -p . -v
INFO[0000] opening .
{
        "line": "",
        "lineNumber": 0,
        "offender": "Filename/path offender: trigger.txt",
        "commit": "20eaeb9aafb98e975b9b0fe70b6fc72df8ec13cf",
        "repo": ".",
        "repoURL": "",
        "leakURL": "",
        "rule": "flag txt",
        "commitMessage": "tst\n",
        "author": "zricethezav",
        "email": "zricer@protonmail.com",
        "file": "trigger.txt",
        "date": "2020-12-04T13:34:12-05:00",
        "tags": "key, extensions"
}
INFO[0009] scan time: 9 seconds 523 milliseconds 883 microseconds
INFO[0009] commits scanned: 712
WARN[0009] leaks found: 1

Is what I'm getting.

onlyFiles.toml:

[[rules]]
	description = "flag txt"
	file = '''trigger.txt'''
	tags = ["key", "extensions"]

Could you show share some additional details on how to recreate this?

@ramimac
Copy link
Author

ramimac commented Dec 4, 2020

@zricethezav Sorry for the incomplete reproduction. This is actually an artifact of no-git as well:

gitleaks --config-path=onlyFiles.toml -p vol/ --no-git --verbose

onlyFiles.toml

[[rules]]
	description = "flag txt"
	file = '''(.*?)(txt)$'''
	tags = ["key", "extensions"]

trigger.txt






test

results:

{
	"line": "",
	"lineNumber": 1,
	"offender": "Filename/path offender: trigger.txt",
	"commit": "0000000000000000000000000000000000000000",
	"repo": "",
	"repoURL": "",
	"leakURL": "",
	"rule": "flag txt",
	"commitMessage": "",
	"author": "",
	"email": "",
	"file": "vol/trigger.txt",
	"date": "1970-01-01T00:00:00Z",
	"tags": "key, extensions"
}
{
	"line": "",
	"lineNumber": 2,
	"offender": "Filename/path offender: trigger.txt",
	"commit": "0000000000000000000000000000000000000000",
	"repo": "",
	"repoURL": "",
	"leakURL": "",
	"rule": "flag txt",
	"commitMessage": "",
	"author": "",
	"email": "",
	"file": "vol/trigger.txt",
	"date": "1970-01-01T00:00:00Z",
	"tags": "key, extensions"
}
{
	"line": "",
	"lineNumber": 3,
	"offender": "Filename/path offender: trigger.txt",
	"commit": "0000000000000000000000000000000000000000",
	"repo": "",
	"repoURL": "",
	"leakURL": "",
	"rule": "flag txt",
	"commitMessage": "",
	"author": "",
	"email": "",
	"file": "vol/trigger.txt",
	"date": "1970-01-01T00:00:00Z",
	"tags": "key, extensions"
}
{
	"line": "",
	"lineNumber": 4,
	"offender": "Filename/path offender: trigger.txt",
	"commit": "0000000000000000000000000000000000000000",
	"repo": "",
	"repoURL": "",
	"leakURL": "",
	"rule": "flag txt",
	"commitMessage": "",
	"author": "",
	"email": "",
	"file": "vol/trigger.txt",
	"date": "1970-01-01T00:00:00Z",
	"tags": "key, extensions"
}
{
	"line": "",
	"lineNumber": 5,
	"offender": "Filename/path offender: trigger.txt",
	"commit": "0000000000000000000000000000000000000000",
	"repo": "",
	"repoURL": "",
	"leakURL": "",
	"rule": "flag txt",
	"commitMessage": "",
	"author": "",
	"email": "",
	"file": "vol/trigger.txt",
	"date": "1970-01-01T00:00:00Z",
	"tags": "key, extensions"
}
{
	"line": "",
	"lineNumber": 6,
	"offender": "Filename/path offender: trigger.txt",
	"commit": "0000000000000000000000000000000000000000",
	"repo": "",
	"repoURL": "",
	"leakURL": "",
	"rule": "flag txt",
	"commitMessage": "",
	"author": "",
	"email": "",
	"file": "vol/trigger.txt",
	"date": "1970-01-01T00:00:00Z",
	"tags": "key, extensions"
}
INFO[0000] scan time: 512 microseconds                  
WARN[0000] leaks found: 6

@zricethezav
Copy link
Collaborator

Perfect! Thank you.

@zricethezav zricethezav mentioned this issue Dec 5, 2020
Merged
3 tasks
@zricethezav
Copy link
Collaborator

@ramimac fixed in https://github.com/zricethezav/gitleaks/releases/tag/v7.0.2

@ramimac
Copy link
Author

ramimac commented Dec 7, 2020

@zricethezav Thanks for the quick fix, much appreciated! Do you have plans to push 7.0.2 to dockerhub?

@zricethezav
Copy link
Collaborator

@ramimac just pushed! Thanks for the reminder

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zricethezav zricethezav

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ramimac @zricethezav