whispers icon indicating copy to clipboard operation
whispers copied to clipboard

Published 20 hours ago verified publisher icon Skyscanner

Values starting with $ are not detected

Open erwinc1 opened this issue 2 years ago • 4 comments

Let's say I have a file that contains:

password: $ecret And I use the following rule:

password:
  description: Variable names referring to passwords
  message: Password
  severity: CRITICAL
  key:
    regex: ^\S*(passwords?|passwd|pass|pwd)_?(hash)?[0-9]*$
    ignorecase: True
    isAscii: True
  value:
    isUri: False

Why does it not detect $secret? If it's s$cret it will be detected.

erwinc1 avatar Apr 26 '22 12:04 erwinc1

Oh, also, if you have a value that contains € (i.e. s€cret). The output will be {"key": "password", "value": "s?cret", "file": "testfile.yml", "line": 1, "rule_id": "password", "message": "Password", "severity": "CRITICAL"}

The Euro sign is not displayed properly.

erwinc1 avatar Apr 26 '22 12:04 erwinc1

Hey @erwinc1, that's a good one, thanks for reporting! Which version of whispers are you using?

adeptex avatar Apr 28 '22 16:04 adeptex

Version 2.0.5. @adeptex

erwinc1 avatar Apr 28 '22 16:04 erwinc1

Hey @erwinc1, this issue is addressed in 2.0.6 - https://github.com/adeptex/whispers

$ whispers -v           
2.0.6
$ whispers /tmp/test.yml 
{"key": "password", "value": "$ecret", "file": "/tmp/test.yml", "line": 1, "rule_id": "password", "message": "Password", "severity": "CRITICAL"}
{"key": "passwd2", "value": "s\u20accret", "file": "/tmp/test.yml", "line": 2, "rule_id": "password", "message": "Password", "severity": "CRITICAL"}

"value": "s\u20accret" is how Python serializes JSON..nothing to be done here, I think. Nevertheless, you could use human-readable format:

$ whispers -H /tmp/test.yml
[/tmp/test.yml:1:passwords:password:CRITICAL] password = $ecret
[/tmp/test.yml:2:passwords:password:CRITICAL] passwd2 = s€cret

Hope this helps.. Cheers

adeptex avatar May 12 '22 20:05 adeptex