Skip to content

Commit

Permalink
RustyHog: improve description and file_path
Browse files Browse the repository at this point in the history
  • Loading branch information
@valentijnscholten
valentijnscholten committed Dec 17, 2024
1 parent 9212626 commit d839ec0
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 11 deletions.
18 changes: 9 additions & 9 deletions dojo/tools/rusty_hog/parser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,16 +77,16 @@ def __getitem(self, vulnerabilities, scanner):
cwe = 200
for vulnerability in vulnerabilities:
description =""

Check failure on line 79 in dojo/tools/rusty_hog/parser.py

View workflow job for this annotation

GitHub Actions / ruff-linting

Ruff (E225) 

dojo/tools/rusty_hog/parser.py:79:25: E225 Missing whitespace around operator
if vulnerability.get("Reason") is not None:
if vulnerability.get("reason") is not None:
description += "\n**Reason:** {}".format(
vulnerability.get("reason"),
)
if scanner == "Rusty Hog":
break
if scanner == "Choctaw Hog":
"""Choctaw Hog"""
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or '')

Check failure on line 88 in dojo/tools/rusty_hog/parser.py

View workflow job for this annotation

GitHub Actions / ruff-linting

Ruff (Q000) 

dojo/tools/rusty_hog/parser.py:88:80: Q000 Single quotes found but double quotes preferred
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("commit") is not None:
description += "\n**Commit message:** {}".format(
vulnerability.get("commit"),
Expand Down Expand Up @@ -121,8 +121,8 @@ def __getitem(self, vulnerabilities, scanner):
)
elif scanner == "Duroc Hog":
"""Duroc Hog"""
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or '')

Check failure on line 124 in dojo/tools/rusty_hog/parser.py

View workflow job for this annotation

GitHub Actions / ruff-linting

Ruff (Q000) 

dojo/tools/rusty_hog/parser.py:124:80: Q000 Single quotes found but double quotes preferred
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("path") is not None:
description += "\n**Path of Issue:** {}".format(
vulnerability.get("path"),
Expand All @@ -137,8 +137,8 @@ def __getitem(self, vulnerabilities, scanner):
)
elif scanner == "Gottingen Hog":
"""Gottingen Hog"""
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or '')

Check failure on line 140 in dojo/tools/rusty_hog/parser.py

View workflow job for this annotation

GitHub Actions / ruff-linting

Ruff (Q000) 

dojo/tools/rusty_hog/parser.py:140:80: Q000 Single quotes found but double quotes preferred
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("issue_id") is not None:
description += "\n**JIRA Issue ID:** {}".format(
vulnerability.get("issue_id"),
Expand All @@ -152,8 +152,8 @@ def __getitem(self, vulnerabilities, scanner):
vulnerability.get("url"), vulnerability.get("url"),
)
elif scanner == "Essex Hog":
found_secret_string = vulnerability.get("stringsFound")
description = f"**This string was found:** {found_secret_string}"
found_secret_string = str(vulnerability.get("stringsFound") or '')

Check failure on line 155 in dojo/tools/rusty_hog/parser.py

View workflow job for this annotation

GitHub Actions / ruff-linting

Ruff (Q000) 

dojo/tools/rusty_hog/parser.py:155:80: Q000 Single quotes found but double quotes preferred
description += f"**This string was found:** {found_secret_string}"
if vulnerability.get("page_id") is not None:
description += "\n**Confluence URL:** [{}]({})".format(
vulnerability.get("url"), vulnerability.get("url"),
Expand Down
4 changes: 2 additions & 2 deletions unittests/tools/test_rusty_hog_parser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,8 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog(self):
findings = parser.get_items(testfile, "Essex Hog", Test())
self.assertEqual(3, len(findings))
self.assertEqual("https://confluence.com/pages/viewpage.action?pageId=12345", findings[0].file_path)
self.assertEqual("-----BEGIN EC PRIVATE KEY-----", findings[0].payload)
self.assertEqual("*Reason:**SSH (EC) private key", findings[0].description[:30])
self.assertEqual("['-----BEGIN EC PRIVATE KEY-----']", findings[0].payload)
self.assertEqual("**Reason:** SSH (EC) private key", findings[0].description[:32])

def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog_content(self):
with open("unittests/scans/rusty_hog/essexhog_many_vulns.json", encoding="utf-8") as testfile:
Expand Down

0 comments on commit d839ec0

Please sign in to comment.