Halaman utama Jelajahi Bantuan
Masuk
LBP
/
gitleaks
cermin dari https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Berkas Masalah 0 Wiki
Jelajahi Sumber

fix(aws-access-token): only match if correct length (#1584)

Previously, the rule matched for any long string
containing e.g. ASIA, ACCA somewhere,
as long as the next 16 chars were also uppercase letters.

This change checks for word boundaries before and after the secret.

Also the prefix (AKIA|ASIA|...) was moved from the non-capturing group
into the secret matching group,
since it is part of the token

fix(aws-access-token): non-capture for prefix

Review findings https://github.com/gitleaks/gitleaks/pull/1584/files#r1807793907
Ben-grmbl 1 tahun lalu
induk
b6e0eeeb0a
melakukan
a158e4fc15
2 mengubah file dengan 18 tambahan dan 11 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 17 10
      cmd/generate/config/rules/aws.go
  2. 1 1
      config/gitleaks.toml

File diff ditekan karena terlalu besar
+ 17 - 10
cmd/generate/config/rules/aws.go


+ 1 - 1
config/gitleaks.toml
Tampilan Berkas 

@@ -153,7 +153,7 @@ keywords = [
 
 [[rules]]
 
 id = "aws-access-token"
 
 description = "Identified a pattern that may indicate AWS credentials, risking unauthorized cloud resource access and data breaches on AWS platforms."
 
-regex = '''(?:A3T[A-Z0-9]|AKIA|ASIA|ABIA|ACCA)[A-Z0-9]{16}'''
 
+regex = '''\b((?:A3T[A-Z0-9]|AKIA|ASIA|ABIA|ACCA)[A-Z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
 
 entropy = 3
 
 keywords = [
 
     "a3t",

Beberapa file tidak ditampilkan karena terlalu banyak file yang berubah dalam diff ini