Bugfix/1352 incorrect report multiple lines (#1501)

* fix: add logic to modify endline & endcolumn

* doc: update comment for #1352

* test: adding test file

* chore: updating generic rule

* test: adding test to TestFromFile #1352 & change static viper ConfigName

* chore: remove interim fix for #1352

* fix: adjust matchIndex[1] to fix #1352

* test: adjust expectedFinding in TestFromFiles

* chore: go fmt

* test: rm identification of start/endlineIndex

* fix: rm unused fmt pkg

detect/detect.go

@@ -265,6 +265,10 @@ func (d *Detector) detectRule(fragment Fragment, rule config.Rule) []report.Find
 		// extract secret from match
 		secret := strings.Trim(fragment.Raw[matchIndex[0]:matchIndex[1]], "\n")
 
+		// Fixes: https://github.com/gitleaks/gitleaks/issues/1352
+		// removes the incorrectly following line that was detected by regex expression '\n'
+		matchIndex[1] = matchIndex[0] + len(secret)
+
 		// determine location of match. Note that the location
 		// in the finding will be the line/column numbers of the _match_
 		// not the _secret_, which will be different if the secretGroup

detect/detect_test.go

@@ -603,11 +603,32 @@ func TestFromFiles(t *testing.T) {
 			cfgName:          "simple",
 			expectedFindings: []report.Finding{},
 		},
+		{
+			source:  filepath.Join(repoBasePath, "nogit", ".env.prod"),
+			cfgName: "generic",
+			expectedFindings: []report.Finding{
+				{
+					Description: "Generic API Key",
+					StartLine:   4,
+					EndLine:     4,
+					StartColumn: 5,
+					EndColumn:   35,
+					Match:       "PASSWORD=8ae31cacf141669ddfb5da",
+					Secret:      "8ae31cacf141669ddfb5da",
+					Line:        "\nDB_PASSWORD=8ae31cacf141669ddfb5da",
+					File:        "../testdata/repos/nogit/.env.prod",
+					RuleID:      "generic-api-key",
+					Tags:        []string{},
+					Entropy:     3.5383105,
+					Fingerprint: "../testdata/repos/nogit/.env.prod:generic-api-key:4",
+				},
+			},
+		},
 	}
 
 	for _, tt := range tests {
 		viper.AddConfigPath(configPath)
-		viper.SetConfigName("simple")
+		viper.SetConfigName(tt.cfgName)
 		viper.SetConfigType("toml")
 		err := viper.ReadInConfig()
 		require.NoError(t, err)

detect/location.go

@@ -50,6 +50,7 @@ func location(fragment Fragment, matchIndex []int) Location {
 			location.endColumn = (end - prevNewLine)
 			location.endLineIndex = newLineByteIndex
 		}
+
 		prevNewLine = pair[0]
 	}
 

testdata/config/generic.toml

@@ -3,6 +3,8 @@ title = "gitleaks config"
 [[rules]]
 description = "Generic API Key"
 id = "generic-api-key"
-regex = '''(?i)((key|api|token|secret|password)[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z\-_=]{8,64})['\"]'''
-entropy = 3.7
-secretGroup = 4
+regex = '''(?i)(?:key|api|token|secret|client|passwd|password|auth|access)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-z\-_.=]{10,150})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
+entropy = 3.5
+keywords = [
+    "key","api","token","secret","client","passwd","password","auth","access",
+]

testdata/repos/nogit/.env.prod

@@ -0,0 +1,6 @@
+DB_HOST=example.com
+DB_PORT=443
+DB_USERNAME=postgres
+DB_PASSWORD=8ae31cacf141669ddfb5da
+DB_NAME=best_db
+DB_SSL=true