Finding sometimes is incorrectly reported to span multiple lines
m1cm1c opened this issue · comments
Describe the bug
Sometimes, the reported start and end lines are different even though the end line has nothing to do with the finding
To Reproduce
- Create a new directory containing only a single file (
.env.prod
) with the following content:
DB_HOST=example.com
DB_PORT=443
DB_USERNAME=postgres
DB_PASSWORD=8ae31cacf141669ddfb5da
DB_NAME=best_db
DB_SSL=true
- Run
gitleaks detect --no-git --report-path o
- In
o
, you will find the following report:
[
{
"Description": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.",
"StartLine": 4,
"EndLine": 5,
"StartColumn": 5,
"EndColumn": 1,
"Match": "PASSWORD=8ae31cacf141669ddfb5da",
"Secret": "8ae31cacf141669ddfb5da",
"File": ".env.prod",
"SymlinkFile": "",
"Commit": "",
"Entropy": 3.5383105,
"Author": "",
"Email": "",
"Date": "",
"Message": "",
"Tags": [],
"RuleID": "generic-api-key",
"Fingerprint": ".env.prod:generic-api-key:4"
}
]
Expected behavior
The start line is correct. However, the start column already is wrong because start column 5 means that the finding is
SSWORD=8ae31cacf141669ddfb5da
DB
if columns are 0-indexed and
ASSWORD=8ae31cacf141669ddfb5da
D
if columns are 1-indexed.
However, what really seems very wrong is the jump into line 5 because DB_NAME
has nothing to do with the password.
Screenshots
If applicable, add screenshots to help explain your problem.
Basic Info (please complete the following information):
- OS: Manjaro
- Gitleaks Version: 8.18.2
cc @zricethezav
@m1cm1c thanks for raising this issue. I'm able to reproduce it but don't have a solution right now. If a community member wants to investigate that would be great, if not, then I'll get to it eventually.