update filtering

trufflesecurity · dustin-decker · Apr 22, 2024 · Mar 29, 2024 · Mar 29, 2024 · Mar 29, 2024
commit 3fce83e01528b220be6d1ed47863c3f8701ddfdb
@@ -2,11 +2,12 @@ package dotmailer
 
 import (
 	"context"
-	regexp "github.com/wasilibs/go-re2"
 	"net/http"
 	"strings"
 	"time"
 
+	regexp "github.com/wasilibs/go-re2"
+
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
@@ -54,6 +55,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			s1 := detectors.Result{
 				DetectorType: detectorspb.DetectorType_Dotmailer,
 				Raw:          []byte(resMatch),
+				RawV2:        []byte(resMatch + resPassMatch),
 			}
 			if verify {
 				timeout := 10 * time.Second
@@ -68,7 +70,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					defer res.Body.Close()
 					if res.StatusCode >= 200 && res.StatusCode < 300 {
 						s1.Verified = true
-					} 
+					}
 				}
 			}
 			results = append(results, s1)

@@ -111,15 +111,15 @@
 	var filteredResults []Result
 	for _, result := range results {
 		if !result.Verified {
-			if result.RawV2 != nil {
-				if StringShannonEntropy(string(result.RawV2)) >= entropy {
-					filteredResults = append(filteredResults, result)
-				}
-			} else {
+			if result.Raw != nil {
 				if StringShannonEntropy(string(result.Raw)) >= entropy {
 					filteredResults = append(filteredResults, result)
 				}
+			} else {
+				filteredResults = append(filteredResults, result)
 			}
+		} else {
+			filteredResults = append(filteredResults, result)
 		}
 	}
 	return filteredResults
@@ -129,25 +129,26 @@
 func FilterKnownFalsePositives(results []Result, falsePositives []FalsePositive, wordCheck bool) []Result {
 	var filteredResults []Result
 	for _, result := range results {
-		switch result.DetectorType {
-		case detectorspb.DetectorType_CustomRegex:
-			filteredResults = append(filteredResults, result)
-			break
-		case detectorspb.DetectorType_GCP:
-			filteredResults = append(filteredResults, result)
-			break
-		default:
-			if result.RawV2 != nil {
-				if !IsKnownFalsePositive(string(result.RawV2), falsePositives, wordCheck) {
-					filteredResults = append(filteredResults, result)
-				}
-			} else {
-				if !IsKnownFalsePositive(string(result.Raw), falsePositives, wordCheck) {
+		if !result.Verified {
+			switch result.DetectorType {
+			case detectorspb.DetectorType_CustomRegex:
+				filteredResults = append(filteredResults, result)
+				break
+			case detectorspb.DetectorType_GCP:
+				filteredResults = append(filteredResults, result)
+				break
+			default:
+				if result.Raw != nil {
+					if !IsKnownFalsePositive(string(result.Raw), falsePositives, wordCheck) {
+						filteredResults = append(filteredResults, result)
+					}
+				} else {
 					filteredResults = append(filteredResults, result)
 				}
 			}
+		} else {
+			filteredResults = append(filteredResults, result)
 		}
-
 	}
 	return filteredResults
 }