Removed ghp false positive

rohitcoder · rohitcoder · commit c873e1cb14b3 · 2024-08-24T01:30:42.000+05:30
diff --git a/src/scans/tools/secret_tool.rs b/src/scans/tools/secret_tool.rs
@@ -90,18 +90,22 @@ impl SecretTool {
             if json_output["SourceMetadata"]["Data"]["Filesystem"]["file"]
                 .as_str()
                 .unwrap()
-                .contains(".git/config")
+                .contains(".git/")
             {
-                println!("[+] Skipping .git/config file...");
+                println!("[+] Skipping .git/ file...");
                 continue;
             }
-            // if "Raw" is in json_output and not null then check if it contains environment variables
+            // Check if "Raw" is in json_output and not null
             if json_output["Raw"].is_string() && !json_output["Raw"].is_null() {
-                if count_env_variables(&json_output["Raw"].as_str().unwrap()) > 0 {
+                // Clone the string to create an owned String, extending its lifetime
+                let raw_value = json_output["Raw"].as_str().unwrap().to_string();
+
+                // Check if it contains environment variables
+                if count_env_variables(&raw_value) > 0 {
                     continue;
                 }
             }
-            results.push(json_output);
+            results.push(json_output.clone());
         }
         // ## iterate into each results and implement checks for specific DetectorName
         let mut new_results: Vec<Value> = Vec::new();

Original file line number	Diff line number	Diff line change
`@@ -90,18 +90,22 @@ impl SecretTool {`
`90`	`90`	`if json_output["SourceMetadata"]["Data"]["Filesystem"]["file"]`
`91`	`91`	`.as_str()`
`92`	`92`	`.unwrap()`
`93`		`- .contains(".git/config")`
	`93`	`+ .contains(".git/")`
`94`	`94`	`{`
`95`		`- println!("[+] Skipping .git/config file...");`
	`95`	`+ println!("[+] Skipping .git/ file...");`
`96`	`96`	`continue;`
`97`	`97`	`}`
`98`		`- // if "Raw" is in json_output and not null then check if it contains environment variables`
	`98`	`+ // Check if "Raw" is in json_output and not null`
`99`	`99`	`if json_output["Raw"].is_string() && !json_output["Raw"].is_null() {`
`100`		`- if count_env_variables(&json_output["Raw"].as_str().unwrap()) > 0 {`
	`100`	`+ // Clone the string to create an owned String, extending its lifetime`
	`101`	`+ let raw_value = json_output["Raw"].as_str().unwrap().to_string();`
	`102`	`+`
	`103`	`+ // Check if it contains environment variables`
	`104`	`+ if count_env_variables(&raw_value) > 0 {`
`101`	`105`	`continue;`
`102`	`106`	`}`
`103`	`107`	`}`
`104`		`- results.push(json_output);`
	`108`	`+ results.push(json_output.clone());`
`105`	`109`	`}`
`106`	`110`	`// ## iterate into each results and implement checks for specific DetectorName`
`107`	`111`	`let mut new_results: Vec<Value> = Vec::new();`