chore(asm): iast remove trailing slash from non full path in vulnerability report (#5528)

gnufede · web-flow · commit d4343d340b48 · 2023-04-12T15:41:16.000Z
IAST: Removes misleading trailing slash appearing on non-full path vulnerability reports ## Checklist - [x] Change(s) are motivated and described in the PR description. - [x] Testing strategy is described if automated tests are not included in the PR. - [x] Risk is outlined (performance impact, potential for breakage, maintainability, etc). - [x] Change is maintainable (easy to change, telemetry, documentation). - [x] [Library release note guidelines](https://ddtrace.readthedocs.io/en/stable/contributing.html#Release-Note-Guidelines) are followed. - [x] Documentation is included (in-code, generated user docs, [public corp docs](https://github.com/DataDog/documentation/)). - [x] PR description includes explicit acknowledgement/acceptance of the performance implications of this PR as reported in the benchmarks PR comment. ## Reviewer Checklist - [ ] Title is accurate. - [ ] No unnecessary changes are introduced. - [ ] Description motivates each change. - [ ] Avoids breaking [API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces) changes unless absolutely necessary. - [ ] Testing strategy adequately addresses listed risk(s). - [ ] Change is maintainable (easy to change, telemetry, documentation). - [ ] Release note makes sense to a user of the library. - [ ] Reviewer has explicitly acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment.
diff --git a/ddtrace/appsec/iast/taint_sinks/_base.py b/ddtrace/appsec/iast/taint_sinks/_base.py
@@ -74,7 +74,7 @@ def report(cls, evidence_value="", sources=None):
 
                 # Remove CWD prefix
                 if file_name.startswith(CWD):
-                    file_name = file_name[len(CWD) :]
+                    file_name = os.path.relpath(file_name, start=CWD)
 
                 if isinstance(evidence_value, (str, bytes, bytearray)):
                     evidence = Evidence(value=evidence_value)
diff --git a/tests/appsec/iast/test_weak_cipher.py b/tests/appsec/iast/test_weak_cipher.py
@@ -11,7 +11,7 @@
 from tests.appsec.iast.fixtures.weak_algorithms import cryptography_algorithm
 
 
-FIXTURES_PATH = "/tests/appsec/iast/fixtures/weak_algorithms.py"
+FIXTURES_PATH = "tests/appsec/iast/fixtures/weak_algorithms.py"
 
 
 @pytest.mark.parametrize(
diff --git a/tests/appsec/iast/test_weak_hash.py b/tests/appsec/iast/test_weak_hash.py
@@ -10,8 +10,8 @@
 from tests.appsec.iast.fixtures.weak_algorithms import parametrized_week_hash
 
 
-WEAK_ALGOS_FIXTURES_PATH = "/tests/appsec/iast/fixtures/weak_algorithms.py"
-WEAK_HASH_FIXTURES_PATH = "/tests/appsec/iast/test_weak_hash.py"
+WEAK_ALGOS_FIXTURES_PATH = "tests/appsec/iast/fixtures/weak_algorithms.py"
+WEAK_HASH_FIXTURES_PATH = "tests/appsec/iast/test_weak_hash.py"
 
 
 @pytest.mark.parametrize(
