softreset

Author: babenek

.ci/benchmark.txt

@@ -31,7 +31,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
         with:
           repository: Samsung/CredData
-          ref: d425c1b7600407ca5a82f2379fdc8627d194fb39
+          ref: ceb8cf86e0db95e1f1159cd7b480e80d8188a0bf
 
       - name: Markup hashing
         run: |
@@ -87,7 +87,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
         with:
           repository: Samsung/CredData
-          ref: d425c1b7600407ca5a82f2379fdc8627d194fb39
+          ref: ceb8cf86e0db95e1f1159cd7b480e80d8188a0bf
 
       - name: Markup hashing
         run: |
@@ -190,7 +190,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
         with:
           repository: Samsung/CredData
-          ref: d425c1b7600407ca5a82f2379fdc8627d194fb39
+          ref: ceb8cf86e0db95e1f1159cd7b480e80d8188a0bf
 
       - name: Markup hashing
         run: |
@@ -378,7 +378,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
         with:
           repository: Samsung/CredData
-          ref: d425c1b7600407ca5a82f2379fdc8627d194fb39
+          ref: ceb8cf86e0db95e1f1159cd7b480e80d8188a0bf
 
       - name: Markup hashing
         run: |

.github/workflows/benchmark.yml

@@ -4,22 +4,22 @@
 class KeywordPattern:
     """Pattern set of keyword types"""
     directive = r"(?P<directive>(?:(?:[#%]define|%global)(?:\s|\\t)|\bset))?"
-    key_left = r"(?:\\[nrt]|%[0-9a-f]{2}|\s)*" \
+    key_left = r"(?:\\[nrt]|(\\\\*u00|%)[0-9a-f]{2}|\s)*" \
                r"(?P<variable>(([`'\"]{1,8}[^:='\"`}<>\\/&?]*|[^:='\"`}<>\s()\\/&?;,%]*)" \
                r"(?P<keyword>"
     # there will be inserted a keyword
     key_right = r")" \
                 r"[^%:='\"`<>({?!&;\n]*" \
                 r")" \
-                r"(&(quot|apos);|%[0-9a-f]{2}|[`'\"])*" \
+                r"(&(quot|apos);|(\\\\*u00|%)[0-9a-f]{2}|[`'\"])*" \
                 r")"  # <variable>
     separator = r"(?(directive)|(\s|\\{1,8}[tnr])*\]?(\s|\\{1,8}[tnr])*)" \
                 r"(?P<separator>:(\s[a-z]{3,9}[?]?\s)?=|:(?!:)|=(>|&gt;|(\\\\*u00|%)26gt;)|!==|!=|===|==|=~|=" \
                 r"|(?(directive)(\\t|\s|\((?!\))){1,80}|%3d))" \
                 r"(\s|\\{1,8}[tnr])*"
     # might be curly, square or parenthesis with words before
     wrap = r"(?P<wrap>(" \
-           r"(new(\s|\\{1,8}[tnr]|byte|char|string|\[\]){1,8})?" \
+           r"((\s|\\{1,8}[tnr]|new|byte|char|string|\[\]){1,8})?" \
            r"(?P<get>([_a-z][0-9a-z_.\[\]]*\.)get|(os\.)?getenv)?" \
            r"([0-9a-z_.]|::|-(>|&gt;))*" \
            r"\s*" \

credsweeper/common/keyword_pattern.py

@@ -58,13 +58,13 @@ def get_keyword_base_filters(config: Config) -> List[Filter]:
             ValueTokenCheck(),
         ]
         if not config.doc:
-            filters.extend([ValuePatternCheck(pattern_len=config.pattern_len), ValueNotAllowedPatternCheck()])
+            filters.extend([ValuePatternCheck(config), ValueNotAllowedPatternCheck()])
         return filters
 
     @staticmethod
     def get_pattern_base_filters(config: Config) -> List[Filter]:
         """return base filters for pattern"""
         return [  #
             LineSpecificKeyCheck(),  #
-            ValuePatternCheck(pattern_len=config.pattern_len),  #
+            ValuePatternCheck(config),  #
         ]

credsweeper/filters/group/group.py

@@ -14,7 +14,7 @@ class ValueArrayDictionaryCheck(Filter):
         `token = {'root'}` would be kept
     """
 
-    PATTERN = re.compile(r"\[('|\")?[^,]+('|\")?\]")
+    PATTERN = re.compile(r"\[['\"]?[^,]+['\"]?]")
 
     def __init__(self, config: Config = None) -> None:
         pass
@@ -32,11 +32,12 @@ def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
         """
         if line_data.is_well_quoted_value:
             return False
+        # not well quoted value
         if line_data.wrap and "byte" in line_data.wrap.lower():
             return False
         if self.PATTERN.search(line_data.value):
             return True
-        if line_data.wrap and not line_data.is_well_quoted_value and ('[' in line_data.wrap or '(' in line_data.wrap):
+        if line_data.wrap and (line_data.wrap.endswith('[') or line_data.wrap.endswith('(')):
             return True
 
         return False

credsweeper/filters/value_array_dictionary_check.py

@@ -1,11 +1,14 @@
 import re
+from typing import Optional
 
-from credsweeper.common.constants import DEFAULT_PATTERN_LEN
+from credsweeper.common.constants import DEFAULT_PATTERN_LEN, MAX_LINE_LENGTH
 from credsweeper.config.config import Config
 from credsweeper.credentials.line_data import LineData
 from credsweeper.file_handler.analysis_target import AnalysisTarget
 from credsweeper.filters.filter import Filter
 
+MAX_PATTERN_LENGTH = int(MAX_LINE_LENGTH).bit_length()  # maximal value length might be 8000
+
 
 class ValuePatternCheck(Filter):
     """Check if candidate value contain specific pattern.
@@ -22,36 +25,55 @@ class ValuePatternCheck(Filter):
     Default pattern LEN is 4
     """
 
-    def __init__(self, config: Config = None, pattern_len: int = DEFAULT_PATTERN_LEN):
+    default_patterns = list(
+        re.compile(fr"(\S)\1{{{str(x - 1) if DEFAULT_PATTERN_LEN < x else '3'},}}")
+        for x in range(MAX_PATTERN_LENGTH + 1))
+    various_pattern_lengths = list(x if DEFAULT_PATTERN_LEN < x else DEFAULT_PATTERN_LEN
+                                   for x in range(MAX_PATTERN_LENGTH + 1))
+
+    def __init__(self, config: Config = None, pattern_len: Optional[int] = None):
         """Create ValuePatternCheck with a specific pattern_len to check.
 
         Args:
             config: pattern len to use during check. DEFAULT_PATTERN_LEN by default
+            pattern_len: size of constant pattern length for any value size or None for dynamic pattern size
 
         """
-        self.pattern_len = pattern_len
-        # use non whitespace symbol pattern
-        self.pattern = re.compile(fr"(\S)\1{{{str(self.pattern_len - 1)},}}")
+        if pattern_len is None:
+            self.pattern_len = -1
+            # pattern length depends on value length
+            self.pattern_lengths = ValuePatternCheck.various_pattern_lengths
+            self.patterns = ValuePatternCheck.default_patterns
+        elif isinstance(pattern_len, int) and DEFAULT_PATTERN_LEN <= pattern_len:
+            self.pattern_len = pattern_len
+            # constant pattern for any value length
+            pattern = re.compile(fr"(\S)\1{{{str(pattern_len - 1)},}}")
+            self.pattern_lengths = list(pattern_len for _ in range(MAX_PATTERN_LENGTH + 1))
+            self.patterns = list(pattern for _ in range(MAX_PATTERN_LENGTH + 1))
+        else:
+            raise ValueError(f"Wrong type of pattern length {type(pattern_len)} = {repr(pattern_len)}")
 
-    def equal_pattern_check(self, value: str) -> bool:
+    def equal_pattern_check(self, value: str, bit_length: int) -> bool:
         """Check if candidate value contain 4 and more same chars or numbers sequences.
 
         Args:
             value: string variable, credential candidate value
+            bit_length: speedup for len(value).bit_length()
 
         Return:
             True if contain and False if not
 
         """
-        if self.pattern.findall(value):
+        if self.patterns[bit_length].findall(value):
             return True
         return False
 
-    def ascending_pattern_check(self, value: str) -> bool:
+    def ascending_pattern_check(self, value: str, bit_length: int) -> bool:
         """Check if candidate value contain 4 and more ascending chars or numbers sequences.
 
         Arg:
             value: credential candidate value
+            bit_length: speedup for len(value).bit_length()
 
         Return:
             True if contain and False if not
@@ -64,15 +86,16 @@ def ascending_pattern_check(self, value: str) -> bool:
             else:
                 count = 1
                 continue
-            if count == self.pattern_len:
+            if count == self.pattern_lengths[bit_length]:
                 return True
         return False
 
-    def descending_pattern_check(self, value: str) -> bool:
+    def descending_pattern_check(self, value: str, bit_length: int) -> bool:
         """Check if candidate value contain 4 and more descending chars or numbers sequences.
 
         Arg:
             value: string variable, credential candidate value
+            bit_length: speedup for len(value).bit_length()
 
         Return:
             boolean variable. True if contain and False if not
@@ -85,59 +108,44 @@ def descending_pattern_check(self, value: str) -> bool:
             else:
                 count = 1
                 continue
-            if count == self.pattern_len:
+            if count == self.pattern_lengths[bit_length]:
                 return True
         return False
 
-    def check_val(self, value: str) -> bool:
+    def check_val(self, value: str, bit_length: int) -> bool:
         """Cumulative value check.
 
         Arg:
             value: string variable, credential candidate value
+            bit_length: speedup for len(value).bit_length()
 
         Return:
             boolean variable. True if contain and False if not
 
         """
-        if self.equal_pattern_check(value):
+        if self.equal_pattern_check(value, bit_length):
             return True
-        if self.ascending_pattern_check(value):
+        if self.ascending_pattern_check(value, bit_length):
             return True
-        if self.descending_pattern_check(value):
+        if self.descending_pattern_check(value, bit_length):
             return True
         return False
 
-    def duple_pattern_check(self, value: str) -> bool:
+    def duple_pattern_check(self, value: str, bit_length: int) -> bool:
         """Check if candidate value is a duplet value with possible patterns.
 
         Arg:
             value: string variable, credential candidate value
+            bit_length: speedup for len(value).bit_length()
 
         Return:
             boolean variable. True if contain and False if not
 
         """
-        # 001122334455... case
-        pair_duple = True
-        # 0102030405... case
-        even_duple = True
-        even_prev = value[0]
         even_value = value[0::2]
-        # 1020304050... case
-        odd_duple = True
-        odd_prev = value[1]
         odd_value = value[1::2]
-        for even_i, odd_i in zip(even_value, odd_value):
-            pair_duple &= even_i == odd_i
-            even_duple &= even_i == even_prev
-            odd_duple &= odd_i == odd_prev
-            if not pair_duple and not even_duple and not odd_duple:
-                break
-        else:
-            if pair_duple or odd_duple:
-                return self.check_val(even_value)
-            if even_duple:
-                return self.check_val(odd_value)
+        if self.check_val(even_value, bit_length) and self.check_val(odd_value, bit_length):
+            return True
         return False
 
     def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
@@ -151,13 +159,22 @@ def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
             boolean variable. True, if need to filter candidate and False if left
 
         """
-        if len(line_data.value) < self.pattern_len:
+        value_length = len(line_data.value)
+        bit_length = max(DEFAULT_PATTERN_LEN, value_length.bit_length())
+
+        if MAX_PATTERN_LENGTH < bit_length:
+            # huge values may contain anything
+            return False
+
+        if 0 <= value_length < self.pattern_len or value_length < self.pattern_lengths[bit_length]:
+            # too short value
             return True
 
-        if self.check_val(line_data.value):
+        if self.check_val(line_data.value, bit_length):
             return True
 
-        if 2 * self.pattern_len <= len(line_data.value) and self.duple_pattern_check(line_data.value):
+        if 2 * self.pattern_lengths[bit_length] <= value_length \
+                and self.duple_pattern_check(line_data.value, bit_length):
             return True
 
         return False

credsweeper/filters/value_pattern_check.py

@@ -23,7 +23,8 @@ class ValueStringTypeCheck(Filter):
     False otherwise
     """
 
-    MULTIBYTE_PATTERN = re.compile(r"(\s*(0x)?[0-9a-f]{1,3}\s*,){8,80}", flags=re.IGNORECASE)
+    MULTIBYTE_PATTERN = re.compile(r"((0x)?[0-9a-f]{1,16}[UL]*)(\s*,\s*((0x)?[0-9a-f]{1,16}[UL]*)){3}",
+                                   flags=re.IGNORECASE)
 
     def __init__(self, config: Config) -> None:
         self.check_for_literals = config.check_for_literals
@@ -42,7 +43,7 @@ def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
         if not self.check_for_literals or line_data.url_part:
             return False
 
-        if ValueStringTypeCheck.MULTIBYTE_PATTERN.match(line_data.value):
+        if ValueStringTypeCheck.MULTIBYTE_PATTERN.search(line_data.value):
             return False
 
         if line_data.is_source_file_with_quotes() \

credsweeper/filters/value_string_type_check.py

@@ -17,7 +17,7 @@ class ValueTokenCheck(Filter):
 
     """
 
-    SPLIT_PATTERN = r"(?<!,) (?!,)|;|\)|\(|{|}|<|>|\[|\]|`"
+    SPLIT_PATTERN = re.compile(r"(?<!\W) (?!\W)|[;(){}<>[\]`]")
 
     def __init__(self, config: Config = None) -> None:
         pass