Skip to content

Commit a5e0032

Browse files
authored
added shannon entropy check in accuweather detector (#4096)
1 parent 94d5061 commit a5e0032

File tree

2 files changed

+24
-13
lines changed

2 files changed

+24
-13
lines changed

pkg/detectors/accuweather/accuweather.go

Lines changed: 16 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,6 @@ import (
44
"context"
55
"fmt"
66
"net/http"
7-
"strings"
87

98
regexp "github.com/wasilibs/go-re2"
109

@@ -18,6 +17,7 @@ type Scanner struct {
1817
}
1918

2019
const accuweatherURL = "https://dataservice.accuweather.com"
20+
const requiredShannonEntropy = 4
2121

2222
var (
2323
// Ensure the Scanner satisfies the interface at compile time.
@@ -46,21 +46,26 @@ func (s Scanner) getClient() *http.Client {
4646
func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (results []detectors.Result, err error) {
4747
dataStr := string(data)
4848

49-
matches := keyPat.FindAllStringSubmatch(dataStr, -1)
50-
51-
for _, match := range matches {
52-
resMatch := strings.TrimSpace(match[1])
49+
matches := make(map[string]struct{})
50+
for _, match := range keyPat.FindAllStringSubmatch(dataStr, -1) {
51+
k := match[1]
52+
if detectors.StringShannonEntropy(k) < requiredShannonEntropy {
53+
continue
54+
}
55+
matches[k] = struct{}{}
56+
}
5357

58+
for key := range matches {
5459
s1 := detectors.Result{
5560
DetectorType: detectorspb.DetectorType_Accuweather,
56-
Raw: []byte(resMatch),
61+
Raw: []byte(key),
5762
}
5863

5964
if verify {
6065
client := s.getClient()
61-
isVerified, verificationErr := verifyAccuweather(ctx, client, resMatch)
66+
isVerified, verificationErr := verifyAccuweather(ctx, client, key)
6267
s1.Verified = isVerified
63-
s1.SetVerificationError(verificationErr, resMatch)
68+
s1.SetVerificationError(verificationErr, key)
6469
}
6570

6671
results = append(results, s1)
@@ -69,8 +74,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
6974
return results, nil
7075
}
7176

72-
func verifyAccuweather(ctx context.Context, client *http.Client, resMatch string) (bool, error) {
73-
req, err := http.NewRequestWithContext(ctx, http.MethodGet, accuweatherURL+"/locations/v1/cities/autocomplete?apikey="+resMatch+"&q=----&language=en-us", nil)
77+
func verifyAccuweather(ctx context.Context, client *http.Client, key string) (bool, error) {
78+
req, err := http.NewRequestWithContext(ctx, http.MethodGet, accuweatherURL+"/locations/v1/cities/autocomplete?apikey="+key+"&q=----&language=en-us", nil)
7479
if err != nil {
7580
return false, err
7681
}
@@ -97,5 +102,5 @@ func (s Scanner) Type() detectorspb.DetectorType {
97102
}
98103

99104
func (s Scanner) Description() string {
100-
return "Accuweather is a weather forecasting service. Accuweather API keys can be used to access weather data and forecasts."
105+
return "AccuWeather is a weather forecasting service. AccuWeather API keys can be used to access weather data and forecasts."
101106
}

pkg/detectors/accuweather/accuweather_test.go

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,9 @@ import (
1212
)
1313

1414
var (
15-
validPattern = "dqftwc490oPc%xae67sBSF741M56%sd091a"
16-
invalidPattern = "dqftwc490oPc%xae67sBSF741M56=sd091a"
15+
validPattern = "DqFtwc490oPc%xaE67sBSF741M56%sd091A"
16+
invalidPattern = "DqFtwc490oPc%xaE67sBSF741M56=sd091A"
17+
validPatternLowEntropy = "DsFtwfaEsAPS%eaEsaESEsFesfMsfMsDmdA"
1718
)
1819

1920
func TestAccuWeather_Pattern(t *testing.T) {
@@ -40,6 +41,11 @@ func TestAccuWeather_Pattern(t *testing.T) {
4041
input: fmt.Sprintf("accuweather = '%s'", invalidPattern),
4142
want: nil,
4243
},
44+
{
45+
name: "valid pattern - Shannon entropy below threshold",
46+
input: fmt.Sprintf("accuweather = '%s'", validPatternLowEntropy),
47+
want: nil,
48+
},
4349
}
4450

4551
for _, test := range tests {

0 commit comments

Comments
 (0)