Excerpt extracted from yaml rule using yaml path is not correct. #511

ismadirolas · 2022-10-11T10:09:54Z

Describe the bug
Using a rule with yamlpath, the excerpt returned inside match is always the beginning of the file.

To Reproduce
With file:

test:
  test1:
    - something
    - other
  test2: true
  test3:
    test:
      other:
        - other1:
          property1: 1
          property2: 2
      tested: ok

Using rule:

   [
    {
      "name": "Yaml test",
      "id": "00000001",
      "applies_to_file_regex": [
        "test.yml"
      ],
      "tags": [
        "MyTest"
      ],
      "severity": "moderate",
      "patterns": [
        {
          "pattern": "ok",
          "ymlpaths": ["/test/test3/test/tested"],
          "type": "string",
          "scopes": [
            "code"
          ],
          "modifiers": [
            "m"
          ],
          "confidence": "high"
        }
      ]
    }
]

The match returned:

      {
        "ruleId": "00000001",
        "ruleName": "Yaml test",
        "ruleDescription": "",
        "tags": [
          "MyTest"
        ],
        "severity": "Moderate",
        "pattern": "ok",
        "confidence": "High",
        "type": "String",
        "language": "yaml",
        "fileName": "./paas/config_paas/test.yml",
        "sample": "te",
        "excerpt": "test:\n  test1:\n    - something\n    - other\n",
        "startLocationLine": 1,
        "startLocationColumn": 0,
        "endLocationLine": 1,
        "endLocationColumn": 2
      }

Note that "test:\n test1:\n - something\n - other\n" doesn't even contains the matched string.

Expected behavior
As with the other rules, the excerpt should contains the matched string, and lines before and after the match.

Operating Environment (please complete the following information):

Application Inspector Version: 1.6.19
OS: Linux Ubuntu 22.04

The text was updated successfully, but these errors were encountered:

gfs · 2022-10-11T21:58:30Z

Thanks for the report. I can confirm there's an issue. It looks like the appropriate offset for the start of the actual match (ok in th is case) is not being added to the index of the yml element. I think this will be an easy fix.

Fixes #511. AI was not appropriately adjusting the Index of the pattern match by the index of the yaml element like it did for XML and JSON. Adds a new test case to ensure the index matched is correct using sample from the linked bug.

gfs · 2022-10-11T22:33:39Z

Fixed coded and tests are running on the PR now. I've added a better test case based on your bug report sample to ensure that the Index of the found match is correct going forward.

* Fix #511 Fixes #511. AI was not appropriately adjusting the Index of the pattern match by the index of the yaml element like it did for XML and JSON. Adds a new test case to ensure the index matched is correct using sample from the linked bug. * Support multiple Yaml documents in a single file. Check all documents listed in the stream rather than just the first.

ismadirolas added the bug Something isn't working label Oct 11, 2022

gfs mentioned this issue Oct 11, 2022

Fix #511 #512

Merged

gfs closed this as completed in #512 Oct 11, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Excerpt extracted from yaml rule using yaml path is not correct. #511

Excerpt extracted from yaml rule using yaml path is not correct. #511

ismadirolas commented Oct 11, 2022 •

edited

Loading

gfs commented Oct 11, 2022 •

edited

Loading

gfs commented Oct 11, 2022

Excerpt extracted from yaml rule using yaml path is not correct. #511

Excerpt extracted from yaml rule using yaml path is not correct. #511

Comments

ismadirolas commented Oct 11, 2022 • edited Loading

gfs commented Oct 11, 2022 • edited Loading

gfs commented Oct 11, 2022

ismadirolas commented Oct 11, 2022 •

edited

Loading

gfs commented Oct 11, 2022 •

edited

Loading