PyPI - credsweeper - Versions diffs - 1.12.2__tar.gz → 1.13.1__tar.gz - Mend

credsweeper 1.12.2tar.gz → 1.13.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of credsweeper might be problematic. Click here for more details.

Files changed (165) hide show

{credsweeper-1.12.2 → credsweeper-1.13.1}/.gitignore RENAMED Viewed

@@ -149,3 +149,5 @@ fuzz/corpus/*
 # experiment result and data
 /experiment/results/*
 /experiment/data/*
+*.out

{credsweeper-1.12.2 → credsweeper-1.13.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: credsweeper
-Version: 1.12.2
+Version: 1.13.1
 Summary: Credential Sweeper
 Project-URL: Homepage, https://github.com/Samsung/CredSweeper
 Project-URL: Bug Tracker, https://github.com/Samsung/CredSweeper/issues
@@ -10,13 +10,12 @@ Classifier: License :: OSI Approved :: MIT License
 Classifier: Operating System :: OS Independent
 Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3 :: Only
-Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Topic :: Security
 Classifier: Topic :: Software Development :: Quality Assurance
-Requires-Python: >=3.9
+Requires-Python: >=3.10
 Requires-Dist: base58
 Requires-Dist: beautifulsoup4>=4.11.0
 Requires-Dist: colorama
@@ -24,10 +23,10 @@ Requires-Dist: cryptography
 Requires-Dist: gitpython
 Requires-Dist: humanfriendly
 Requires-Dist: lxml
-Requires-Dist: numpy<2.0.0
+Requires-Dist: numpy
 Requires-Dist: odfpy
-Requires-Dist: onnxruntime; platform_system != 'Windows'
-Requires-Dist: onnxruntime==1.19.2; platform_system == 'Windows'
+Requires-Dist: onnxruntime; platform_system != 'Windows' or python_version != '3.12'
+Requires-Dist: onnxruntime==1.19.2; platform_system == 'Windows' and python_version == '3.12'
 Requires-Dist: openpyxl
 Requires-Dist: pandas
 Requires-Dist: pdfminer-six
@@ -38,6 +37,7 @@ Requires-Dist: python-docx
 Requires-Dist: python-pptx
 Requires-Dist: pyyaml
 Requires-Dist: rpmfile
+Requires-Dist: striprtf
 Requires-Dist: whatthepatch
 Requires-Dist: xlrd
 Description-Content-Type: text/markdown
@@ -90,7 +90,7 @@ Full documentation can be found here: <https://credsweeper.readthedocs.io/>
 ### Main Requirements
-- Python 3.9, 3.10, 3.11, 3.12
+- Python 3.10, 3.11, 3.12
 ### Installation

{credsweeper-1.12.2 → credsweeper-1.13.1}/README.md RENAMED Viewed

@@ -46,7 +46,7 @@ Full documentation can be found here: <https://credsweeper.readthedocs.io/>
 ### Main Requirements
-- Python 3.9, 3.10, 3.11, 3.12
+- Python 3.10, 3.11, 3.12
 ### Installation

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/__init__.py RENAMED Viewed

@@ -24,4 +24,4 @@ __all__ = [
     "__version__"
 ]
-__version__ = "1.12.2"
+__version__ = "1.13.1"

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/__main__.py RENAMED Viewed

@@ -1,4 +1,5 @@
 import binascii
+import contextlib
 import logging
 import os
 import sys
@@ -34,24 +35,24 @@ def positive_int(value: Any) -> int:
     return int_value
-def threshold_or_float(arg: str) -> Union[float, ThresholdPreset]:
+def threshold_or_float_or_zero(arg: str) -> Union[int, float, ThresholdPreset]:
     """Return ThresholdPreset or a float from the input string
     Args:
         arg: string that either a float or one of allowed values in ThresholdPreset
     Returns:
-        float if arg convertible to float, ThresholdPreset if one of the allowed values
+        int = 0 to disable ML validator, float if arg convertible to float, ThresholdPreset if one of the allowed values
     Raises:
         ArgumentTypeError: if arg cannot be interpreted as float or ThresholdPreset
     """
     allowed_presents = [e.value for e in ThresholdPreset]
-    try:
+    if '0' == arg:
+        return 0
+    with contextlib.suppress(ValueError):
         return float(arg)  # try convert to float
-    except ValueError:
-        pass
     if arg in allowed_presents:
         return ThresholdPreset[arg]
     raise ArgumentTypeError(f"value must be a float or one of {allowed_presents}")
@@ -158,6 +159,10 @@ def get_arguments() -> Namespace:
                         help="find files by predefined extension",
                         dest="find_by_ext",
                         action="store_true")
+    parser.add_argument("--pedantic",
+                        help="process files without extension",
+                        action=BooleanOptionalAction,
+                        default=False)
     parser.add_argument("--depth",
                         help="additional recursive search in data (experimental)",
                         type=positive_int,
@@ -172,11 +177,11 @@ def get_arguments() -> Namespace:
                         "The lower the threshold - the more credentials will be reported. "
                         f"Allowed values: float between 0 and 1, or any of {[e.value for e in ThresholdPreset]} "
                         "(default: medium)",
-                        type=threshold_or_float,
+                        type=threshold_or_float_or_zero,
                         default=ThresholdPreset.medium,
                         dest="ml_threshold",
                         required=False,
-                        metavar="FLOAT_OR_STR")
+                        metavar="THRESHOLD_OR_FLOAT_OR_ZERO")
     parser.add_argument("--ml_batch_size",
                         "-b",
                         help="batch size for model inference (default: 16)",
@@ -299,6 +304,7 @@ def get_credsweeper(args: Namespace) -> CredSweeper:
                        ml_model=args.ml_model,
                        ml_providers=args.ml_providers,
                        find_by_ext=args.find_by_ext,
+                       pedantic=args.pedantic,
                        depth=args.depth,
                        doc=args.doc,
                        severity=args.severity,
@@ -335,7 +341,8 @@ def scan(args: Namespace, content_provider: AbstractProvider) -> int:
 def get_commit_providers(commit: Commit, repo: Repo) -> Sequence[ByteContentProvider]:
     """Process a commit and for providers"""
     result = {}
-    ancestors = commit.parents or [repo.tree()]
+    # use the hardcoded sha1 until sha256 objects are not supported by GitPython
+    ancestors = commit.parents or [repo.tree("4b825dc642cb6eb9a060e54bf8d69288fbee4904")]
     for parent in ancestors:
         for diff in parent.diff(commit):
             # only result files

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/app.py RENAMED Viewed

@@ -52,11 +52,12 @@ class CredSweeper:
                  use_filters: bool = True,
                  pool_count: int = 1,
                  ml_batch_size: Optional[int] = None,
-                 ml_threshold: Union[float, ThresholdPreset] = ThresholdPreset.medium,
+                 ml_threshold: Union[int, float, ThresholdPreset] = ThresholdPreset.medium,
                  ml_config: Union[None, str, Path] = None,
                  ml_model: Union[None, str, Path] = None,
                  ml_providers: Optional[str] = None,
                  find_by_ext: bool = False,
+                 pedantic: bool = False,
                  depth: int = 0,
                  doc: bool = False,
                  severity: Union[Severity, str] = Severity.INFO,
@@ -86,6 +87,7 @@ class CredSweeper:
             ml_model: str or Path to set custom ml model
             ml_providers: str - comma separated list with providers
             find_by_ext: boolean - files will be reported by extension
+            pedantic: boolean - scan all files
             depth: int - how deep container files will be scanned
             doc: boolean - document-specific scanning
             severity: Severity - minimum severity level of rule
@@ -103,6 +105,7 @@ class CredSweeper:
         config_dict = self._get_config_dict(config_path=config_path,
                                             use_filters=use_filters,
                                             find_by_ext=find_by_ext,
+                                            pedantic=pedantic,
                                             depth=depth,
                                             doc=doc,
                                             severity=_severity,
@@ -145,6 +148,7 @@ class CredSweeper:
             config_path: Optional[str],  #
             use_filters: bool,  #
             find_by_ext: bool,  #
+            pedantic: bool,  #
             depth: int,  #
             doc: bool,  #
             severity: Severity,  #
@@ -155,6 +159,7 @@ class CredSweeper:
         config_dict["use_filters"] = use_filters
         config_dict["find_by_ext"] = find_by_ext
         config_dict["size_limit"] = size_limit
+        config_dict["pedantic"] = pedantic
         config_dict["depth"] = depth
         config_dict["doc"] = doc
         config_dict["severity"] = severity.value
@@ -169,7 +174,7 @@ class CredSweeper:
     # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
     def _use_ml_validation(self) -> bool:
-        if isinstance(self.ml_threshold, (float, int)) and 0 >= self.ml_threshold:
+        if isinstance(self.ml_threshold, int) and 0 == self.ml_threshold:
             logger.info("ML validation is disabled")
             return False
         if not self.credential_manager.candidates:

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/common/keyword_pattern.py RENAMED Viewed

@@ -3,7 +3,10 @@ import re
 class KeywordPattern:
     """Pattern set of keyword types"""
-    directive = r"(?P<directive>(?:(?:[#%]define|%global)(?:\s|\\t)|\bset))?"
+    directive = r"(?P<directive>(?:" \
+                r"(?:[#%]define|define(?=(\s|\\{1,8}[tnr])*\()|%global)" \
+                r"(?:\s?\(|\s|\\{1,8}[tnr]){1,8}|\bset(?=\b|\w*(\s|\\{1,8}[tnr])*\()" \
+                r"))?"
     key_left = r"(?:\\[nrt]|(\\\\*u00|%)[0-9a-f]{2}|\s)*" \
                r"(?P<variable>(([\"'`]{1,8}[^:=\"'`}<>\\/&?]*|[^:=\"'`}<>\s()\\/&?;,%]*)"
     # keyword will be inserted here
@@ -13,7 +16,7 @@ class KeywordPattern:
                 r")"  # <variable>
     separator = r"(?(directive)|(\s|\\{1,8}[tnr])*\]?(\s|\\{1,8}[tnr])*)" \
                 r"(?P<separator>:(\s[a-z]{3,9}[?]?\s)?=|:(?!:)|=(>|&gt;|(\\\\*u00|%)26gt;)|!==|!=|===|==|=~|=" \
-                r"|(?(directive)(\\t|\s|\((?!\))){1,80}|%3d))" \
+                r"|(?(directive)(,|\\t|\s|\((?!\))){1,80}|%3d))" \
                 r"(\s|\\{1,8}[tnr])*"
     # might be curly, square or parenthesis with words before
     wrap = r"(?P<wrap>(" \
@@ -23,7 +26,7 @@ class KeywordPattern:
            r"\s*" \
            r"(\[(?!\])|\((?!\))|\{(?!\}))" \
            r"(\s|\\{1,8}[tnr])*" \
-           r"(?(get)('[^']+'|\"[^\"]+\")\s*,\s*|)" \
+           r"(?(get)('[^']{1,31}'|\"[^\"]{1,31}\")\s*,\s*|)" \
            r"([0-9a-z_]{1,32}\s*[:=]\s*)?" \
            r"){1,8})?"
     string_prefix = r"(((b|r|br|rb|u|f|rf|fr|l|@)(?=(\\*[\"'`])))?"

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/common/morpheme_checklist.txt RENAMED Viewed

@@ -14,11 +14,15 @@
 /var
 000
 111
+14159265
+18284590
 222
 333
 444
 555
+65358979
 666
+71828182
 777
 80211
 888
@@ -195,7 +199,7 @@ aux
 avail
 avatar
 aver
-awesome
+awesom
 axis
 azure
 back
@@ -234,6 +238,7 @@ bless
 blic
 blish
 blob
+blood
 blue
 board
 bob
@@ -244,7 +249,7 @@ boost
 boot
 boss
 bot
-bound
+boun
 box
 branch
 break
@@ -498,6 +503,7 @@ dust
 dvb
 dynamic
 dynamo
+eadbee
 easin
 easy
 ecdhe
@@ -608,6 +614,7 @@ fleet
 flick
 flix
 float
+flood
 floor
 fluent
 fluid
@@ -616,7 +623,7 @@ focus
 foo
 for
 fossil
-found
+foun
 fpga
 frame
 free
@@ -649,6 +656,7 @@ git
 given
 global
 gobble
+good
 google
 grab
 grace
@@ -704,6 +712,7 @@ home
 hook
 horizon
 host
+houn
 hours
 html
 http
@@ -790,6 +799,7 @@ jpg_
 json
 jump
 justif
+kafka
 kerberos
 kernel
 key
@@ -799,6 +809,7 @@ kind
 kinesis
 kirk
 know
+knox
 kris
 lab
 lag
@@ -855,7 +866,7 @@ local
 lock
 log
 long
-lookup
+look
 loop
 loose
 lost
@@ -948,6 +959,7 @@ ndow
 ned
 need
 neigh
+neo4j
 ner
 net
 neutr
@@ -992,6 +1004,7 @@ oncat
 one
 onfig
 only
+ookup
 open
 opt/
 opted
@@ -1009,6 +1022,7 @@ ormat
 orph
 otorola
 ottle
+ound
 ously
 out
 over
@@ -1068,6 +1082,7 @@ pose
 posit
 possib
 post
+poun
 power
 pre_
 pred
@@ -1212,7 +1227,7 @@ rotat
 rotocol
 rottl
 rough
-round
+roun
 roup
 row
 rroga
@@ -1318,9 +1333,10 @@ sock
 soft
 solid
 solve
+some
 sony
 sort
-sound
+soun
 source
 space
 spacing
@@ -1430,6 +1446,7 @@ tio
 tish
 title
 titud
+tizen
 tmp/
 to_
 tod
@@ -1575,6 +1592,7 @@ yield
 you
 zeppelin
 zero
+zigbee
 zing
 zona
 zorro

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/config/config.py RENAMED Viewed

@@ -35,6 +35,7 @@ class Config:
         self.candidate_output: List[str] = config["candidate_output"]
         self.find_by_ext: bool = config["find_by_ext"]
         self.size_limit: Optional[int] = parse_size(config["size_limit"]) if config["size_limit"] is not None else None
+        self.pedantic: bool = bool(config["pedantic"])
         self.depth: int = int(config["depth"])
         self.doc: bool = config["doc"]
         self.severity: Severity = Severity.get(config.get("severity"))

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/credentials/line_data.py RENAMED Viewed

@@ -163,6 +163,7 @@ class LineData:
             self.clean_url_parameters()
             self.clean_bash_parameters()
             self.clean_toml_parameters()
+            self.clean_tag_parameters()
             if 0 <= self.value_start and 0 <= self.value_end and len(self.value) < len(_value):
                 start = _value.find(self.value)
                 self.value_start += start
@@ -196,15 +197,14 @@ class LineData:
         If line seem to be a URL - split by & character.
         Variable should be right most value after & or ? ([-1]). And value should be left most before & ([0])
         """
-        if self.check_url_part():
+        # skip sanitize in case of URL credential rule - the regex is mature enough
+        if self.check_url_part() and not self.variable.endswith("://"):
             # all checks have passed - line before the value may be a URL
             self.variable = self.variable.rsplit('&')[-1].rsplit('?')[-1].rsplit(';')[-1]
             self.value = self.value.split('&', maxsplit=1)[0].split(';', maxsplit=1)[0].split('#', maxsplit=1)[0]
-            if not self.variable.endswith("://"):
-                # skip sanitize in case of URL credential rule
-                self.value = self.url_unicode_split.split(self.value)[0]
-                if self._3d_escaped_separator:
-                    self.value = self.url_percent_split.split(self.value)[0]
+            self.value = self.url_unicode_split.split(self.value)[0]
+            if self._3d_escaped_separator:
+                self.value = self.url_percent_split.split(self.value)[0]
     def clean_bash_parameters(self) -> None:
         """Split variable and value by bash special characters, if line assumed to be CLI command."""
@@ -232,6 +232,21 @@ class LineData:
                     self.value = self.value[:-1]
                     cleaning_required = True
+    def clean_tag_parameters(self) -> None:
+        """Remove closing tag from value if the opened is somewhere before in line"""
+        cleaning_required = self.value and self.value.endswith('>')
+        while cleaning_required:
+            closing_tag_pos = self.value.rfind("</")
+            if 0 <= closing_tag_pos:
+                # use `<a` to avoid tag parameters
+                opening_tag_prefix = f"<{self.value[closing_tag_pos + 2:-1]}"
+                if cleaning_required := (opening_tag_prefix not in self.value
+                                         and 0 <= self.line.find(opening_tag_prefix, 0, self.value_start)):
+                    self.value = self.value[:closing_tag_pos]
+                    cleaning_required = self.value and self.value.endswith('>')
+            else:
+                break
     def sanitize_variable(self) -> None:
         """Remove trailing spaces, dashes and quotations around the variable. Correct position."""
         sanitized_var_len = 0

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/deep_scanner/deep_scanner.py RENAMED Viewed

@@ -1,7 +1,6 @@
 import logging
 from typing import List, Any, Tuple
-from credsweeper.common.constants import MIN_DATA_LEN
 from credsweeper.config.config import Config
 from credsweeper.scanner.scanner import Scanner
 from credsweeper.utils.util import Util
@@ -23,7 +22,9 @@ from .pdf_scanner import PdfScanner
 from .pkcs_scanner import PkcsScanner
 from .pptx_scanner import PptxScanner
 from .rpm_scanner import RpmScanner
+from .rtf_scanner import RtfScanner
 from .sqlite3_scanner import Sqlite3Scanner
+from .strings_scanner import StringsScanner
 from .tar_scanner import TarScanner
 from .tmx_scanner import TmxScanner
 from .xlsx_scanner import XlsxScanner
@@ -49,8 +50,10 @@ class DeepScanner(
     PdfScanner,  #
     PkcsScanner,  #
     PptxScanner,  #
+    RtfScanner,  #
     RpmScanner,  #
     Sqlite3Scanner,  #
+    StringsScanner,  #
     TarScanner,  #
     DebScanner,  #
     XmlScanner,  #
@@ -133,6 +136,9 @@ class DeepScanner(
                 deep_scanners.append(Sqlite3Scanner)
         elif Util.is_asn1(data):
             deep_scanners.append(PkcsScanner)
+        elif Util.is_rtf(data):
+            deep_scanners.append(RtfScanner)
+            fallback_scanners.append(ByteScanner)
         elif Util.is_xml(data):
             if Util.is_html(data):
                 deep_scanners.append(HtmlScanner)
@@ -158,9 +164,6 @@ class DeepScanner(
                     deep_scanners.append(PatchScanner)
                 fallback_scanners.append(EmlScanner)
             fallback_scanners.append(ByteScanner)
-        elif Util.is_known(data):
-            # the format is known but cannot be scanned
-            pass
         elif not Util.is_binary(data):
             if 0 < depth:
                 deep_scanners.append(PatchScanner)
@@ -168,6 +171,9 @@ class DeepScanner(
                 deep_scanners.append(LangScanner)
             deep_scanners.append(ByteScanner)
         else:
-            logger.warning("Cannot apply a deep scanner for type %s prefix %s %d", descriptor,
-                           repr(data[:MIN_DATA_LEN]), len(data))
+            if 0 < depth:
+                deep_scanners.append(StringsScanner)
+            else:
+                logger.warning("Cannot apply a deep scanner for type %s prefix %s %d", descriptor, repr(data[:32]),
+                               len(data))
         return deep_scanners, fallback_scanners

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/deep_scanner/jks_scanner.py RENAMED Viewed

@@ -4,6 +4,7 @@ from typing import List, Optional
 import jks
+from credsweeper.common.constants import Severity, Confidence
 from credsweeper.credentials.candidate import Candidate
 from credsweeper.deep_scanner.abstract_scanner import AbstractScanner
 from credsweeper.file_handler.data_content_provider import DataContentProvider
@@ -24,14 +25,22 @@ class JksScanner(AbstractScanner, ABC):
             try:
                 keystore = jks.KeyStore.loads(data_provider.data, pw_probe, try_decrypt_keys=True)
                 # the password probe has passed, it will be the value
-                info = (f"{data_provider.info}|JKS:"
-                        f"{'sensitive data' if keystore.private_keys or keystore.secret_keys else 'default password'}")
+                if keystore.private_keys or keystore.secret_keys:
+                    severity = Severity.HIGH
+                    confidence = Confidence.STRONG
+                    info = f"{data_provider.info}|JKS:default password"
+                else:
+                    severity = Severity.LOW
+                    confidence = Confidence.WEAK
+                    info = f"{data_provider.info}|JKS:sensitive data"
                 candidate = Candidate.get_dummy_candidate(
                     self.config,  #
                     data_provider.file_path,  #
                     data_provider.file_type,  #
                     info,  #
                     "Java Key Storage")
+                candidate.severity = severity
+                candidate.confidence = confidence
                 value = pw_probe or "<EMPTY PASSWORD>"
                 candidate.line_data_list[0].line = f"'{value}' is the password"
                 candidate.line_data_list[0].value = pw_probe or "<EMPTY PASSWORD>"

{credsweeper-1.12.2 → credsweeper-1.13.1}/credsweeper/deep_scanner/pkcs_scanner.py RENAMED Viewed

@@ -3,6 +3,7 @@ import logging
 from abc import ABC
 from typing import List, Optional
+from credsweeper.common.constants import Severity, Confidence
 from credsweeper.credentials.candidate import Candidate
 from credsweeper.deep_scanner.abstract_scanner import AbstractScanner
 from credsweeper.file_handler.data_content_provider import DataContentProvider
@@ -35,6 +36,9 @@ class PkcsScanner(AbstractScanner, ABC):
                         "PKCS")
                     candidate.line_data_list[0].line = base64.b64encode(data_provider.data).decode()
                     candidate.line_data_list[0].value = repr(password)
+                    # high severity is assigned to private key rules
+                    candidate.severity = Severity.HIGH
+                    candidate.confidence = Confidence.STRONG
                     return [candidate]
             except Exception as pkcs_exc:
                 logger.debug(f"{data_provider.file_path}:{pw_probe}:{pkcs_exc}")

credsweeper-1.13.1/credsweeper/deep_scanner/rtf_scanner.py ADDED Viewed

@@ -0,0 +1,41 @@
+import logging
+from abc import ABC
+from typing import List, Optional
+from striprtf import striprtf
+from credsweeper.credentials.candidate import Candidate
+from credsweeper.deep_scanner.abstract_scanner import AbstractScanner
+from credsweeper.file_handler.data_content_provider import DataContentProvider
+from credsweeper.file_handler.string_content_provider import StringContentProvider
+from credsweeper.utils.util import Util
+logger = logging.getLogger(__name__)
+class RtfScanner(AbstractScanner, ABC):
+    """Implements squash file system scanning"""
+    @staticmethod
+    def get_lines(text: str) -> List[str]:
+        """Extracts text lines from RTF format"""
+        rtf_text = striprtf.rtf_to_text(text)
+        lines = Util.split_text(rtf_text)
+        return lines
+    def data_scan(
+            self,  #
+            data_provider: DataContentProvider,  #
+            depth: int,  #
+            recursive_limit_size: int) -> Optional[List[Candidate]]:
+        """Scans data as RTF"""
+        try:
+            string_data_provider = StringContentProvider(lines=RtfScanner.get_lines(data_provider.text),
+                                                         file_path=data_provider.file_path,
+                                                         file_type=data_provider.file_type,
+                                                         info=f"{data_provider.info}|RTF")
+            rtf_candidates = self.scanner.scan(string_data_provider)
+            return rtf_candidates
+        except Exception as rtf_exc:
+            logger.error(f"{data_provider.file_path}:{rtf_exc}")
+        return None

credsweeper-1.13.1/credsweeper/deep_scanner/strings_scanner.py ADDED Viewed

@@ -0,0 +1,52 @@
+import logging
+from abc import ABC
+from typing import List, Optional, Tuple
+from credsweeper.common.constants import MIN_DATA_LEN
+from credsweeper.credentials.candidate import Candidate
+from credsweeper.deep_scanner.abstract_scanner import AbstractScanner
+from credsweeper.file_handler.data_content_provider import DataContentProvider
+from credsweeper.file_handler.string_content_provider import StringContentProvider
+logger = logging.getLogger(__name__)
+class StringsScanner(AbstractScanner, ABC):
+    """Implements known binary file scanning with ASCII strings representations"""
+    @staticmethod
+    def get_strings(data: bytes) -> List[Tuple[str, int]]:
+        """Processes binary to found ASCII strings. Use offset instead line number."""
+        strings = []
+        offset = 0
+        line = ''
+        for n, x in enumerate(data):
+            if 0x09 == x or 0x20 <= x <= 0x7E:
+                # TAB, SPACE and visible ASCII symbols
+                if not offset:
+                    # for line number
+                    offset = n
+                line += chr(x)
+            elif MIN_DATA_LEN <= len(line):
+                strings.append((line, offset))
+                offset = 0
+                line = ''
+        if MIN_DATA_LEN <= len(line):
+            strings.append((line, offset))
+        return strings
+    def data_scan(
+            self,  #
+            data_provider: DataContentProvider,  #
+            depth: int,  #
+            recursive_limit_size: int) -> Optional[List[Candidate]]:
+        """Extracts data file from .ar (debian) archive and launches data_scan"""
+        if strings := StringsScanner.get_strings(data_provider.data):
+            string_data_provider = StringContentProvider(lines=[x[0] for x in strings],
+                                                         line_numbers=[x[1] for x in strings],
+                                                         file_path=data_provider.file_path,
+                                                         file_type=data_provider.file_type,
+                                                         info=f"{data_provider.info}|STRINGS")
+            return self.scanner.scan(string_data_provider)
+        return None if strings is None else []

credsweeper 1.12.2__tar.gz → 1.13.1__tar.gz

Potentially problematic release.

credsweeper 1.12.2tar.gz → 1.13.1tar.gz