Skip to content

fix: amend string bondary bugs in gitleaks-original-encoded-secrets#1

Open
eliranmal wants to merge 1 commit intoleaktk:mainfrom
eliranmal:patch-1
Open

fix: amend string bondary bugs in gitleaks-original-encoded-secrets#1
eliranmal wants to merge 1 commit intoleaktk:mainfrom
eliranmal:patch-1

Conversation

@eliranmal
Copy link
Copy Markdown

@eliranmal eliranmal commented Jun 11, 2025

  • fix counting error in column bounding markers: for some reason in gitleaks reports they're off by 1
  • omit keepends=True when splitting lines; multiline is gonna be supported via counting (see next item)
  • account for multiple lines in found secrets when calculating column-end marker, by subtracting the column-start marker if the secret spans multiple lines in the original repo

@eliranmal
fix: amend string bondary bugs in gitleaks-original-encoded-secrets
914899b 
- fix counting error in column bounding markers: for some reason in gitleaks reports they're off by 1
- omit `keepends=True` when splitting lines; multiline is gonna be supported via counting (see next item)
- account for multiple lines in found secrets when calculating column-end marker, by subtracting the column-start marker if the secret spans multiple lines in the original repo
@bplaxco
Copy link
Copy Markdown
Contributor

bplaxco commented Jun 11, 2025

@eliranmal thanks for the PR!

Hmm it looks like when I have a secret file that looks like this in a repo:

ZFhObGNsOXpaV055WlhROUlrZHlWMVJ0TldzeWFuUlhlVGxEWlU5V1lrOXFiRkpGZEMweE1FNXRjR1ZRUmt0NGRqUkdiV3c0T1ZsTWQyNHdNREpyUmpGamVUUk1VVEZqV0hNNVpESlFSM2d6TjNwUFZWQlJhekY1Vm1sTmFHaEpaRWhzYUhjaUNnPT0=

I see some errors with the output:

~ $ ./updated-version test-repo test.json 
[
  "="
]
~ $ gitleaks-original-encoded-secrets test-repo test.json 
[
  "ZFhObGNsOXpaV055WlhROUlrZHlWMVJ0TldzeWFuUlhlVGxEWlU5V1lrOXFiRkpGZEMweE1FNXRjR1ZRUmt0NGRqUkdiV3c0T1ZsTWQyNHdNREpyUmpGamVUUk1VVEZqV0hNNVpESlFSM2d6TjNwUFZWQlJhekY1Vm1sTmFHaEpaRWhzYUhjaUNnPT0="
]

Were you potentially running on a Windows machine or working with something with windows newlines in the file?

If so, I think I know a fix 👌 (Yeah for some reason gitleaks captures the newline split at the beginning of the line. If that's it, I think I have an idea for a fix ^_^

@eliranmal
Copy link
Copy Markdown
Author

eliranmal commented Jun 11, 2025
edited
Loading

@bplaxco

Hmm it looks like when I have a secret file that looks like this in a repo [...] I see some errors with the output

oh no!

i was apparently testing on a repo that doesn't seem to have enough test-cases to properly check all scenarios, so i don't have more ideas on how to fix that..

Were you potentially running on a Windows machine or working with something with windows newlines in the file?

no - i'm running macos (V 15.5).

If so, I think I know a fix 👌 (Yeah for some reason gitleaks captures the newline split at the beginning of the line. If that's it, I think I have an idea for a fix ^_^

okay, lemme know if i can offer any help testing/reproducing etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eliranmal @bplaxco