Documentation ¶
Index ¶
- Constants
- func BuildHsDb()
- func CreateHsDb(hsPatterns []*hyperscan.Pattern) hyperscan.BlockDatabase
- func CreateHsPatterns(part string) ([]*hyperscan.Pattern, error)
- func MatchPatternSignatures(contents []byte, path string, filename string, extension string, ...) ([]output.SecretFound, error)
- func MatchSimpleSignatures(path string, filename string, extension string, layerID string, ...) []output.SecretFound
- func Max(value_0, value_1 int) int
- func Min(value_0, value_1 int) int
- func ProcessSignatures(configSignatures []core.ConfigSignature)
- func RunHyperscan(hyperscanBlockDb hyperscan.BlockDatabase, hsIOData HsInputOutputData) error
- type HsInputOutputData
Constants ¶
const ( ExtPart = "extension" FilenamePart = "filename" PathPart = "path" ContentsPart = "contents" LargeRegexType = "large" MaxSecretLength = 1000 // Maximum length of secret to search to find exact position of secrets in large regex patterns )
Constants representing different parts to be matched and constants for matching complex regex patterns
Variables ¶
This section is empty.
Functions ¶
func BuildHsDb ¶
func BuildHsDb()
Build hyperscan Databases for matching different parts in the beginning This can be used for repeated scanning
func CreateHsDb ¶
func CreateHsDb(hsPatterns []*hyperscan.Pattern) hyperscan.BlockDatabase
Create Hyperscan databased, which can be used for repeated scanning @parameters hsPatterns - List of hyperscan patterns @returns BlockDatabase - Hyperscan database for the given list of patterns
func CreateHsPatterns ¶
Create a list of hyperscan patterns with appropriate flags @parameters part - part for which list of patterns to be created: content, path, filename or extension @returns []*hyperscan.Pattern - List of hyperscan patterns error - Errors if any. Otherwise, returns nil
func MatchPatternSignatures ¶
func MatchPatternSignatures(contents []byte, path string, filename string, extension string, layerID string, numSecrets *uint, matchedRuleSet map[uint]uint) ([]output.SecretFound, error)
Scan to find complex pattern matches for the contents, path, filename and extension of this file @parameters contents - content of the file path - Complete path of the file filename - Name of the file extension - Extension of the file layerID - layer ID of this file in the container image @returns []output.SecretFound - List of all secrets found Error - Errors if any. Otherwise, returns nil
func MatchSimpleSignatures ¶
func MatchSimpleSignatures(path string, filename string, extension string, layerID string, numSecrets *uint) []output.SecretFound
Scan to find simple pattern matches for the path, filename and extension of this file @parameters path - Complete path of the file filename - Name of the file extension - Extension of the file layerID - layer ID of this file in the container image @returns []output.SecretFound - List of all secrets found
func ProcessSignatures ¶
func ProcessSignatures(configSignatures []core.ConfigSignature)
Process all the extracted signatures from config file, add severity and severity scores, finally store them in appropriate maps @parameters configSignatures - Extracted patterns from signature config file
func RunHyperscan ¶
func RunHyperscan(hyperscanBlockDb hyperscan.BlockDatabase, hsIOData HsInputOutputData) error
Run hyperscan matching on the specified content @parameters hyperscanBlockDb - Hyperscan database of a list of patterns hsIOData - Metadata containing the contents being matched, filename, layerID etc. @returns Error - Errors if any. Otherwise, returns nil
Types ¶
type HsInputOutputData ¶
type HsInputOutputData struct {
// contains filtered or unexported fields
}
Data structure for passing inputs and getting outputs for hyperscan