(*, location: ScanLocation)
| 35 | |
| 36 | @Analyzer.ID("file_analyzer") |
| 37 | def analyze(*, location: ScanLocation) -> AnalyzerReturnType: |
| 38 | for p in get_file_patterns(): |
| 39 | if p.match(location): |
| 40 | location.metadata["tags"] |= set(p._signature.get("tags", [])) |
| 41 | |
| 42 | if not location.location.exists(): |
| 43 | return |
| 44 | elif location.size == 0: |
| 45 | return |
| 46 | |
| 47 | if "sensitive_file" in location.metadata["tags"]: |
| 48 | yield Detection( |
| 49 | detection_type="SensitiveFile", |
| 50 | message="A potentially sensitive file has been found", |
| 51 | score=config.get_score_or_default("contain-sensitive-file", 0), |
| 52 | signature=f"sensitive_file#{str(location)}", |
| 53 | extra={ |
| 54 | "file_name": location.location.name, |
| 55 | }, |
| 56 | location=location.location, |
| 57 | tags = set(location.metadata["tags"]) |
| 58 | ) |
| 59 | |
| 60 | if enable_suspicious_files(location): |
| 61 | name = location.location.name |
| 62 | if name.startswith("."): |
| 63 | f_type = "hidden_file" |
| 64 | |
| 65 | elif name.endswith(".pyc"): |
| 66 | if "__pycache__" in location.location.parts: |
| 67 | return |
| 68 | |
| 69 | f_type = "python_bytecode" |
| 70 | else: |
| 71 | return |
| 72 | |
| 73 | if f_type: |
| 74 | yield Detection( |
| 75 | detection_type="SuspiciousFile", |
| 76 | message="A potentially suspicious file has been found", |
| 77 | score=config.get_score_or_default("contain-suspicious-file", 0), |
| 78 | signature=f"suspicious_file#{str(location)}", |
| 79 | extra={ |
| 80 | "file_name": location.location.name, |
| 81 | "file_type": f_type |
| 82 | }, |
| 83 | location=location.location, |
| 84 | tags={f_type} | location.metadata["tags"] |
| 85 | ) |
nothing calls this directly
no test coverage detected