Please review the Community Note before submitting
TruffleHog Version
v3.4.3 to present
Trace Output
N/A
Expected Behavior
Should calculate the line of code correctly.
Actual Behavior
The line of code is not correctly calculated.
When the same "raw" secret value is stored sequentially, the line of code value for each subsequent occurrence is the same as the first instance instead of each having their correct line number calculated.
Steps to Reproduce
- Create a file with multiple instances (at least two) of the exact same secret, one after another. The secret must contain the exact same value, and type.
- Optionally add the file to a git repo
- Scan the file with TruffleHog v3.4.3 or later.
Environment
- OS: All
- Version: v3.4.3 or later
Additional Context
Root cause analysis documented in detail here: https://github.com/0x736E/trufflehog_v3_loc_bug
When there are multiple secrets of the same type, in the same data "chunk", TruffleHog incorrectly reports all secrets with the same raw value as having the same line of code.
References
Please review the Community Note before submitting
TruffleHog Version
v3.4.3 to present
Trace Output
N/A
Expected Behavior
Should calculate the line of code correctly.
Actual Behavior
The line of code is not correctly calculated.
When the same "raw" secret value is stored sequentially, the line of code value for each subsequent occurrence is the same as the first instance instead of each having their correct line number calculated.
Steps to Reproduce
Environment
Additional Context
Root cause analysis documented in detail here: https://github.com/0x736E/trufflehog_v3_loc_bug
When there are multiple secrets of the same type, in the same data "chunk", TruffleHog incorrectly reports all secrets with the same raw value as having the same line of code.
References