From 88c24b25c54fca2dd5560e61be30b04645c90ca2 Mon Sep 17 00:00:00 2001 From: Nate Date: Tue, 2 Jul 2024 20:34:16 +0200 Subject: [PATCH] Update Azure secretPatFmt We had a secret leak through and looks like the existing detector doesn't match Azure docs: https://learn.microsoft.com/en-us/purview/sit-defn-client-secret-api-key This changed regex should match what is found in the above docs: A combination of 24 characters consisting of letters, digits, and special characters. or A combination of 32 characters consisting of letters and digits. or A combination of 40 characters consisting of letters and digits. or A combination of 44 characters consisting of letters, digits, and special characters. or A combination of 56 characters consisting of letters, digits, and special characters or A combination of 88 characters consisting of letters, digits, and special characters. --- pkg/detectors/azure/azure.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/detectors/azure/azure.go b/pkg/detectors/azure/azure.go index 2319ce97c4aa..39bc634de80a 100644 --- a/pkg/detectors/azure/azure.go +++ b/pkg/detectors/azure/azure.go @@ -33,7 +33,7 @@ var ( tenantIDPat = mustFmtPat("tenant_id", idPatFmt) // TODO: support old patterns - secretPatFmt = `(?i)(%s).{0,20}([a-z0-9_\.\-~]{34})` + secretPatFmt = `(?i)(%s)[:=]?\s*([\w\-~]{24}|[\w]{32}|[\w]{40}|[\w\-~]{44}|[\w\-~]{56}|[\w\-~]{88})` clientSecretPat = mustFmtPat("client_secret", secretPatFmt) )