mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-11-23 00:28:07 +00:00
Check string size (#915)
ASFF ProductFields[] string can't be longer than 1024 characters, could explain https://github.com/aquasecurity/kube-bench/issues/903 `Message:Finding does not adhere to Amazon Finding Format. data.Remediation.Recommendation.Text should NOT be longer than 512 characters. Error Code:InvalidInput`
This commit is contained in:
parent
1173667622
commit
aedc2942bd
@ -229,9 +229,22 @@ func (controls *Controls) ASFF() ([]*securityhub.AwsSecurityFinding, error) {
|
|||||||
if check.State == FAIL || check.State == WARN {
|
if check.State == FAIL || check.State == WARN {
|
||||||
// ASFF ProductFields['Actual result'] can't be longer than 1024 characters
|
// ASFF ProductFields['Actual result'] can't be longer than 1024 characters
|
||||||
actualValue := check.ActualValue
|
actualValue := check.ActualValue
|
||||||
|
remediation := check.Remediation
|
||||||
|
reason := check.Reason
|
||||||
|
|
||||||
if len(check.ActualValue) > 1024 {
|
if len(check.ActualValue) > 1024 {
|
||||||
actualValue = check.ActualValue[0:1023]
|
actualValue = check.ActualValue[0:1023]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Fix issue https://github.com/aquasecurity/kube-bench/issues/903
|
||||||
|
if len(check.Remediation) > 512 {
|
||||||
|
remediation = check.Remediation[0:511]
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(check.Reason) > 1024 {
|
||||||
|
reason = check.Reason[0:1023]
|
||||||
|
}
|
||||||
|
|
||||||
f := securityhub.AwsSecurityFinding{
|
f := securityhub.AwsSecurityFinding{
|
||||||
AwsAccountId: aws.String(a),
|
AwsAccountId: aws.String(a),
|
||||||
Confidence: aws.Int64(100),
|
Confidence: aws.Int64(100),
|
||||||
@ -249,11 +262,11 @@ func (controls *Controls) ASFF() ([]*securityhub.AwsSecurityFinding, error) {
|
|||||||
},
|
},
|
||||||
Remediation: &securityhub.Remediation{
|
Remediation: &securityhub.Remediation{
|
||||||
Recommendation: &securityhub.Recommendation{
|
Recommendation: &securityhub.Recommendation{
|
||||||
Text: aws.String(check.Remediation),
|
Text: aws.String(remediation),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
ProductFields: map[string]*string{
|
ProductFields: map[string]*string{
|
||||||
"Reason": aws.String(check.Reason),
|
"Reason": aws.String(reason),
|
||||||
"Actual result": aws.String(actualValue),
|
"Actual result": aws.String(actualValue),
|
||||||
"Expected result": aws.String(check.ExpectedResult),
|
"Expected result": aws.String(check.ExpectedResult),
|
||||||
"Section": aws.String(fmt.Sprintf("%s %s", controls.ID, controls.Text)),
|
"Section": aws.String(fmt.Sprintf("%s %s", controls.ID, controls.Text)),
|
||||||
|
Loading…
Reference in New Issue
Block a user