diff --git a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap index 840f42518..e35673f89 100644 --- a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap +++ b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap @@ -604,3 +604,24 @@ exports[`should properly parse subfinder json file and add target domain to find }, ] `; + +exports[`should properly parse empty json file with includeTargetDomain=true 1`] = ` +[ + { + "attributes": { + "domain": "example.com", + "hostname": "example.com", + "ip_address": null, + "ip_addresses": [], + "source": "parser", + }, + "category": "Subdomain", + "description": "Found subdomain example.com", + "identified_at": null, + "location": "example.com", + "name": "example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, +] +`; diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js index 2afdfc93c..6c5be9b78 100644 --- a/scanners/subfinder/parser/parser.js +++ b/scanners/subfinder/parser/parser.js @@ -7,10 +7,10 @@ const DOMAIN_FLAGS = ["-d", "-domain", "--domain"]; export async function parse( fileContent, scan, - includeTargetDomain = process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() == - "true", + options = {}, ) { - if (!fileContent && !includeTargetDomain) return []; + const includeTargetDomain = options.includeTargetDomain ?? + (process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() === "true"); const targets = parseResultFile(fileContent); const findings = transformToFindings(targets); @@ -92,8 +92,10 @@ function transformToFindings(targets) { * @param {*} fileContent */ function parseResultFile(fileContent) { - return fileContent - .trim() + const trimmed = fileContent.trim(); + if (!trimmed) return []; + + return trimmed .split("\n") .map((line) => JSON.parse(line)); } diff --git a/scanners/subfinder/parser/parser.test.js b/scanners/subfinder/parser/parser.test.js index 90c761b12..8fc20c91b 100644 --- a/scanners/subfinder/parser/parser.test.js +++ b/scanners/subfinder/parser/parser.test.js @@ -42,6 +42,29 @@ test("should properly parse empty json file", async () => { expect(findings).toMatchSnapshot(); }); +test("should properly parse empty json file with includeTargetDomain=true", async () => { + const scan = { + spec: { + scanType: "subfinder", + parameters: ["-timeout", "1", "-d", "example.com"], + }, + metadata: { + annotations: { + "metadata.scan.securecodebox.io/subfinder": + "https://github.com/secureCodeBox/secureCodeBox", + }, + }, + }; + + const fileContent = await readFile(__dirname + "/__testFiles__/empty.jsonl", { + encoding: "utf8", + }); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); + // validate findings + expect(validateParser(findings)).toBeUndefined(); + expect(findings).toMatchSnapshot(); +}); + test("should properly parse subfinder json file and add target domain to findings with param -d", async () => { const scan = { spec: { @@ -62,7 +85,7 @@ test("should properly parse subfinder json file and add target domain to finding encoding: "utf8", }, ); - const findings = await parse(fileContent, scan, "true"); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); // validate findings expect(validateParser(findings)).toBeUndefined(); expect(findings).toMatchSnapshot(); @@ -88,7 +111,7 @@ test("should properly parse subfinder json file and add target domain to finding encoding: "utf8", }, ); - const findings = await parse(fileContent, scan, "true"); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); // validate findings expect(validateParser(findings)).toBeUndefined(); expect(findings).toMatchSnapshot(); @@ -114,7 +137,7 @@ test("should properly parse subfinder json file and add target domain to finding encoding: "utf8", }, ); - const findings = await parse(fileContent, scan, "true"); + const findings = await parse(fileContent, scan, { includeTargetDomain: true }); // validate findings expect(validateParser(findings)).toBeUndefined(); expect(findings).toMatchSnapshot();