References

Ostorlab · Aug 2, 2023 · a68be80 · a68be80
1 parent ed375c3
commit a68be80
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 11 deletions.
diff --git a/agent/utils.py b/agent/utils.py
@@ -4,6 +4,7 @@
 import os
 from typing import Any, Iterator
 
+from urllib import parse
 import magic
 from ostorlab.agent.kb import kb
 from ostorlab.agent.mixins import agent_report_vulnerability_mixin
@@ -89,8 +90,8 @@ def parse_results(json_output: dict[str, Any]) -> Iterator[Vulnerability]:
         impact = metadata.get("impact", "UNKNOWN")
         fix = extra.get("fix", "")
         references = {
-            f"Reference: #{idx + 1}": value
-            for (idx, value) in enumerate(metadata.get("references", []))
+            parse.urlparse(value).netloc or value: value
+            for value in metadata.get("references", [])
         }
 
         technical_detail = construct_technical_detail(vulnerability, path)

diff --git a/tests/semgrep_agent_test.py b/tests/semgrep_agent_test.py
@@ -136,11 +136,19 @@ def testAgentSemgrep_whenAnalysisRunsWithoutErrors_emitsBackVulnerability(
         "valid or invalid padding. Further, CBC mode does not include any "
         "integrity checks. Use 'AES/GCM/NoPadding' instead."
     )
-
-    assert [entry["url"] for entry in vuln["references"]] == [
-        "https://capec.mitre.org/data/definitions/463.html",
-        "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html",
-        "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY",
+    assert vuln["references"] == [
+        {
+            "title": "capec.mitre.org",
+            "url": "https://capec.mitre.org/data/definitions/463.html",
+        },
+        {
+            "title": "cheatsheetseries.owasp.org",
+            "url": "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html",
+        },
+        {
+            "title": "find-sec-bugs.github.io",
+            "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY",
+        },
     ]
     assert not any(
         [
@@ -197,10 +205,19 @@ def testAgentSemgrep_whenAnalysisRunsWithoutPathWithoutErrors_emitsBackVulnerabi
         "integrity checks. Use 'AES/GCM/NoPadding' instead."
     )
 
-    assert [entry["url"] for entry in vuln["references"]] == [
-        "https://capec.mitre.org/data/definitions/463.html",
-        "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html",
-        "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY",
+    assert vuln["references"] == [
+        {
+            "title": "capec.mitre.org",
+            "url": "https://capec.mitre.org/data/definitions/463.html",
+        },
+        {
+            "title": "cheatsheetseries.owasp.org",
+            "url": "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html",
+        },
+        {
+            "title": "find-sec-bugs.github.io",
+            "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY",
+        },
     ]
     assert not any(
         [