Checkmarx · asofsilva · Jan 16, 2024 · Dec 27, 2023 · Dec 27, 2023 · Dec 28, 2023
@@ -0,0 +1,68 @@
+{
+  "kics_version": "development",
+  "files_scanned": 1,
+  "lines_scanned": 44,
+  "files_parsed": 1,
+  "lines_parsed": 44,
+  "lines_ignored": 0,
+  "files_failed_to_scan": 0,
+  "queries_total": 1,
+  "queries_failed_to_execute": 0,
+  "queries_failed_to_compute_similarity_id": 0,
+  "scan_id": "console",
+  "severity_counters": {
+    "HIGH": 2,
+    "INFO": 0,
+    "LOW": 0,
+    "MEDIUM": 0,
+    "TRACE": 0
+  },
+  "total_counter": 2,
+  "total_bom_resources": 0,
+  "start": "2023-12-27T09:48:54.183217Z",
+  "end": "2023-12-27T09:48:57.0673037Z",
+  "paths": [
+    "/path/test/fixtures/similarity_id"
+  ],
+  "queries": [
+    {
+      "query_name": "Website Not Forcing HTTPS",
+      "query_id": "488847ff-6031-487c-bf42-98fd6ac5c9a0",
+      "query_url": "https://docs.microsoft.com/en-us/azure/templates/microsoft.web/sites?tabs=json#siteproperties-object",
+      "severity": "HIGH",
+      "platform": "AzureResourceManager",
+      "category": "Insecure Configurations",
+      "experimental": false,
+      "description": "'Microsoft.Web/sites' should force the use of HTTPS",
+      "description_id": "3af52329",
+      "files": [
+        {
+          "file_name": "path\\test\\fixtures\\similarity_id\\1_general_deployment.json",
+          "similarity_id": "f649e674f984920f340e4078adb4d472fa857d1a8bcfa3e4e0418743faa946fd",
+          "line": 34,
+          "resource_type": "Microsoft.Web/sites",
+          "resource_name": "[variables('functionApp').microsoft_unbilled_synchronization]",
+          "issue_type": "IncorrectValue",
+          "search_key": "resources.name={{[variables('functionApp').microsoft_unbilled_synchronization]}}.properties.httpsOnly",
+          "search_line": 34,
+          "search_value": "",
+          "expected_value": "resource with type 'Microsoft.Web/sites' should have the 'httpsOnly' false set to true",
+          "actual_value": "resource with type 'Microsoft.Web/sites' doesn't have 'httpsOnly' set to true"
+        },
+        {
+          "file_name": "path\\test\\fixtures\\similarity_id\\1_general_deployment.json",
+          "similarity_id": "8e341b61966dfc47b2e78304b28b445c9891be5143fcf6bd09f5ba0679e1b0ca",
+          "line": 18,
+          "resource_type": "Microsoft.Web/sites",
+          "resource_name": "[variables('functionApp').unbilled_usage_process]",
+          "issue_type": "IncorrectValue",
+          "search_key": "resources.name={{[variables('functionApp').unbilled_usage_process]}}.properties.httpsOnly",
+          "search_line": 18,
+          "search_value": "",
+          "expected_value": "resource with type 'Microsoft.Web/sites' should have the 'httpsOnly' false set to true",
+          "actual_value": "resource with type 'Microsoft.Web/sites' doesn't have 'httpsOnly' set to true"
+        }
+      ]
+    }
+  ]
+}
@@ -0,0 +1,27 @@
+package testcases
+
+// E2E-CLI-077 - KICS  scan
+// should perform a scan, present two results, without the same similarity id
+func init() { //nolint
+	testSample := TestCase{
+		Name: "should perform a scan, present two results, without the same similarity id [E2E-CLI-077]",
+		Args: args{
+			Args: []cmdArgs{
+				[]string{"scan", "-o", "/path/e2e/output",
+					"--output-name", "E2E_CLI_077_RESULT",
+					"-p", "\"/path/test/fixtures/similarity_id\"",
+					"-i", "488847ff-6031-487c-bf42-98fd6ac5c9a0",
+				},
+			},
+			ExpectedResult: []ResultsValidation{
+				{
+					ResultsFile:    "E2E_CLI_077_RESULT",
+					ResultsFormats: []string{"json"},
+				},
+			},
+		},
+		WantStatus: []int{50},
+	}
+
+	Tests = append(Tests, testSample)
+}
@@ -194,7 +194,7 @@ func (j *jsonLine) setLine(val map[string]interface{}, def int, father string, p
 	}
 
 	// iterate through the values of the object
-	for key, val := range val {
+	for key, v := range val {
 		// if the key with father path was not found ignore
 		if _, ok2 := j.LineInfo[key][father]; !ok2 {
 			continue
@@ -212,13 +212,13 @@ func (j *jsonLine) setLine(val map[string]interface{}, def int, father string, p
 			lineNr = line.(*fifo).pop()
 		}
 
-		switch v := val.(type) {
+		switch v := v.(type) {
 		// value is an array and must call func setSeqLines to set element lines
 		case []interface{}:
 			lineArr = j.setSeqLines(v, lineNr, father, key, lineArr)
 		// value is an object and must setLines for each element of the object
 		case map[string]interface{}:
-			v["_kics_lines"] = j.setLine(v, lineNr, fmt.Sprintf("%s.%s", father, key), false)
+			v["_kics_lines"] = j.setLine(v, lineNr, fmt.Sprintf("%s.%s", father, key), pop)
 		default:
 			// value as no childs
 			lineMap[fmt.Sprintf("_kics_%s", key)] = &model.LineObject{
@@ -244,12 +244,12 @@ func (j *jsonLine) setSeqLines(v []interface{}, def int, father, key string,
 	// update father path with key
 	fatherKey := father + "." + key
 
-	defaultLineArr := j.getMapDefaultLine(v, fatherKey)
-	if defaultLineArr == -1 {
-		defaultLineArr = def
-	}
 	// iterate over each element of the array
 	for _, contentEntry := range v {
+		defaultLineArr := j.getMapDefaultLine(v, fatherKey)
+		if defaultLineArr == -1 {
+			defaultLineArr = def
+		}
 		switch con := contentEntry.(type) {
 		// case element is a map/object call func setLine
 		case map[string]interface{}: