From 35ae569094539ca9df76b8a692ec448cf98f9255 Mon Sep 17 00:00:00 2001
From: Valentijn Scholten <valentijnscholten@gmail.com>
Date: Tue, 17 Dec 2024 12:54:18 +0100
Subject: [PATCH] RustyHog: improve description and file_path

---
 dojo/tools/rusty_hog/parser.py           | 10 ++++++++++
 unittests/tools/test_rusty_hog_parser.py |  3 +++
 2 files changed, 13 insertions(+)

diff --git a/dojo/tools/rusty_hog/parser.py b/dojo/tools/rusty_hog/parser.py
index a4582106f0d..e795d9f0678 100644
--- a/dojo/tools/rusty_hog/parser.py
+++ b/dojo/tools/rusty_hog/parser.py
@@ -76,6 +76,11 @@ def __getitem(self, vulnerabilities, scanner):
         found_secret_string = ""
         cwe = 200
         for vulnerability in vulnerabilities:
+            description =""
+            if vulnerability.get("Reason") is not None:
+                description += "\n**Reason:** {}".format(
+                    vulnerability.get("reason"),
+                )
             if scanner == "Rusty Hog":
                 break
             if scanner == "Choctaw Hog":
@@ -179,10 +184,15 @@ def __getitem(self, vulnerabilities, scanner):
                     vulnerability.get("issue_id"),
                     vulnerability.get("location"),
                 )
+                if not file_path:
+                    file_path = vulnerability.get("url")
             elif scanner == "Essex Hog":
                 title = "{} found in Confluence Page ID {}".format(
                     vulnerability.get("reason"), vulnerability.get("page_id"),
                 )
+                if not file_path:
+                    file_path = vulnerability.get("url")
+
             # create the finding object
             finding = Finding(
                 title=title,
diff --git a/unittests/tools/test_rusty_hog_parser.py b/unittests/tools/test_rusty_hog_parser.py
index 3d7df04ea0f..51bcd385d2e 100644
--- a/unittests/tools/test_rusty_hog_parser.py
+++ b/unittests/tools/test_rusty_hog_parser.py
@@ -110,6 +110,9 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog(self):
             parser = RustyhogParser()
             findings = parser.get_items(testfile, "Essex Hog", Test())
             self.assertEqual(3, len(findings))
+            self.assertEqual("https://confluence.com/pages/viewpage.action?pageId=12345", findings[0]['file_path'])
+            self.assertEqual("-----BEGIN EC PRIVATE KEY-----", findings[0]['payload'])
+            self.assertEqual("*Reason:**SSH (EC) private key", findings[0]['description'][:30])
 
     def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog_content(self):
         with open("unittests/scans/rusty_hog/essexhog_many_vulns.json", encoding="utf-8") as testfile: