fix(memory consumption): improved SplitLines function calls (Checkmarx#5680)

* added pprof

* improving splitLines usage

* fixing tests

* correcting unit tests

* fixing tests

* fixing more tests

* fixing test

Author: rafaela-soares

cmd/builder/main.go

@@ -71,8 +71,15 @@ func saveFile(filePath string, content []byte) error {
 	if err != nil {
 		return err
 	}
+
+	defer func() {
+		if err := f.Close(); err != nil {
+			log.Err(err).Msgf("failed to close '%s'", filePath)
+		}
+	}()
+
 	if _, err := f.Write(content); err != nil {
 		return err
 	}
-	return f.Close()
+	return nil
 }

e2e/cli_test.go

@@ -231,7 +231,12 @@ func loadTemplates(lines []string, templates testcases.TestTemplates) []string {
 		return []string{}
 	}
 
-	return strings.Split(builder.String(), "\n")
+	t := builder.String()
+
+	builder.Reset()
+	builder = nil
+
+	return strings.Split(t, "\n")
 }
 
 func printTestDetails(output []string) {

pkg/builder/engine/engine.go

@@ -152,12 +152,12 @@ func (e *Engine) expToString(expr hclsyntax.Expression) (string, error) {
 			}
 			return v.AsString(), nil
 		}
-		builder, err := e.buildString(t.Parts)
+		builderString, err := e.buildString(t.Parts)
 		if err != nil {
 			return "", err
 		}
 
-		return builder.String(), nil
+		return builderString, nil
 	case *hclsyntax.TemplateWrapExpr:
 		return e.expToString(t.Wrapped)
 	case *hclsyntax.ObjectConsKeyExpr:
@@ -180,16 +180,23 @@ func (e *Engine) expToString(expr hclsyntax.Expression) (string, error) {
 	return "", fmt.Errorf("can't convert expression %T to string", expr)
 }
 
-func (e *Engine) buildString(parts []hclsyntax.Expression) (strings.Builder, error) {
-	var builder strings.Builder
+func (e *Engine) buildString(parts []hclsyntax.Expression) (string, error) {
+	builder := &strings.Builder{}
+
 	for _, part := range parts {
 		s, err := e.expToString(part)
 		if err != nil {
-			return strings.Builder{}, err
+			return "", err
 		}
 		builder.WriteString(s)
 	}
-	return builder, nil
+
+	s := builder.String()
+
+	builder.Reset()
+	builder = nil
+
+	return s, nil
 }
 
 func (e *Engine) walkConstantItem(item hclsyntax.ObjectConsItem, walkHistory []build.PathItem) error {

pkg/builder/engine/engine_test.go

@@ -2,7 +2,6 @@ package engine
 
 import (
 	"reflect"
-	"strings"
 	"testing"
 
 	build "github.com/Checkmarx/kics/pkg/builder/model"
@@ -108,7 +107,7 @@ func TestEngine_BuildString(t *testing.T) {
 		name    string
 		args    args
 		fields  fields
-		want    strings.Builder
+		want    string
 		wantErr bool
 	}{
 		{
@@ -119,7 +118,7 @@ func TestEngine_BuildString(t *testing.T) {
 			args: args{
 				parts: []hclsyntax.Expression{},
 			},
-			want:    strings.Builder{},
+			want:    "",
 			wantErr: false,
 		},
 	}

pkg/detector/default_detect.go

@@ -33,7 +33,7 @@ func (d defaultDetectLine) DetectLine(file *model.FileMetadata, searchKey string
 		sanitizedSubstring = strings.Replace(sanitizedSubstring, str[0], `{{`+strconv.Itoa(idx)+`}}`, -1)
 	}
 
-	lines := d.SplitLines(file.OriginalData)
+	lines := *file.LinesOriginalData
 	for _, key := range strings.Split(sanitizedSubstring, ".") {
 		substr1, substr2 := GenerateSubstrings(key, extractedString)
 
@@ -56,22 +56,17 @@ func (d defaultDetectLine) DetectLine(file *model.FileMetadata, searchKey string
 
 	return model.VulnerabilityLines{
 		Line:         undetectedVulnerabilityLine,
-		VulnLines:    []model.CodeLine{},
+		VulnLines:    &[]model.CodeLine{},
 		ResolvedFile: detector.ResolvedFile,
 	}
 }
 
-func (d defaultDetectLine) SplitLines(content string) []string {
-	text := strings.ReplaceAll(content, "\r", "")
-	return strings.Split(text, "\n")
-}
-
 func (d defaultDetectLine) prepareResolvedFiles(resFiles map[string]model.ResolvedFile) map[string]model.ResolvedFileSplit {
 	resolvedFiles := make(map[string]model.ResolvedFileSplit)
 	for f, res := range resFiles {
 		resolvedFiles[f] = model.ResolvedFileSplit{
 			Path:  res.Path,
-			Lines: d.SplitLines(string(res.Content)),
+			Lines: *res.LinesContent,
 		}
 	}
 	return resolvedFiles

pkg/detector/default_detect_test.go

@@ -5,11 +5,24 @@ import (
 	"testing"
 
 	"github.com/Checkmarx/kics/pkg/model"
+	"github.com/Checkmarx/kics/pkg/utils"
 	"github.com/Checkmarx/kics/test"
 	"github.com/rs/zerolog"
 	"github.com/stretchr/testify/require"
 )
 
+var OriginalData = `resource "aws_s3_bucket" "b" {
+	bucket = "my-tf-test-bucket"
+	acl    = "authenticated-read"
+
+	tags = {
+	  Name        = "My bucket"
+	  Environment = "Dev.123"
+	  Environment = "test"
+	}
+	  }
+	  `
+
 // Test_detectLine tests the functions [detectLine()] and all the methods called by them
 func Test_detectLine(t *testing.T) { //nolint
 	type args struct {
@@ -29,19 +42,11 @@ func Test_detectLine(t *testing.T) { //nolint
 			name: "detect_line",
 			args: args{
 				file: &model.FileMetadata{
-					ScanID: "scanID",
-					ID:     "Test",
-					Kind:   model.KindTerraform,
-					OriginalData: `resource "aws_s3_bucket" "b" {
-						bucket = "my-tf-test-bucket"
-						acl    = "authenticated-read"
-
-						tags = {
-						  Name        = "My bucket"
-						  Environment = "Dev"
-						}
-					      }
-					      `,
+					ScanID:            "scanID",
+					ID:                "Test",
+					Kind:              model.KindTerraform,
+					OriginalData:      OriginalData,
+					LinesOriginalData: utils.SplitLines(OriginalData),
 				},
 				searchKey: "aws_s3_bucket[b].acl",
 			},
@@ -50,14 +55,14 @@ func Test_detectLine(t *testing.T) { //nolint
 			},
 			want: model.VulnerabilityLines{
 				Line: 3,
-				VulnLines: []model.CodeLine{
+				VulnLines: &[]model.CodeLine{
 					{
 						Position: 2,
-						Line: `						bucket = "my-tf-test-bucket"`,
+						Line: `	bucket = "my-tf-test-bucket"`,
 					},
 					{
 						Position: 3,
-						Line: `						acl    = "authenticated-read"`,
+						Line: `	acl    = "authenticated-read"`,
 					},
 					{
 						Position: 4,
@@ -71,20 +76,11 @@ func Test_detectLine(t *testing.T) { //nolint
 			name: "detect_line_with_curly_brackets",
 			args: args{
 				file: &model.FileMetadata{
-					ScanID: "scanID",
-					ID:     "Test",
-					Kind:   model.KindTerraform,
-					OriginalData: `resource "aws_s3_bucket" "b" {
-						bucket = "my-tf-test-bucket"
-						acl    = "authenticated-read"
-
-						tags = {
-						  Name        = "My bucket"
-						  Environment = "Dev.123"
-						  Environment = "test"
-						}
-					      }
-					      `,
+					ScanID:            "scanID",
+					ID:                "Test",
+					Kind:              model.KindTerraform,
+					OriginalData:      OriginalData,
+					LinesOriginalData: utils.SplitLines(OriginalData),
 				},
 				searchKey: "aws_s3_bucket[b].Environment={{Dev.123}}",
 			},
@@ -93,18 +89,18 @@ func Test_detectLine(t *testing.T) { //nolint
 			},
 			want: model.VulnerabilityLines{
 				Line: 7,
-				VulnLines: []model.CodeLine{
+				VulnLines: &[]model.CodeLine{
 					{
 						Position: 6,
-						Line: `						  Name        = "My bucket"`,
+						Line: `	  Name        = "My bucket"`,
 					},
 					{
 						Position: 7,
-						Line: `						  Environment = "Dev.123"`,
+						Line: `	  Environment = "Dev.123"`,
 					},
 					{
 						Position: 8,
-						Line: `						  Environment = "test"`,
+						Line: `	  Environment = "test"`,
 					},
 				},
 				LineWithVulnerabilty: "",
@@ -114,20 +110,11 @@ func Test_detectLine(t *testing.T) { //nolint
 			name: "detect_line_error",
 			args: args{
 				file: &model.FileMetadata{
-					ScanID: "scanID",
-					ID:     "Test",
-					Kind:   model.KindTerraform,
-					OriginalData: `resource "aws_s3_bucket" "b" {
-						bucket = "my-tf-test-bucket"
-						acl    = "authenticated-read"
-
-						tags = {
-						  Name        = "My bucket"
-						  Environment = "Dev.123"
-						  Environment = "test"
-						}
-					      }
-					      `,
+					ScanID:            "scanID",
+					ID:                "Test",
+					Kind:              model.KindTerraform,
+					OriginalData:      OriginalData,
+					LinesOriginalData: utils.SplitLines(OriginalData),
 				},
 				searchKey: "testing.error",
 			},
@@ -136,7 +123,7 @@ func Test_detectLine(t *testing.T) { //nolint
 			},
 			want: model.VulnerabilityLines{
 				Line:      -1,
-				VulnLines: []model.CodeLine{},
+				VulnLines: &[]model.CodeLine{},
 			},
 		},
 	}
@@ -155,6 +142,10 @@ func Test_detectLine(t *testing.T) { //nolint
 	}
 }
 
+var content = []byte(
+	`content1
+content2`)
+
 func Test_defaultDetectLine_prepareResolvedFiles(t *testing.T) {
 	type args struct {
 		resFiles map[string]model.ResolvedFile
@@ -169,10 +160,9 @@ func Test_defaultDetectLine_prepareResolvedFiles(t *testing.T) {
 			args: args{
 				resFiles: map[string]model.ResolvedFile{
 					"file1": {
-						Content: []byte(
-							`content1
-content2`),
-						Path: "testing/file1",
+						Content:      content,
+						Path:         "testing/file1",
+						LinesContent: utils.SplitLines(string(content)),
 					},
 				},
 			},

pkg/detector/detector.go

@@ -7,7 +7,6 @@ import (
 
 type kindDetectLine interface {
 	DetectLine(file *model.FileMetadata, searchKey string, outputLines int, logWithFields *zerolog.Logger) model.VulnerabilityLines
-	SplitLines(content string) []string
 }
 
 // DetectLine is a struct that associates a kindDetectLine to its FileKind
@@ -50,24 +49,9 @@ func (d *DetectLine) DetectLine(file *model.FileMetadata, searchKey string, logW
 
 // GetAdjecent finds and returns the lines adjecent to the line containing the vulnerability
 func (d *DetectLine) GetAdjecent(file *model.FileMetadata, line int) model.VulnerabilityLines {
-	if det, ok := d.detectors[file.Kind]; ok {
-		return model.VulnerabilityLines{
-			Line:         line,
-			VulnLines:    GetAdjacentVulnLines(line-1, d.outputLines, det.SplitLines(file.OriginalData)),
-			ResolvedFile: file.FilePath,
-		}
-	}
 	return model.VulnerabilityLines{
 		Line:         line,
-		VulnLines:    GetAdjacentVulnLines(line-1, d.outputLines, d.defaultDetector.SplitLines(file.OriginalData)),
+		VulnLines:    GetAdjacentVulnLines(line-1, d.outputLines, *file.LinesOriginalData),
 		ResolvedFile: file.FilePath,
 	}
 }
-
-// SplitLines splits lines splits the file by lines based on the type of file
-func (d *DetectLine) SplitLines(file *model.FileMetadata) []string {
-	if det, ok := d.detectors[file.Kind]; ok {
-		return det.SplitLines(file.OriginalData)
-	}
-	return d.defaultDetector.SplitLines(file.OriginalData)
-}