From bf72025b9b606bf5ec4c2115daab469de2bf0090 Mon Sep 17 00:00:00 2001
From: Urjit Singh Bhatia <urjitsb87@gmail.com>
Date: Tue, 14 Apr 2020 17:29:36 -0700
Subject: [PATCH] Ignore inline whitelist comments, pass checkid to filter
 ignores specifically for checks

---
 include/outputs | 5 +++++
 prowler         | 5 +++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/include/outputs b/include/outputs
index c89350b5..3f4a44c7 100644
--- a/include/outputs
+++ b/include/outputs
@@ -107,7 +107,12 @@ textFail(){
   ## ignore whitelists for current check
   level="FAIL"
   for i in $IGNORES; do
+    ignore_check_name="${i%:*}"
     ignore_value="${i#*${CHECK_NAME}:}"
+    if [[ ${ignore_check_name} != "${CHECK_NAME}" ]]; then
+      # not for this check
+      continue
+    fi
     if [[ $1 =~ ${ignore_value} ]]; then
       level="WARNING"
       break
diff --git a/prowler b/prowler
index 05ee1e00..4e027eb2 100755
--- a/prowler
+++ b/prowler
@@ -218,7 +218,8 @@ REGIONS=$($AWSCLI ec2 describe-regions --query 'Regions[].RegionName' \
 # Pre-process whitelist file if supplied
 if [[ -n "$WHITELIST_FILE" ]]; then
   # ignore lines starting with # (comments)
-  WHITELIST=$(awk   '!/^[[:space:]]*#/{print }' <(cat "$WHITELIST_FILE"))
+  # ignore inline comments: check1:foo # inline comment
+  WHITELIST=$(awk '!/^[[:space:]]*#/{print }' <(cat "$WHITELIST_FILE") | sed 's/[[:space:]]*#.*$//g')
 fi
 
 # Load all of the groups of checks inside groups folder named as "groupNumber*"
@@ -288,7 +289,7 @@ execute_check() {
       show_check_title "$1"
       ignores=$(awk '/${1}/{print}' <(echo "${WHITELIST}"))
       # set the custom ignores list for this check
-      IGNORES="${ignores}" $1
+      IGNORES="${ignores}" CHECK_NAME="$1" $1
     else
       textFail "ERROR! Use a valid check name (i.e. check41 or extra71)";
       exit $EXITCODE