From 83f5be4c12d933f8f2b49b6ddca5a2c8804ab9c4 Mon Sep 17 00:00:00 2001
From: Ruaan <ruaan@uafrica.com>
Date: Mon, 11 Apr 2022 12:05:14 +0200
Subject: [PATCH] Prevent false positives when dealing with heavily nested
 objects

---
 audit/audit.go | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/audit/audit.go b/audit/audit.go
index 80a14e0..1907683 100644
--- a/audit/audit.go
+++ b/audit/audit.go
@@ -198,9 +198,21 @@ func GetAllChanges(original interface{}, new interface{}) (map[string]interface{
 					if index := strings.Index(changesJson, split); index > -1 && changesJson != "{" {
 						// Prevent reverse traversal
 						if index > lastOccurrence {
-							lastOccurrence = index
-							lastMatched = split
-							levelsDeep = sIndex
+							// Prevent finding nested keys as opposed to our "change" keys
+							opener := changesJson[index+len(split)+2 : index+len(split)+3]
+							// Prevent a "base level" key from matching a nested key
+							baseLevel := false
+							if index >= 1 {
+								containedBy := changesJson[index-1 : index]
+								if levelsDeep == 0 && (containedBy == "{" || containedBy == "[") {
+									baseLevel = true
+								}
+							}
+							if (opener == "{" || opener == "[") && !baseLevel {
+								lastOccurrence = index
+								lastMatched = split
+								levelsDeep = sIndex
+							}
 						}
 					}
 				}
-- 
GitLab