Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
ce50d5c4
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
ce50d5c4
编写于
8月 20, 2019
作者:
R
rossfuhrman
提交者:
Paul Slaughter
8月 20, 2019
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Move SAST reports logic for MR widget to backend
Update spec that is changed in corresponding EE MR
上级
57ec78d5
变更
1
显示空白变更内容
内联
并排
Showing
1 changed file
with
0 addition
and
86 deletion
+0
-86
spec/fixtures/security-reports/feature-branch/gl-sast-report.json
...tures/security-reports/feature-branch/gl-sast-report.json
+0
-86
未找到文件。
spec/fixtures/security-reports/feature-branch/gl-sast-report.json
浏览文件 @
ce50d5c4
...
@@ -856,92 +856,6 @@
...
@@ -856,92 +856,6 @@
"line"
:
4
,
"line"
:
4
,
"url"
:
"https://cwe.mitre.org/data/definitions/119.html"
,
"url"
:
"https://cwe.mitre.org/data/definitions/119.html"
,
"tool"
:
"flawfinder"
"tool"
:
"flawfinder"
},
{
"category"
:
"sast"
,
"message"
:
"Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)"
,
"cve"
:
"c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362"
,
"confidence"
:
"Low"
,
"scanner"
:
{
"id"
:
"flawfinder"
,
"name"
:
"Flawfinder"
},
"location"
:
{
"file"
:
"c/subdir/utils.c"
,
"start_line"
:
8
},
"identifiers"
:
[
{
"type"
:
"cwe"
,
"name"
:
"CWE-362"
,
"value"
:
"362"
,
"url"
:
"https://cwe.mitre.org/data/definitions/362.html"
}
],
"file"
:
"c/subdir/utils.c"
,
"line"
:
8
,
"url"
:
"https://cwe.mitre.org/data/definitions/362.html"
,
"tool"
:
"flawfinder"
},
{
"category"
:
"sast"
,
"message"
:
"Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)"
,
"cve"
:
"cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120"
,
"confidence"
:
"Low"
,
"solution"
:
"Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length"
,
"scanner"
:
{
"id"
:
"flawfinder"
,
"name"
:
"Flawfinder"
},
"location"
:
{
"file"
:
"cplusplus/src/hello.cpp"
,
"start_line"
:
6
},
"identifiers"
:
[
{
"type"
:
"cwe"
,
"name"
:
"CWE-119"
,
"value"
:
"119"
,
"url"
:
"https://cwe.mitre.org/data/definitions/119.html"
},
{
"type"
:
"cwe"
,
"name"
:
"CWE-120"
,
"value"
:
"120"
,
"url"
:
"https://cwe.mitre.org/data/definitions/120.html"
}
],
"file"
:
"cplusplus/src/hello.cpp"
,
"line"
:
6
,
"url"
:
"https://cwe.mitre.org/data/definitions/119.html"
,
"tool"
:
"flawfinder"
},
{
"category"
:
"sast"
,
"message"
:
"Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)"
,
"cve"
:
"cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120"
,
"confidence"
:
"Low"
,
"solution"
:
"Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)"
,
"scanner"
:
{
"id"
:
"flawfinder"
,
"name"
:
"Flawfinder"
},
"location"
:
{
"file"
:
"cplusplus/src/hello.cpp"
,
"start_line"
:
7
},
"identifiers"
:
[
{
"type"
:
"cwe"
,
"name"
:
"CWE-120"
,
"value"
:
"120"
,
"url"
:
"https://cwe.mitre.org/data/definitions/120.html"
}
],
"file"
:
"cplusplus/src/hello.cpp"
,
"line"
:
7
,
"url"
:
"https://cwe.mitre.org/data/definitions/120.html"
,
"tool"
:
"flawfinder"
}
}
]
]
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录