From 14c397c91b7f35ee10d50798b7646f9c52ce8f4a Mon Sep 17 00:00:00 2001 From: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> Date: Thu, 27 Oct 2022 12:54:22 +0200 Subject: [PATCH] Modify rule S1313: Add exceptions for ranges used for documentation purposes (#1222) --- rules/S1313/csharp/rule.adoc | 11 ++++++++++- rules/S1313/vbnet/rule.adoc | 11 ++++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/rules/S1313/csharp/rule.adoc b/rules/S1313/csharp/rule.adoc index 2dea34aaaf..3b5901ee61 100644 --- a/rules/S1313/csharp/rule.adoc +++ b/rules/S1313/csharp/rule.adoc @@ -19,7 +19,16 @@ var ip = ConfigurationManager.AppSettings["myapplication.ip"]; var address = IPAddress.Parse(ip); ---- -include::../exceptions.adoc[] +== Exceptions + +No issue is reported for the following cases because they are not considered sensitive: + +* Loopback addresses 127.0.0.0/8 in CIDR notation (from 127.0.0.0 to 127.255.255.255) +* Broadcast address 255.255.255.255 +* Non-routable address 0.0.0.0 +* Strings of the form ``++2.5..++`` as they http://www.oid-info.com/introduction.htm[often match Object Identifiers] (OID) +* Addresses in the ranges 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, reserved for documentation purposes by https://datatracker.ietf.org/doc/html/rfc5737[RFC 5737] +* Addresses in the range 2001:db8::/32, reserved for documentation purposes by https://datatracker.ietf.org/doc/html/rfc3849[RFC 3849] include::../see.adoc[] diff --git a/rules/S1313/vbnet/rule.adoc b/rules/S1313/vbnet/rule.adoc index 298778ca87..4cade5dec7 100644 --- a/rules/S1313/vbnet/rule.adoc +++ b/rules/S1313/vbnet/rule.adoc @@ -19,7 +19,16 @@ Dim ip = ConfigurationManager.AppSettings("myapplication.ip") ' Compliant Dim address = IPAddress.Parse(ip) ---- -include::../exceptions.adoc[] +== Exceptions + +No issue is reported for the following cases because they are not considered sensitive: + +* Loopback addresses 127.0.0.0/8 in CIDR notation (from 127.0.0.0 to 127.255.255.255) +* Broadcast address 255.255.255.255 +* Non-routable address 0.0.0.0 +* Strings of the form ``++2.5..++`` as they http://www.oid-info.com/introduction.htm[often match Object Identifiers] (OID) +* Addresses in the ranges 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, reserved for documentation purposes by https://datatracker.ietf.org/doc/html/rfc5737[RFC 5737] +* Addresses in the range 2001:db8::/32, reserved for documentation purposes by https://datatracker.ietf.org/doc/html/rfc3849[RFC 3849] include::../see.adoc[]