ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Nightly update

Browse Source
This commit is contained in:
sonartech 2021-05-29 01:19:26 +00:00
parent 4af487c000
commit bc226d6049
14 changed files with 66 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
rules/S3649/see.adoc
View File

@ -2,8 +2,8 @@
* OWASP SQL Injection Prevention https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html[Cheat Sheet]
* https://www.owasp.org/index.php/Top_10-2017_A1-Injection[OWASP Top 10 2017 Category A1] - Injection
* http://cwe.mitre.org/data/definitions/89[MITRE, CWE-89] - Improper Neutralization of Special Elements used in an SQL Command
* http://cwe.mitre.org/data/definitions/20.html[MITRE, CWE-20] - Improper Input Validation
* http://cwe.mitre.org/data/definitions/943.html[MITRE, CWE-943] - Improper Neutralization of Special Elements in Data Query Logic
* https://cwe.mitre.org/data/definitions/89[MITRE, CWE-89] - Improper Neutralization of Special Elements used in an SQL Command
* https://cwe.mitre.org/data/definitions/20.html[MITRE, CWE-20] - Improper Input Validation
* https://cwe.mitre.org/data/definitions/943.html[MITRE, CWE-943] - Improper Neutralization of Special Elements in Data Query Logic
* https://wiki.sei.cmu.edu/confluence/x/ITdGBQ[CERT, IDS00-J.] - Prevent SQL injection
* https://www.sans.org/top25-software-errors/#cat1[SANS Top 25] - Insecure Interaction Between Components

14
rules/S3796/javascript/rule.adoc
View File

@ -1,4 +1,5 @@
Arrays in JavaScript have several methods for filtering, mapping or folding that require a callback. Not having a return statement in such a callback function is most likely a mistake.
Arrays in JavaScript have several methods for filtering, mapping, or folding that require a callback. Not having a return statement in such a callback function is most likely a mistake, because processing of the array uses the return value of the callback. If there is no return, callback will implicitly return ``++undefined++``, which will likely fail.
This rule applies for the following methods of an array:
@ -17,18 +18,21 @@ This rule applies for the following methods of an array:
== Noncompliant Code Example
----
var merged = arr.reduce(function(a, b) {
let arr = ["a", "b", "c"];
let merged = arr.reduce(function(a, b) {
a.concat(b);
}); // Noncompliant: No return statement
}); // Noncompliant: No return statement, will result in TypeError
----
== Compliant Solution
----
var merged = arr.reduce(function(a, b) {
let arr = ["a", "b", "c"];
let merged = arr.reduce(function(a, b) {
return a.concat(b);
});
}); // merged === "abc"
----

3
rules/S6287/csharp/metadata.json Normal file
View File

@ -0,0 +1,3 @@
{
}

1
rules/S6287/csharp/rule.adoc Normal file
View File

@ -0,0 +1 @@
include::../rule.adoc[]

3
rules/S6287/java/metadata.json Normal file
View File

@ -0,0 +1,3 @@
{
}

1
rules/S6287/java/rule.adoc Normal file
View File

@ -0,0 +1 @@
include::../rule.adoc[]

3
rules/S6287/javascript/metadata.json Normal file
View File

@ -0,0 +1,3 @@
{
}

1
rules/S6287/javascript/rule.adoc Normal file
View File

@ -0,0 +1 @@
include::../rule.adoc[]

22
rules/S6287/metadata.json Normal file
View File

@ -0,0 +1,22 @@
{
"title": "HTTP responses should not be vulnerable to session fixation",
"type": "VULNERABILITY",
"status": "ready",
"tags": [
],
"extra": {
"coveredLanguages": [
],
"replacementRules": [
]
},
"ruleSpecification": "RSPEC-6287",
"sqKey": "S6287",
"scope": "Main",
"defaultQualityProfiles": [
"Sonar way"
]
}

3
rules/S6287/php/metadata.json Normal file
View File

@ -0,0 +1,3 @@
{
}

1
rules/S6287/php/rule.adoc Normal file
View File

@ -0,0 +1 @@
include::../rule.adoc[]

3
rules/S6287/python/metadata.json Normal file
View File

@ -0,0 +1,3 @@
{
}

1
rules/S6287/python/rule.adoc Normal file
View File

@ -0,0 +1 @@
include::../rule.adoc[]

12
rules/S6287/rule.adoc Normal file
View File

@ -0,0 +1,12 @@
User provided data, such as URL parameters, should always be considered untrusted and tainted. Constructing cookies directly from tainted data enables attackers to set the session identifier to a known value, allowing the attacker to share the session with the victim. Successful attacks might result in unauthorized access to sensitive information, for example if the session identifier is not regenerated when the victim authenticates.
Typically, the solution to prevent this type of attack is to restrict the cookies that can be influenced with an allow-list.
== See
* https://www.owasp.org/index.php/Top_10-2017_A1-Injection[OWASP Top 10 2017 Category A1] - Injection
* https://cwe.mitre.org/data/definitions/348.html[MITRE, CWE-348] - Use of Less Trusted Source