Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fortify Scan Issues #83

Open
ajanett opened this issue Aug 23, 2018 · 2 comments · Fixed by #84 · May be fixed by #105
Open

Fortify Scan Issues #83

ajanett opened this issue Aug 23, 2018 · 2 comments · Fixed by #84 · May be fixed by #105
Labels
enhancement
Projects
CITE

Comments

@ajanett
Copy link
Contributor

ajanett commented Aug 23, 2018

Fortify Scan issues are present in this test package. I will submit a pull request with corrections shortly.

Details:
ets-gpkg12-0.7 Release

CWE ID 022 - External input in the construction of a pathname that is not verified.
TestNGController.java line 80
TestRunArguments.java line 42

CDW ID 089 - SQL Injection due to use of external components in the creation of the SQL command that are not verified.
CommonFixture.java line 181, 225, 291
NonLinearTests.java line 160
TableVerifier.java line 82, 184
DataContentsTests.java line 75
ExtensionsTests.java line 177
TiledGriddedCoverageTests.java lines 268, 381, 502, 510
RTreeIndexTests.java, lines 135, 148, 162, 211
SchemaTests.java, lines 190, 326
FeaturesTests.java, lines 1231, 1293, 1476, 1519
@ajanett ajanett mentioned this issue Aug 28, 2018
Merged
@lgoltz lgoltz added this to To do in CITE via automation Apr 24, 2019
@lgoltz lgoltz moved this from To do to To verify in CITE Apr 24, 2019
@lgoltz lgoltz moved this from To verify to Waiting in CITE Apr 24, 2019
@lgoltz lgoltz assigned ajanett and unassigned dstenger and lgoltz Jul 31, 2019
@dstenger dstenger moved this from Waiting to To verify in CITE Dec 18, 2019
@dstenger dstenger assigned dstenger, lgoltz and ajanett and unassigned ajanett Dec 18, 2019
@dstenger dstenger moved this from To verify to Waiting in CITE Dec 18, 2019
@dstenger dstenger moved this from Waiting to In progress in CITE Apr 29, 2020
CITE automation moved this from In progress to Done Apr 30, 2020
@keshavnangare keshavnangare reopened this May 1, 2020
CITE automation moved this from Done to In progress May 1, 2020
@keshavnangare keshavnangare linked a pull request May 6, 2020 that will close this issue
Open
@keshavnangare
Copy link

Fixed with #105 PR.

@keshavnangare keshavnangare moved this from In progress to To verify in CITE May 6, 2020
@dstenger dstenger assigned dstenger and lgoltz and unassigned keshavnangare and ajanett May 27, 2020
@dstenger
Copy link
Contributor

dstenger commented Mar 5, 2021
edited
Loading

@keshav-nangare

PR #105 seems to replace #84 which was accidentally merged.

However, #84 includes more changes (e.g. 12 changed files). Why is there a difference between those two pull requests?

Also, I think it is better if we keep the original commits of @ajanett (git cherry pick can be used) and include those in your new pull request.

@dstenger dstenger moved this from To verify to In progress in CITE Mar 5, 2021
@dstenger dstenger assigned keshavnangare and unassigned dstenger and lgoltz Mar 5, 2021
@dstenger dstenger moved this from In progress to To verify in CITE Apr 12, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
CITE
  
To verify
Milestone
No milestone
4 participants
@dstenger @lgoltz @keshavnangare @ajanett