Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fortify Scan Issues #83

Open
ajanett opened this issue Aug 23, 2018 · 2 comments · Fixed by #84 · May be fixed by #105
Open

Fortify Scan Issues #83

ajanett opened this issue Aug 23, 2018 · 2 comments · Fixed by #84 · May be fixed by #105
Labels
enhancement

Comments

@ajanett
Copy link
Contributor

ajanett commented Aug 23, 2018

Fortify Scan issues are present in this test package. I will submit a pull request with corrections shortly.

Details:
ets-gpkg12-0.7 Release

CWE ID 022 - External input in the construction of a pathname that is not verified.
TestNGController.java line 80
TestRunArguments.java line 42

CDW ID 089 - SQL Injection due to use of external components in the creation of the SQL command that are not verified.
CommonFixture.java line 181, 225, 291
NonLinearTests.java line 160
TableVerifier.java line 82, 184
DataContentsTests.java line 75
ExtensionsTests.java line 177
TiledGriddedCoverageTests.java lines 268, 381, 502, 510
RTreeIndexTests.java, lines 135, 148, 162, 211
SchemaTests.java, lines 190, 326
FeaturesTests.java, lines 1231, 1293, 1476, 1519
@ajanett ajanett mentioned this issue Aug 28, 2018
Merged
@lgoltz lgoltz assigned ajanett and unassigned dstenger and lgoltz Jul 31, 2019
@dstenger dstenger assigned dstenger, lgoltz and ajanett and unassigned ajanett Dec 18, 2019
@keshavnangare keshavnangare reopened this May 1, 2020
@keshavnangare keshavnangare linked a pull request May 6, 2020 that will close this issue
Open
@keshavnangare
Copy link

Fixed with #105 PR.

@dstenger dstenger assigned dstenger and lgoltz and unassigned keshavnangare and ajanett May 27, 2020
@dstenger
Copy link
Contributor

dstenger commented Mar 5, 2021
edited
Loading

@keshav-nangare

PR #105 seems to replace #84 which was accidentally merged.

However, #84 includes more changes (e.g. 12 changed files). Why is there a difference between those two pull requests?

Also, I think it is better if we keep the original commits of @ajanett (git cherry pick can be used) and include those in your new pull request.

@dstenger dstenger assigned keshavnangare and unassigned dstenger and lgoltz Mar 5, 2021
@dstenger dstenger added this to CITE Aug 1, 2024
@dstenger dstenger moved this to To verify in CITE Aug 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
CITE
Status: To verify
Milestone
No milestone
4 participants
@dstenger @lgoltz @keshavnangare @ajanett