修改准则:应使用单向加密算法对口令进行加密并存储,优化语句提示

wuhaoyang
wuhaoyang 10 months ago
parent 9d6f3c0c13
commit ab624b4e0a
  1. 2
      sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/EncryptionAlgorithmChecker.java
  2. 2
      sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/EncryptionAlgorithmCheckerTest.java

@ -65,7 +65,7 @@ public class EncryptionAlgorithmChecker extends SquidCheck<Grammar> {
}
cache.values().forEach(item->{
System.out.println("特定字段"+item.getFirstDescendant(CxxGrammarImpl.declaratorId).getTokenOriginalValue()+"未使用单向加密算法对口令进行加密并存储");
getContext().createLineViolation(this, "单向加密算法对口令进行加密并存储", item);
getContext().createLineViolation(this, "特定字段未使用单向加密算法对口令进行加密并存储", item);
});
}
}

@ -29,7 +29,7 @@ public class EncryptionAlgorithmCheckerTest {
var tester = CxxFileTesterHelper.create("EncryptionAlgorithmChecker.cc");
SourceFile file = CxxAstScanner.scanSingleInputFile(tester.asInputFile(), checker);
CheckMessagesVerifier.verify(file.getCheckMessages())
.next().atLine(8).withMessage("特定字段未使用VirtualLock()函数锁定存放敏感信息的内存")
.next().atLine(8).withMessage("特定字段未使用单向加密算法对口令进行加密并存储")
.noMore();
}

Loading…
Cancel
Save