 wuhaoyang
|
5529fed8a2
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
 renfengshan
|
000f2d50e5
|
更新“应返回该私有数值的副本”准则
|
8 months ago |
|
wuhaoyang
|
9e2e3d1f0e
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
|
renfengshan
|
423d63d4f2
|
更新“应返回该私有数值的副本”准则
|
8 months ago |
|
wuhaoyang
|
e76715936e
|
武浩阳 工作暂存
|
8 months ago |
|
wuhaoyang
|
b4147782d6
|
修改c++封头
|
8 months ago |
|
wuhaoyang
|
b6e02e866c
|
优化java配置文件被测件
|
8 months ago |
|
wuhaoyang
|
c480a220c7
|
添加java配置文件被测件
|
8 months ago |
Guo XIn
|
4266e434e6
|
修复:因增加项目级检查导致单元测试执行失败的问题
|
8 months ago |
|
Guo XIn
|
7355607511
|
修复:使用realloc函数前应先清空敏感信息规则检查误报的问题
|
8 months ago |
|
Guo XIn
|
9211d5e728
|
修复:mvn verify命令执行失败的问题
|
8 months ago |
|
wuhaoyang
|
9e87bd6efb
|
添加java被测件
|
8 months ago |
|
wuhaoyang
|
45501f46f4
|
修改配置
|
8 months ago |
|
wuhaoyang
|
395f16889e
|
优化准则
|
8 months ago |
|
wuhaoyang
|
8dbb0daa4a
|
删除测试类无用代码
|
8 months ago |
|
wuhaoyang
|
292ff060d6
|
优化Java被测件
|
8 months ago |
|
wuhaoyang
|
07c325f619
|
添加规则条数
|
8 months ago |
RenFengJiang
|
10ac3cc724
|
优化:优化误报问题
|
8 months ago |
|
RenFengJiang
|
99060ade51
|
优化:优化被测件
|
8 months ago |
|
wuhaoyang
|
064bb0309e
|
优化准则:在程序中指定允许访问的文件或目录,在访问文件或目录前对路径名进行验证,确保仅允许访问指定的文件或目录
|
8 months ago |
|
wuhaoyang
|
28d4ce998d
|
优化准则:应使用单向加密算法对口令进行加密并存储
|
8 months ago |
|
Guo XIn
|
c0365cb297
|
新增准则:应通过用户名口令、数字证书等其他手段对主机身份进行鉴别
|
8 months ago |
|
RenFengJiang
|
aaee78b3fd
|
优化:添加获取判断中参数方式
|
8 months ago |
|
RenFengJiang
|
b2e20c1dec
|
优化:参数校验方法
|
8 months ago |
|
RenFengJiang
|
6ad1ea9a4a
|
优化:获取if中参数方法
|
8 months ago |
|
wuhaoyang
|
7699baf98d
|
更新文件头信息
|
8 months ago |
|
wuhaoyang
|
13bdd79c5b
|
新增准则:确保向所有格式字符串函数都传递一个不能由用户控制的静态格式化字符串,并且向该函数发送正确数量的参数。
|
8 months ago |
|
wuhaoyang
|
ab4ae0f844
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
|
RenFengJiang
|
38e3e658b3
|
新增:java对用户进行身份鉴别并建立一个新的会话时让原来的会话失效
|
8 months ago |
|
RenFengJiang
|
c70be3539f
|
新增:java将页面隐藏域字段、Cookie、URL等关键参数缓存到服务器端的会话中
|
8 months ago |
|
wuhaoyang
|
df706d522d
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
|
Guo XIn
|
5ce8feea75
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
|
Guo XIn
|
4cd845ed64
|
新增准则:建议将页面隐藏域字段、Cookie、URL等关键参数缓存到服务器端的会话中,并通过会话获取(未完成)
|
8 months ago |
|
wuhaoyang
|
57830d9d69
|
Merge remote-tracking branch 'origin/master'
# Conflicts:
# sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/ConfigurationFileChecker.java
|
8 months ago |
|
wuhaoyang
|
32dba7da4a
|
优化准则:通过用户名口令、数据证书等其他手段对用户身份进行验证。
|
8 months ago |
|
RenFengJiang
|
ac4eee2647
|
优化:java添加规则描述信息
|
8 months ago |
|
RenFengJiang
|
24ccac44f7
|
新增:C++应使用目前被业界专家认为较强的经过良好审核的加密PRNG算法
|
8 months ago |
|
Guo XIn
|
05ced611ef
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
|
wuhaoyang
|
a52d36b1d4
|
优化准则被测件:通过用户名口令、数据证书等其他手段对用户身份进行验证。
|
8 months ago |
|
RenFengJiang
|
58cd99cd41
|
新增:java设置会话过期的日期
|
8 months ago |
|
wuhaoyang
|
338b45a24d
|
新增准则:通过用户名口令、数据证书等其他手段对用户身份进行验证。
|
8 months ago |
|
Guo XIn
|
bd8f3af97b
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
|
wuhaoyang
|
f04961c259
|
优化准则:禁止在容易受攻击的地方明文存储口令密码。如果需要,考虑存储口令的单向加密散列,以替代明文口令存储。(xml,yml,json)
|
8 months ago |
|
wuhaoyang
|
89eee52523
|
优化:调整被测件问题所在行的行号
|
8 months ago |
|
Guo XIn
|
4156850164
|
Merge remote-tracking branch 'origin/master'
|
8 months ago |
|
wuhaoyang
|
3818b0832d
|
新家准则:禁止在容易受攻击的地方明文存储口令密码,如果需要,考虑存储口令的单向加密散列,以替代明文口令存储。(ini,properties,conf)
|
8 months ago |
|
wuhaoyang
|
0061c15772
|
添加ini,properties,conf文件扫描配置
|
8 months ago |
|
RenFengJiang
|
c7b633deab
|
新增:c++使用关键资源时指定资源所在的路径
|
8 months ago |
|
RenFengJiang
|
bc6de1a45e
|
新增:Java应设置X-Frame-Options的值为deny
|
8 months ago |
|
Guo XIn
|
c0120595bc
|
新增被测件:html和jsp
|
8 months ago |
