Skip to content

Adding Fixes to SEC104 rules#541

Merged
eddynaka merged 7 commits into
mainfrom
users/ednakamu/adding-fixes-bannedapi
Aug 26, 2021
Merged

Adding Fixes to SEC104 rules#541
eddynaka merged 7 commits into
mainfrom
users/ednakamu/adding-fixes-bannedapi

Conversation

@eddynaka

@eddynaka eddynaka commented Aug 18, 2021

Copy link
Copy Markdown
Collaborator

Changes

Please provide a brief description of the changes here.

For significant contributions please make sure you have completed the following items:

  • ReleaseHistory.md updated for non-trivial changes
  • Added unit tests

michaelcfanning
michaelcfanning reviewed Aug 25, 2021
View reviewed changes
Comment thread Src/ReleaseHistory.md Outdated

- Plugin Improvement: Required properties will throw exception if they do not exist. [#539](https://github.com/microsoft/sarif-pattern-matcher/pull/539)
- Tool Improvement: Tool will emit fixes with comprehensive region properties. [#540](https://github.com/microsoft/sarif-pattern-matcher/pull/540)
- Tool Improvement: Tool should emit fixes with comprehensive region properties. [#540](https://github.com/microsoft/sarif-pattern-matcher/pull/540)

@michaelcfanning michaelcfanning Aug 25, 2021
edited by eddynaka
Loading

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tool Improvement

Please eliminate this 'tool improvement' tag. Unless you can explain what use we will make for it. #WontFix

@eddynaka eddynaka Aug 26, 2021

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

removed in the certificate pr.

@michaelcfanning

michaelcfanning commented Aug 25, 2021

Copy link
Copy Markdown
Member
  • Regex Improvement: Replacing \b to the correct border regular expression. #533

Does this change eliminate false positives or false negatives? Do you know? That's the information that we need.

Refers to: Src/ReleaseHistory.md:10 in a02f934. [](commit_id = a02f934, deletion_comment = False)

michaelcfanning
michaelcfanning reviewed Aug 25, 2021
View reviewed changes
Comment thread Src/Plugins/Security/SEC104.UseSecureApi.json Outdated
},
"Fixes": {
"replaceInsecureApi": {
"Description": "Replace '_alloca' for '_malloca'.",

@michaelcfanning michaelcfanning Aug 25, 2021
edited by eddynaka
Loading

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for

This should be 'with'.

Replace 'toReplace' with 'theReplacement'.

'For' is used when reversing the identifiers:

Substitute 'theReplacement' for 'toReplace'.

But that latter coinage is less clear.
#Closed

@eddynaka eddynaka Aug 26, 2021

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks.
just replaced.

@eddynaka eddynaka merged commit af49300 into main Aug 26, 2021
@eddynaka eddynaka deleted the users/ednakamu/adding-fixes-bannedapi branch August 26, 2021 13:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michaelcfanning michaelcfanning michaelcfanning left review comments

+1 more reviewer

@Bpendragon Bpendragon Bpendragon approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@eddynaka @michaelcfanning @Bpendragon