diff options
author | Paul Slaughter <pslaughter@gitlab.com> | 2019-08-20 13:29:24 +0000 |
---|---|---|
committer | Paul Slaughter <pslaughter@gitlab.com> | 2019-08-20 13:29:24 +0000 |
commit | 4e066a072da58d3c45b3c9c56f8dcf8e2b69b89b (patch) | |
tree | ee3e0dd7b71d2af498eaccf94b1906f6e4fa0f49 | |
parent | 57ec78d53066cf9184859a0202609eb01567eab9 (diff) | |
parent | ce50d5c45158723925b098f7e0033963841137ff (diff) | |
download | gitlab-ce-4e066a072da58d3c45b3c9c56f8dcf8e2b69b89b.tar.gz |
Merge branch 'rf-move-sast-reports-to-mr-widget-backend' into 'master'
Move SAST reports logic for MR widget to backend
See merge request gitlab-org/gitlab-ce!31770
-rw-r--r-- | spec/fixtures/security-reports/feature-branch/gl-sast-report.json | 86 |
1 files changed, 0 insertions, 86 deletions
diff --git a/spec/fixtures/security-reports/feature-branch/gl-sast-report.json b/spec/fixtures/security-reports/feature-branch/gl-sast-report.json index 4bef3d22f70..27c8661013a 100644 --- a/spec/fixtures/security-reports/feature-branch/gl-sast-report.json +++ b/spec/fixtures/security-reports/feature-branch/gl-sast-report.json @@ -856,92 +856,6 @@ "line": 4, "url": "https://cwe.mitre.org/data/definitions/119.html", "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)", - "cve": "c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362", - "confidence": "Low", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { - "file": "c/subdir/utils.c", - "start_line": 8 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-362", - "value": "362", - "url": "https://cwe.mitre.org/data/definitions/362.html" - } - ], - "file": "c/subdir/utils.c", - "line": 8, - "url": "https://cwe.mitre.org/data/definitions/362.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", - "cve": "cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120", - "confidence": "Low", - "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { - "file": "cplusplus/src/hello.cpp", - "start_line": 6 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-119", - "value": "119", - "url": "https://cwe.mitre.org/data/definitions/119.html" - }, - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "cplusplus/src/hello.cpp", - "line": 6, - "url": "https://cwe.mitre.org/data/definitions/119.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)", - "cve": "cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120", - "confidence": "Low", - "solution": "Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { - "file": "cplusplus/src/hello.cpp", - "start_line": 7 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "cplusplus/src/hello.cpp", - "line": 7, - "url": "https://cwe.mitre.org/data/definitions/120.html", - "tool": "flawfinder" } ] } |