From 8cba7b5098395a6c39e616570a687b167e618153 Mon Sep 17 00:00:00 2001 From: Jacek Date: Thu, 6 Aug 2020 12:31:21 +0200 Subject: [PATCH] SONAR-13572 Add "Buffer Overflow" security category --- .../src/testFixtures/java/org/sonar/db/SQDatabase.java | 2 +- .../main/java/org/sonar/server/security/SecurityStandards.java | 2 ++ server/sonar-web/src/main/js/helpers/standards.json | 3 +++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/SQDatabase.java b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/SQDatabase.java index 4a2b00fb6e7..60ecaba510b 100644 --- a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/SQDatabase.java +++ b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/SQDatabase.java @@ -29,8 +29,8 @@ import org.apache.ibatis.io.Resources; import org.apache.ibatis.jdbc.ScriptRunner; import org.sonar.api.SonarEdition; import org.sonar.api.SonarQubeSide; -import org.sonar.api.config.internal.Settings; import org.sonar.api.config.internal.MapSettings; +import org.sonar.api.config.internal.Settings; import org.sonar.api.internal.SonarRuntimeImpl; import org.sonar.api.utils.System2; import org.sonar.api.utils.Version; diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java b/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java index 89bb8ab155b..705cbe7f7e0 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java @@ -90,6 +90,7 @@ public final class SecurityStandards { } public enum SQCategory { + BUFFER_OVERFLOW("buffer-overflow", HIGH), SQL_INJECTION("sql-injection", HIGH), COMMAND_INJECTION("command-injection", HIGH), PATH_TRAVERSAL_INJECTION("path-traversal-injection", HIGH), @@ -134,6 +135,7 @@ public final class SecurityStandards { } public static final Map> CWES_BY_SQ_CATEGORY = ImmutableMap.>builder() + .put(SQCategory.BUFFER_OVERFLOW, ImmutableSet.of("119", "120", "131", "676", "788")) .put(SQCategory.SQL_INJECTION, ImmutableSet.of("89", "564")) .put(SQCategory.COMMAND_INJECTION, ImmutableSet.of("77", "78", "88", "214")) .put(SQCategory.PATH_TRAVERSAL_INJECTION, ImmutableSet.of("22")) diff --git a/server/sonar-web/src/main/js/helpers/standards.json b/server/sonar-web/src/main/js/helpers/standards.json index 9ab3ece45b7..e6ffadaa701 100644 --- a/server/sonar-web/src/main/js/helpers/standards.json +++ b/server/sonar-web/src/main/js/helpers/standards.json @@ -3620,6 +3620,9 @@ } }, "sonarsourceSecurity": { + "buffer-overflow": { + "title": "Buffer Overflow" + }, "sql-injection": { "title": "SQL Injection" }, -- 2.39.5