Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
13776 views

About Suppression Rule

rule ID, like the picture "RuleID1",if this is a false issue,it matched 6 rules.

picture:RuleID1

 

RuleID1.png

like the picture "RuleID2",if I want to write a Suppression Rule,which ruleid should I fill out.

RuleID2.png

picture:RuleID2

 

Labels (1)
0 Likes
3 Replies
Absent Member.
Absent Member.

JP,

In the main list in the Audit Workbench.  Locate the error you want to suppress (perhaps because you have written a method that Fortify does not recognize to mitigate the issue).  Select that error, and the source file will be displayed in the center window.  Right click on the method you want to suppress errors for and right-click on top of it.  Pick "Write a Rule for This Function."  From the dialog that is presented select "Suppression Rule" (at the bottom) and use the Wizard to generate your custom rule.

Mike Sheely

0 Likes
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class

Thank you for your support。I'll give you a reply after the test。

发件人: protect724-bounces@hp.com 代表 Mike Sheely

发送时间: 2015年11月19日 5:18

收件人: JP Lee <lijianping@sys-test.com.cn>

主题: Re: - About Suppression Rule

<https://protect724.hp.com/> Protect724

About Suppression Rule

reply from Mike Sheely <https://protect724.hp.com/people/michael.sheely.ctr%40mcw.usmc.mil?et=watches.email.thread> in Fortify - View the full discussion <https://protect724.hp.com/message/73402?et=watches.email.thread#73402>

0 Likes
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class

The attachment picture is how I do test:

1、 On the picture function.png , right-click on function concept1(),Pick "Show matched rules."

2、 On the picture Matched rules.png,you can see that function concept1() is not matched any rules;

3、 On the picture RuleID.png,what RuleID I shouled fill in?

4、 On the picture Issues.png,you can see that function concepti() contain a Cross-Site Scripting (XSS) issue

发件人: protect724-bounces@hp.com 代表 Mike Sheely

发送时间: 2015年11月19日 5:18

收件人: JP Lee <lijianping@sys-test.com.cn>

主题: Re: - About Suppression Rule

<https://protect724.hp.com/> Protect724

About Suppression Rule

reply from Mike Sheely <https://protect724.hp.com/people/michael.sheely.ctr%40mcw.usmc.mil?et=watches.email.thread> in Fortify - View the full discussion <https://protect724.hp.com/message/73402?et=watches.email.thread#73402>

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.