This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
hiyasuperman
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
‎2015-11-16 01:57
13767 views

About Suppression Rule

rule ID, like the picture "RuleID1",if this is a false issue,it matched 6 rules.

picture:RuleID1

 

RuleID1.png

like the picture "RuleID2",if I want to write a Suppression Rule,which ruleid should I fill out.

RuleID2.png

picture:RuleID2

 

Labels (1)
Labels
0 Likes
Reply
Report Inappropriate Content
3 Replies
michael.sheely.1
Absent Member.
Absent Member.
‎2015-11-18 21:17

JP,

In the main list in the Audit Workbench.  Locate the error you want to suppress (perhaps because you have written a method that Fortify does not recognize to mitigate the issue).  Select that error, and the source file will be displayed in the center window.  Right click on the method you want to suppress errors for and right-click on top of it.  Pick "Write a Rule for This Function."  From the dialog that is presented select "Suppression Rule" (at the bottom) and use the Wizard to generate your custom rule.

Mike Sheely

0 Likes
Reply
Report Inappropriate Content
hiyasuperman
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
‎2015-11-19 05:16

Thank you for your support。I'll give you a reply after the test。

发件人: protect724-bounces@hp.com 代表 Mike Sheely

发送时间: 2015年11月19日 5:18

收件人: JP Lee <lijianping@sys-test.com.cn>

主题: Re: - About Suppression Rule

<https://protect724.hp.com/> Protect724

About Suppression Rule

reply from Mike Sheely <https://protect724.hp.com/people/michael.sheely.ctr%40mcw.usmc.mil?et=watches.email.thread> in Fortify - View the full discussion <https://protect724.hp.com/message/73402?et=watches.email.thread#73402>

0 Likes
Reply
Report Inappropriate Content
hiyasuperman
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
‎2015-11-19 09:21

The attachment picture is how I do test:

1、 On the picture function.png , right-click on function concept1(),Pick "Show matched rules."

2、 On the picture Matched rules.png,you can see that function concept1() is not matched any rules;

3、 On the picture RuleID.png,what RuleID I shouled fill in?

4、 On the picture Issues.png,you can see that function concepti() contain a Cross-Site Scripting (XSS) issue

发件人: protect724-bounces@hp.com 代表 Mike Sheely

发送时间: 2015年11月19日 5:18

收件人: JP Lee <lijianping@sys-test.com.cn>

主题: Re: - About Suppression Rule

<https://protect724.hp.com/> Protect724

About Suppression Rule

reply from Mike Sheely <https://protect724.hp.com/people/michael.sheely.ctr%40mcw.usmc.mil?et=watches.email.thread> in Fortify - View the full discussion <https://protect724.hp.com/message/73402?et=watches.email.thread#73402>

Preview file
7 KB
Preview file
19 KB
Preview file
19 KB
Preview file
49 KB
0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.