Highlighted
valerie1
New Member.
195 views

Fortify SSC Duplicate Findings

Hi All,

I would like to ask you for your help. I found out that Fortify scan show duplicate findings (the same 'Primary Location' of issue) in some cases.  Do you know how to solve it?

Thank you in advance.

Kind regards,

Valerie

0 Likes
1 Reply
Contributor.. rhelsens Contributor..
Contributor..

Re: Fortify SSC Duplicate Findings

Hi Valerie,

From my experience this is caused by different routes the scanner took to the line of vulnerable code.

The scanner can take a different code path which ends at this location, I believe you can see the path it took by looking at the stack trace.

So even though there may be only one instance of the issue, the scan results create these 'duplicate' findings for each path it took.

Rodney

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.