In repeat scans, Fortify reported new issues from the files which are not changed - Micro Focus Community

shahdhruvin · ‎2015-08-25

Fortify scan reported some issues in the files which are not changed since March. (for 6 months now)

Previous scan were not showing these issues.

I do not understand why we are seeing those issues now in recent scans.

sandroffsilva · ‎2015-08-25

I'm having the same problem. I made three different scans in the exactly same file and got three different results.
Did you solve this?

shahdhruvin · ‎2015-08-25

No solution yet.

I want to investigate below possibilities:

- One possibility is that, some errors/exceptions on these files has pre-maturely aborted the scans, which have finished fine in recent scan. The scan logs might come handy to reveal more.

- Second possibility is that – Issues are often related to more than one files. Code change in file A can lead to new issues in unchanged file B, if the code path connects these A and B files.

Do you think any of the above happened in your case?

sandroffsilva · ‎2015-08-26

Maybe the first possibility that you mentioned. I don't believe the second one may be my problem because files weren't modified.

Other thing that I noticed is that WebInspect run into the same problem.