From e3e67e0b0d4d16ecde3225e2015dd93d2c097130 Mon Sep 17 00:00:00 2001 From: Cristian Ambrosini <114916336+cristian-ambrosini-sonarsource@users.noreply.github.com> Date: Wed, 17 Jan 2024 09:44:31 +0100 Subject: [PATCH] RSPEC update (#8553) --- analyzers/rspec/cs/S106.html | 4 +-- analyzers/rspec/cs/S1104.html | 2 +- analyzers/rspec/cs/S112.html | 2 +- analyzers/rspec/cs/S1121.html | 2 +- analyzers/rspec/cs/S1125.html | 2 +- analyzers/rspec/cs/S1134.html | 2 +- analyzers/rspec/cs/S1135.html | 2 +- analyzers/rspec/cs/S1206.html | 2 +- analyzers/rspec/cs/S131.html | 2 +- analyzers/rspec/cs/S1313.html | 6 ++--- analyzers/rspec/cs/S1696.html | 2 +- analyzers/rspec/cs/S1698.html | 4 +-- analyzers/rspec/cs/S1854.html | 2 +- analyzers/rspec/cs/S1944.html | 4 +-- analyzers/rspec/cs/S2053.html | 10 +++---- analyzers/rspec/cs/S2068.html | 10 +++---- analyzers/rspec/cs/S2077.html | 9 +++---- analyzers/rspec/cs/S2092.html | 14 +++++----- analyzers/rspec/cs/S2115.html | 14 +++++----- analyzers/rspec/cs/S2184.html | 2 +- analyzers/rspec/cs/S2221.html | 2 +- analyzers/rspec/cs/S2222.html | 2 +- analyzers/rspec/cs/S2225.html | 2 +- analyzers/rspec/cs/S2245.html | 20 +++++++------- analyzers/rspec/cs/S2257.html | 8 +++--- analyzers/rspec/cs/S2259.html | 2 +- analyzers/rspec/cs/S2386.html | 4 +-- analyzers/rspec/cs/S2445.html | 4 +-- analyzers/rspec/cs/S2486.html | 10 +++---- analyzers/rspec/cs/S2583.html | 4 +-- analyzers/rspec/cs/S2589.html | 4 +-- analyzers/rspec/cs/S2612.html | 10 +++---- analyzers/rspec/cs/S2681.html | 2 +- analyzers/rspec/cs/S2755.html | 10 +++---- analyzers/rspec/cs/S2930.html | 2 +- analyzers/rspec/cs/S2931.html | 2 +- analyzers/rspec/cs/S2952.html | 2 +- analyzers/rspec/cs/S3329.html | 16 ++++++------ analyzers/rspec/cs/S3330.html | 8 +++--- analyzers/rspec/cs/S3655.html | 2 +- analyzers/rspec/cs/S3871.html | 4 +-- analyzers/rspec/cs/S3884.html | 8 +++--- analyzers/rspec/cs/S4036.html | 10 +++---- analyzers/rspec/cs/S4212.html | 8 +++--- analyzers/rspec/cs/S4423.html | 8 +++--- analyzers/rspec/cs/S4426.html | 24 ++++++++--------- analyzers/rspec/cs/S4433.html | 8 +++--- analyzers/rspec/cs/S4487.html | 2 +- analyzers/rspec/cs/S4502.html | 8 +++--- analyzers/rspec/cs/S4507.html | 10 +++---- analyzers/rspec/cs/S4663.html | 4 +-- analyzers/rspec/cs/S4790.html | 20 +++++++------- analyzers/rspec/cs/S4792.html | 16 ++++++------ analyzers/rspec/cs/S4830.html | 26 +++++++++---------- analyzers/rspec/cs/S5042.html | 11 ++++---- analyzers/rspec/cs/S5122.html | 14 +++++----- analyzers/rspec/cs/S5332.html | 18 ++++++------- analyzers/rspec/cs/S5443.html | 12 ++++----- analyzers/rspec/cs/S5445.html | 10 +++---- analyzers/rspec/cs/S5542.html | 14 +++++----- analyzers/rspec/cs/S5547.html | 14 +++++----- analyzers/rspec/cs/S5659.html | 14 +++++----- analyzers/rspec/cs/S5693.html | 10 +++---- analyzers/rspec/cs/S5753.html | 10 +++---- analyzers/rspec/cs/S5766.html | 10 +++---- analyzers/rspec/cs/S6444.html | 8 +++--- analyzers/rspec/cs/S6507.html | 4 +-- analyzers/rspec/cs/S6602.html | 24 ++++++++--------- analyzers/rspec/cs/S6603.html | 24 ++++++++--------- analyzers/rspec/cs/S6605.html | 24 ++++++++--------- analyzers/rspec/cs/S6607.html | 19 +++++++------- analyzers/rspec/cs/S6608.html | 7 ++++- analyzers/rspec/cs/S6609.html | 8 +++++- analyzers/rspec/cs/S6640.html | 2 +- analyzers/rspec/vbnet/S112.html | 2 +- analyzers/rspec/vbnet/S1125.html | 2 +- analyzers/rspec/vbnet/S1134.html | 2 +- analyzers/rspec/vbnet/S1135.html | 2 +- analyzers/rspec/vbnet/S131.html | 2 +- analyzers/rspec/vbnet/S1313.html | 6 ++--- analyzers/rspec/vbnet/S1944.html | 4 +-- analyzers/rspec/vbnet/S2053.html | 10 +++---- analyzers/rspec/vbnet/S2068.html | 10 +++---- analyzers/rspec/vbnet/S2077.html | 9 +++---- analyzers/rspec/vbnet/S2222.html | 2 +- analyzers/rspec/vbnet/S2225.html | 6 ++--- analyzers/rspec/vbnet/S2257.html | 8 +++--- analyzers/rspec/vbnet/S2259.html | 2 +- analyzers/rspec/vbnet/S2583.html | 4 +-- analyzers/rspec/vbnet/S2589.html | 4 +-- analyzers/rspec/vbnet/S2612.html | 10 +++---- analyzers/rspec/vbnet/S3329.html | 16 ++++++------ analyzers/rspec/vbnet/S3655.html | 2 +- analyzers/rspec/vbnet/S3871.html | 4 +-- analyzers/rspec/vbnet/S3884.html | 8 +++--- analyzers/rspec/vbnet/S4036.html | 10 +++---- analyzers/rspec/vbnet/S4423.html | 8 +++--- analyzers/rspec/vbnet/S4507.html | 10 +++---- analyzers/rspec/vbnet/S4663.html | 4 +-- analyzers/rspec/vbnet/S4790.html | 20 +++++++------- analyzers/rspec/vbnet/S4792.html | 16 ++++++------ analyzers/rspec/vbnet/S4830.html | 26 +++++++++---------- analyzers/rspec/vbnet/S5042.html | 11 ++++---- analyzers/rspec/vbnet/S5443.html | 12 ++++----- analyzers/rspec/vbnet/S5445.html | 10 +++---- analyzers/rspec/vbnet/S5542.html | 14 +++++----- analyzers/rspec/vbnet/S5547.html | 14 +++++----- analyzers/rspec/vbnet/S5659.html | 14 +++++----- analyzers/rspec/vbnet/S5693.html | 10 +++---- analyzers/rspec/vbnet/S5753.html | 10 +++---- analyzers/rspec/vbnet/S6444.html | 8 +++--- analyzers/rspec/vbnet/S6602.html | 24 ++++++++--------- analyzers/rspec/vbnet/S6603.html | 24 ++++++++--------- analyzers/rspec/vbnet/S6605.html | 24 ++++++++--------- analyzers/rspec/vbnet/S6607.html | 19 +++++++------- analyzers/rspec/vbnet/S6608.html | 7 ++++- analyzers/rspec/vbnet/S6609.html | 8 +++++- .../src/SonarAnalyzer.CSharp/sonarpedia.json | 2 +- .../SonarAnalyzer.VisualBasic/sonarpedia.json | 2 +- 119 files changed, 534 insertions(+), 514 deletions(-) diff --git a/analyzers/rspec/cs/S106.html b/analyzers/rspec/cs/S106.html index 92d55a52f37..bab708117ef 100644 --- a/analyzers/rspec/cs/S106.html +++ b/analyzers/rspec/cs/S106.html @@ -47,7 +47,7 @@

Code examples

Resources

diff --git a/analyzers/rspec/cs/S1104.html b/analyzers/rspec/cs/S1104.html index 8f3d44f747b..9ca42637493 100644 --- a/analyzers/rspec/cs/S1104.html +++ b/analyzers/rspec/cs/S1104.html @@ -64,6 +64,6 @@

Pitfalls

Please be aware that changing a field by a property in a software that uses serialization could lead to binary incompatibility.

Resources

diff --git a/analyzers/rspec/cs/S112.html b/analyzers/rspec/cs/S112.html index 35051ab8593..243d68b7448 100644 --- a/analyzers/rspec/cs/S112.html +++ b/analyzers/rspec/cs/S112.html @@ -48,6 +48,6 @@

Compliant solution

Resources

Standards

diff --git a/analyzers/rspec/cs/S1121.html b/analyzers/rspec/cs/S1121.html index 10d64aac505..ae1ff51b1bb 100644 --- a/analyzers/rspec/cs/S1121.html +++ b/analyzers/rspec/cs/S1121.html @@ -59,6 +59,6 @@

Compliant solution

Resources

diff --git a/analyzers/rspec/cs/S1125.html b/analyzers/rspec/cs/S1125.html index 983f96c0f4c..7bca20cdbcc 100644 --- a/analyzers/rspec/cs/S1125.html +++ b/analyzers/rspec/cs/S1125.html @@ -4,7 +4,7 @@

Why is this an issue?

variable or expression that evaluates to a boolean value is unnecessary and can make the code harder to read and understand. The more complex a boolean expression is, the harder it will be for developers to understand its meaning and expected behavior, and it will favour the introduction of new bugs.

-

How to tix it

+

How to fix it

Remove redundant boolean literals from expressions to improve readability and make the code more maintainable.

Code examples

Noncompliant code example

diff --git a/analyzers/rspec/cs/S1134.html b/analyzers/rspec/cs/S1134.html index 120cf40a1aa..24a8c2b696d 100644 --- a/analyzers/rspec/cs/S1134.html +++ b/analyzers/rspec/cs/S1134.html @@ -11,6 +11,6 @@

Why is this an issue?

Resources

Documentation

diff --git a/analyzers/rspec/cs/S1135.html b/analyzers/rspec/cs/S1135.html index f028d32f13e..78abac3267e 100644 --- a/analyzers/rspec/cs/S1135.html +++ b/analyzers/rspec/cs/S1135.html @@ -24,6 +24,6 @@

Noncompliant code example

Resources

diff --git a/analyzers/rspec/cs/S1206.html b/analyzers/rspec/cs/S1206.html index d56e0c5f5f3..f8478b1d20f 100644 --- a/analyzers/rspec/cs/S1206.html +++ b/analyzers/rspec/cs/S1206.html @@ -38,7 +38,7 @@

Compliant solution

Resources

Documentation

See

diff --git a/analyzers/rspec/cs/S1696.html b/analyzers/rspec/cs/S1696.html index 8c87308edb7..046447f0e6e 100644 --- a/analyzers/rspec/cs/S1696.html +++ b/analyzers/rspec/cs/S1696.html @@ -37,7 +37,7 @@

Compliant solution

Resources

diff --git a/analyzers/rspec/cs/S1698.html b/analyzers/rspec/cs/S1698.html index 3d1611eb650..5a5493cc742 100644 --- a/analyzers/rspec/cs/S1698.html +++ b/analyzers/rspec/cs/S1698.html @@ -60,7 +60,7 @@

Exceptions

in this case we want to ensure reference equality even if some == overload is present).

Resources

diff --git a/analyzers/rspec/cs/S1854.html b/analyzers/rspec/cs/S1854.html index dd6c4c1031d..b8763f643c3 100644 --- a/analyzers/rspec/cs/S1854.html +++ b/analyzers/rspec/cs/S1854.html @@ -39,7 +39,7 @@

Compliant solution

Resources

Standards

Related rules

-
  • MITRE, CWE-588 - Attempt to Access Child of a Non-structure Pointer
  • -
  • MITRE, CWE-704 - Incorrect Type Conversion or Cast
  • +
  • CWE - CWE-588 - Attempt to Access Child of a Non-structure Pointer
  • +
  • CWE - CWE-704 - Incorrect Type Conversion or Cast
  • diff --git a/analyzers/rspec/cs/S2053.html b/analyzers/rspec/cs/S2053.html index 5d828406728..7fbe9bab3db 100644 --- a/analyzers/rspec/cs/S2053.html +++ b/analyzers/rspec/cs/S2053.html @@ -48,10 +48,10 @@

    How does this work?

    Resources

    Standards

    diff --git a/analyzers/rspec/cs/S2068.html b/analyzers/rspec/cs/S2068.html index 7681db4ca07..dc17d1e233a 100644 --- a/analyzers/rspec/cs/S2068.html +++ b/analyzers/rspec/cs/S2068.html @@ -47,12 +47,12 @@

    Exceptions

    See

    diff --git a/analyzers/rspec/cs/S2077.html b/analyzers/rspec/cs/S2077.html index 20e88f78be6..47addef1c1f 100644 --- a/analyzers/rspec/cs/S2077.html +++ b/analyzers/rspec/cs/S2077.html @@ -48,11 +48,10 @@

    Compliant Solution

    See

    See

    diff --git a/analyzers/rspec/cs/S2115.html b/analyzers/rspec/cs/S2115.html index 4ad94268ce7..84d3d270909 100644 --- a/analyzers/rspec/cs/S2115.html +++ b/analyzers/rspec/cs/S2115.html @@ -186,12 +186,12 @@

    Resources

    Standards

    diff --git a/analyzers/rspec/cs/S2184.html b/analyzers/rspec/cs/S2184.html index 426319763e3..4a2b23f2ad7 100644 --- a/analyzers/rspec/cs/S2184.html +++ b/analyzers/rspec/cs/S2184.html @@ -25,6 +25,6 @@

    Compliant solution

    Resources

    diff --git a/analyzers/rspec/cs/S2221.html b/analyzers/rspec/cs/S2221.html index 47188f225c2..7fb69b8a9c5 100644 --- a/analyzers/rspec/cs/S2221.html +++ b/analyzers/rspec/cs/S2221.html @@ -46,6 +46,6 @@

    Exceptions

    Resources

    diff --git a/analyzers/rspec/cs/S2222.html b/analyzers/rspec/cs/S2222.html index 67a0d05b9cd..0892158f224 100644 --- a/analyzers/rspec/cs/S2222.html +++ b/analyzers/rspec/cs/S2222.html @@ -99,7 +99,7 @@

    Resources

    diff --git a/analyzers/rspec/cs/S2931.html b/analyzers/rspec/cs/S2931.html index 1be3b248835..c0a2c11e308 100644 --- a/analyzers/rspec/cs/S2931.html +++ b/analyzers/rspec/cs/S2931.html @@ -44,6 +44,6 @@

    Compliant solution

    Resources

    diff --git a/analyzers/rspec/cs/S2952.html b/analyzers/rspec/cs/S2952.html index 40567956122..c883937c019 100644 --- a/analyzers/rspec/cs/S2952.html +++ b/analyzers/rspec/cs/S2952.html @@ -50,6 +50,6 @@

    Compliant solution

    Resources

    diff --git a/analyzers/rspec/cs/S3329.html b/analyzers/rspec/cs/S3329.html index 059581f70f3..6b47b578466 100644 --- a/analyzers/rspec/cs/S3329.html +++ b/analyzers/rspec/cs/S3329.html @@ -85,14 +85,14 @@

    Use unique IVs

    Resources

    Standards

    diff --git a/analyzers/rspec/cs/S3330.html b/analyzers/rspec/cs/S3330.html index 5b3fcb14d11..cf620cacf48 100644 --- a/analyzers/rspec/cs/S3330.html +++ b/analyzers/rspec/cs/S3330.html @@ -44,11 +44,11 @@

    Compliant Solution

    See

    diff --git a/analyzers/rspec/cs/S3655.html b/analyzers/rspec/cs/S3655.html index 8fe10afe405..d26db433925 100644 --- a/analyzers/rspec/cs/S3655.html +++ b/analyzers/rspec/cs/S3655.html @@ -37,6 +37,6 @@

    Resources

    Documentation

    diff --git a/analyzers/rspec/cs/S3871.html b/analyzers/rspec/cs/S3871.html index 2322bca5486..c6a185b86a9 100644 --- a/analyzers/rspec/cs/S3871.html +++ b/analyzers/rspec/cs/S3871.html @@ -28,8 +28,8 @@

    Compliant solution

    Resources

    Documentation

    Standards

    diff --git a/analyzers/rspec/cs/S4426.html b/analyzers/rspec/cs/S4426.html index d85c60ce479..eb142036ef6 100644 --- a/analyzers/rspec/cs/S4426.html +++ b/analyzers/rspec/cs/S4426.html @@ -158,19 +158,19 @@

    Articles & blog posts

    Standards

    diff --git a/analyzers/rspec/cs/S4433.html b/analyzers/rspec/cs/S4433.html index af8a6879313..ddc332e47e3 100644 --- a/analyzers/rspec/cs/S4433.html +++ b/analyzers/rspec/cs/S4433.html @@ -51,10 +51,10 @@

    Documentation

    Standards

    diff --git a/analyzers/rspec/cs/S4487.html b/analyzers/rspec/cs/S4487.html index 59b4faac518..44e9d5b9388 100644 --- a/analyzers/rspec/cs/S4487.html +++ b/analyzers/rspec/cs/S4487.html @@ -47,6 +47,6 @@

    Why is this an issue?

    Resources

    Standards

    diff --git a/analyzers/rspec/cs/S4502.html b/analyzers/rspec/cs/S4502.html index e79f655f06a..b2f2c8a7cf5 100644 --- a/analyzers/rspec/cs/S4502.html +++ b/analyzers/rspec/cs/S4502.html @@ -53,10 +53,10 @@

    Compliant Solution

    See

    diff --git a/analyzers/rspec/cs/S4507.html b/analyzers/rspec/cs/S4507.html index e6c71cf0e5b..7d82560777c 100644 --- a/analyzers/rspec/cs/S4507.html +++ b/analyzers/rspec/cs/S4507.html @@ -60,10 +60,10 @@

    Exceptions

    This rule does not analyze configuration files. Make sure that debug mode is not enabled by default in those files.

    See

    diff --git a/analyzers/rspec/cs/S4663.html b/analyzers/rspec/cs/S4663.html index 74229d01809..19fbd9240d1 100644 --- a/analyzers/rspec/cs/S4663.html +++ b/analyzers/rspec/cs/S4663.html @@ -1,5 +1,5 @@

    Why is this an issue?

    -

    Empty comments like the following don’t improve readability and might indicate an oversight.

    +

    Empty comments, as shown in the example, hurt readability and might indicate an oversight.

     //
     
    @@ -11,5 +11,5 @@ 

    Why is this an issue?

    /** */
    -

    A meaningful text should be added to the comment or the comment markers should be removed.

    +

    Some meaningful text should be added to the comment, or the comment markers should be removed.

    diff --git a/analyzers/rspec/cs/S4790.html b/analyzers/rspec/cs/S4790.html index c9950a1fa1b..39d4ce12818 100644 --- a/analyzers/rspec/cs/S4790.html +++ b/analyzers/rspec/cs/S4790.html @@ -29,15 +29,15 @@

    Compliant Solution

    See

    diff --git a/analyzers/rspec/cs/S4792.html b/analyzers/rspec/cs/S4792.html index 80ed65c1751..9ce5d516da3 100644 --- a/analyzers/rspec/cs/S4792.html +++ b/analyzers/rspec/cs/S4792.html @@ -198,13 +198,13 @@

    Sensitive Code Example

    See

    diff --git a/analyzers/rspec/cs/S4830.html b/analyzers/rspec/cs/S4830.html index 29216f2401b..de8137e703e 100644 --- a/analyzers/rspec/cs/S4830.html +++ b/analyzers/rspec/cs/S4830.html @@ -52,18 +52,18 @@

    Working with self-signed certificates or non-standard CAs

    Resources

    Standards

    diff --git a/analyzers/rspec/cs/S5042.html b/analyzers/rspec/cs/S5042.html index f30f1edb802..01f4b8f3cd3 100644 --- a/analyzers/rspec/cs/S5042.html +++ b/analyzers/rspec/cs/S5042.html @@ -75,12 +75,11 @@

    Compliant Solution

    See

    diff --git a/analyzers/rspec/cs/S5122.html b/analyzers/rspec/cs/S5122.html index 5f5fac76ca8..8d1196ce4ee 100644 --- a/analyzers/rspec/cs/S5122.html +++ b/analyzers/rspec/cs/S5122.html @@ -143,16 +143,16 @@

    Compliant Solution

    See

    diff --git a/analyzers/rspec/cs/S5332.html b/analyzers/rspec/cs/S5332.html index 4cfb5fcb790..5ff4b3dc962 100644 --- a/analyzers/rspec/cs/S5332.html +++ b/analyzers/rspec/cs/S5332.html @@ -79,15 +79,15 @@

    Exceptions

    See

    Standards

    diff --git a/analyzers/rspec/cs/S5542.html b/analyzers/rspec/cs/S5542.html index f95d1d2c7fa..fb950e2a8c7 100644 --- a/analyzers/rspec/cs/S5542.html +++ b/analyzers/rspec/cs/S5542.html @@ -14,9 +14,9 @@

    Why is this an issue?

    For these reasons, as soon as cryptography is included in a project, it is important to choose encryption algorithms that are considered strong and secure by the cryptography community.

    -

    For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB

    -

    (Electronic Codebook), as they are either vulnerable to padding oracles or do not provide authentication mechanisms.

    -

    And for RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.

    +

    For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB (Electronic Codebook) because they are either vulnerable to padding oracles or +do not provide authentication mechanisms.

    +

    For RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.

    What is the potential impact?

    The cleartext of an encrypted message might be recoverable. Additionally, it might be possible to modify the cleartext of an encrypted message.

    Below are some real-world scenarios that illustrate possible impacts of an attacker exploiting the vulnerability.

    @@ -108,9 +108,9 @@

    Articles & blog posts

    Standards

    diff --git a/analyzers/rspec/cs/S5547.html b/analyzers/rspec/cs/S5547.html index 76c442f2aa2..39ef2e0cc96 100644 --- a/analyzers/rspec/cs/S5547.html +++ b/analyzers/rspec/cs/S5547.html @@ -3,9 +3,9 @@

    Why is this an issue?

    Encryption algorithms are essential for protecting sensitive information and ensuring secure communication in various domains. They are used for several important reasons:

    When selecting encryption algorithms, tools, or combinations, you should also consider two things:

      @@ -83,9 +83,9 @@

      Use a secure algorithm

      Resources

      Standards

      diff --git a/analyzers/rspec/cs/S5659.html b/analyzers/rspec/cs/S5659.html index be0a04f1a6c..7b0237b11b5 100644 --- a/analyzers/rspec/cs/S5659.html +++ b/analyzers/rspec/cs/S5659.html @@ -65,13 +65,13 @@

      Verify the signature of your tokens

      signatures, they are not serving their purpose.

      Every time your application receives a JWT, it needs to decode the token to extract the information contained within. It is during this decoding process that the signature of the JWT should also be checked.

      -

      To resolve the issue follow these instructions:

      +

      To resolve the issue, follow these instructions:

      1. Use framework-specific functions for signature verification: Most programming frameworks that support JWTs provide specific functions to not only decode a token but also validate its signature simultaneously. Make sure to use these functions when handling incoming tokens.
      2. Handle invalid signatures appropriately: If a JWT’s signature does not validate correctly, it means the token is not trustworthy, indicating - potential tampering. The action to take on encountering an invalid token should be denying the request carrying it and logging the event for further - investigation.
      3. + potential tampering. The action to take when encountering an invalid token should be denying the request carrying it and logging the event for + further investigation.
      4. Incorporate signature validation in your tests: When you are writing tests for your application, include tests that check the signature validation functionality. This can help you catch any instances where signature verification might be unintentionally skipped or bypassed.
      @@ -88,9 +88,9 @@

      Rotate your secret keys

      Resources

      Standards

      diff --git a/analyzers/rspec/cs/S5693.html b/analyzers/rspec/cs/S5693.html index 57cd990eac6..bc28ae9fb5f 100644 --- a/analyzers/rspec/cs/S5693.html +++ b/analyzers/rspec/cs/S5693.html @@ -95,13 +95,13 @@

      Compliant Solution

      See

      diff --git a/analyzers/rspec/cs/S5753.html b/analyzers/rspec/cs/S5753.html index 621ee3674dd..3f851899a54 100644 --- a/analyzers/rspec/cs/S5753.html +++ b/analyzers/rspec/cs/S5753.html @@ -62,15 +62,15 @@

      Compliant Solution

      See

      diff --git a/analyzers/rspec/cs/S5766.html b/analyzers/rspec/cs/S5766.html index 4aa3574e80a..f7a9c300646 100644 --- a/analyzers/rspec/cs/S5766.html +++ b/analyzers/rspec/cs/S5766.html @@ -175,12 +175,12 @@

      Compliant Solution

      See

      diff --git a/analyzers/rspec/cs/S6444.html b/analyzers/rspec/cs/S6444.html index deac93f6f43..8e17bbd6db3 100644 --- a/analyzers/rspec/cs/S6444.html +++ b/analyzers/rspec/cs/S6444.html @@ -38,14 +38,14 @@

      Compliant Solution

      See

      See

      diff --git a/analyzers/rspec/vbnet/S1944.html b/analyzers/rspec/vbnet/S1944.html index b0ab7c583c5..436a4288909 100644 --- a/analyzers/rspec/vbnet/S1944.html +++ b/analyzers/rspec/vbnet/S1944.html @@ -78,7 +78,7 @@

      Documentation

    1. TryCast operator
    2. -
    3. MITRE, CWE-588 - Attempt to Access Child of a Non-structure Pointer
    4. -
    5. MITRE, CWE-704 - Incorrect Type Conversion or Cast
    6. +
    7. CWE - CWE-588 - Attempt to Access Child of a Non-structure Pointer
    8. +
    9. CWE - CWE-704 - Incorrect Type Conversion or Cast
    10. diff --git a/analyzers/rspec/vbnet/S2053.html b/analyzers/rspec/vbnet/S2053.html index 427fe959078..0c12e1d3739 100644 --- a/analyzers/rspec/vbnet/S2053.html +++ b/analyzers/rspec/vbnet/S2053.html @@ -46,10 +46,10 @@

      How does this work?

      Resources

      Standards

      diff --git a/analyzers/rspec/vbnet/S2068.html b/analyzers/rspec/vbnet/S2068.html index af34f01ec9c..2226cef4d17 100644 --- a/analyzers/rspec/vbnet/S2068.html +++ b/analyzers/rspec/vbnet/S2068.html @@ -47,12 +47,12 @@

      Exceptions

      See

      diff --git a/analyzers/rspec/vbnet/S2077.html b/analyzers/rspec/vbnet/S2077.html index 9f8115aba1a..524c43a9cc2 100644 --- a/analyzers/rspec/vbnet/S2077.html +++ b/analyzers/rspec/vbnet/S2077.html @@ -40,11 +40,10 @@

      Compliant Solution

      See

    For these reasons, as soon as cryptography is included in a project, it is important to choose encryption algorithms that are considered strong and secure by the cryptography community.

    -

    For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB

    -

    (Electronic Codebook), as they are either vulnerable to padding oracles or do not provide authentication mechanisms.

    -

    And for RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.

    +

    For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB (Electronic Codebook) because they are either vulnerable to padding oracles or +do not provide authentication mechanisms.

    +

    For RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.

    What is the potential impact?

    The cleartext of an encrypted message might be recoverable. Additionally, it might be possible to modify the cleartext of an encrypted message.

    Below are some real-world scenarios that illustrate possible impacts of an attacker exploiting the vulnerability.

    @@ -117,9 +117,9 @@

    Articles & blog posts

    Standards

    diff --git a/analyzers/rspec/vbnet/S5547.html b/analyzers/rspec/vbnet/S5547.html index 5b2e347dda4..eebe6d47dbb 100644 --- a/analyzers/rspec/vbnet/S5547.html +++ b/analyzers/rspec/vbnet/S5547.html @@ -3,9 +3,9 @@

    Why is this an issue?

    Encryption algorithms are essential for protecting sensitive information and ensuring secure communication in various domains. They are used for several important reasons:

    When selecting encryption algorithms, tools, or combinations, you should also consider two things:

      @@ -78,9 +78,9 @@

      Use a secure algorithm

      Resources

      Standards

      diff --git a/analyzers/rspec/vbnet/S5659.html b/analyzers/rspec/vbnet/S5659.html index 6002f4ca27a..d1dadf2006c 100644 --- a/analyzers/rspec/vbnet/S5659.html +++ b/analyzers/rspec/vbnet/S5659.html @@ -61,13 +61,13 @@

      Verify the signature of your tokens

      signatures, they are not serving their purpose.

      Every time your application receives a JWT, it needs to decode the token to extract the information contained within. It is during this decoding process that the signature of the JWT should also be checked.

      -

      To resolve the issue follow these instructions:

      +

      To resolve the issue, follow these instructions:

      1. Use framework-specific functions for signature verification: Most programming frameworks that support JWTs provide specific functions to not only decode a token but also validate its signature simultaneously. Make sure to use these functions when handling incoming tokens.
      2. Handle invalid signatures appropriately: If a JWT’s signature does not validate correctly, it means the token is not trustworthy, indicating - potential tampering. The action to take on encountering an invalid token should be denying the request carrying it and logging the event for further - investigation.
      3. + potential tampering. The action to take when encountering an invalid token should be denying the request carrying it and logging the event for + further investigation.
      4. Incorporate signature validation in your tests: When you are writing tests for your application, include tests that check the signature validation functionality. This can help you catch any instances where signature verification might be unintentionally skipped or bypassed.
      @@ -84,9 +84,9 @@

      Rotate your secret keys

      Resources

      Standards

      diff --git a/analyzers/rspec/vbnet/S5693.html b/analyzers/rspec/vbnet/S5693.html index 17cd0185558..28a2f1085e8 100644 --- a/analyzers/rspec/vbnet/S5693.html +++ b/analyzers/rspec/vbnet/S5693.html @@ -61,12 +61,12 @@

      Compliant Solution

      See

      diff --git a/analyzers/rspec/vbnet/S5753.html b/analyzers/rspec/vbnet/S5753.html index 0c502a48cb6..ec1688721a7 100644 --- a/analyzers/rspec/vbnet/S5753.html +++ b/analyzers/rspec/vbnet/S5753.html @@ -59,15 +59,15 @@

      Compliant Solution

      See

      diff --git a/analyzers/rspec/vbnet/S6444.html b/analyzers/rspec/vbnet/S6444.html index 5d6daefc03f..0f1f82fe45b 100644 --- a/analyzers/rspec/vbnet/S6444.html +++ b/analyzers/rspec/vbnet/S6444.html @@ -36,14 +36,14 @@

      Compliant Solution

      See