Fortify: Access Control Database related issue -


we have been using fortify tool in our code check security vulnerabilities. able fix of issues, there issues finding hard fix.one of related access control database related issues.we use hibernate criteria within our code fetch records db , foritfy complains data db , place program untrusted source.below same code

criteria criteria = hibernatessn.createcriteria("com.vish.status") critiera.list() ------>here error saying "data enters program untrusted source".

is there way can indicate fortify data indeed coming trusted source?

thanks

short answer - no.

slightly longer answer - fortify not know if data source trusted or not. either have create custom filter ignore category, or custom rules able ignore data specific data source.

historically speaking, if scanning same app on , over, remember findings "not issue" when see them.


Comments

Post a Comment

Popular posts from this blog

php - Wordpress website dashboard page or post editor content is not showing but front end data is showing properly -

Image
recently have uploaded wordpress site onto server. have uploaded wordpress site in sub-folder under root folder ../root(domain root folder)/wordpress (where host wordpress folder). now problem content data in page or post in dashboard of wordpress admin panel not showing - see image. but data showing in front view - see image. if not browser cache issue , not issue happened tinymce editor during upgrade; try add config file: define('concatenate_scripts', false);
Read more

javascript - Get parameter of GET request -

i make request: createxhrrequest( "get", fileurl, function( err, response ) { if( err ) { alert( "error get!" ); } alert(response); }); and full response: { "status" : "ok", "message" : "jvberi0xljqkjdduxdgkmy how can jvberi0xlj ? i try response.message , response["message"]. nothing works. just simple access this: var json = json.parse(response); json.message
Read more

javascript - Twitter Bootstrap - how to add some more margin between tooltip popup and element -

Image
i have not tryed since can't understand space between tooltip , element made/added bootstrap, tooltip near element triggers tooltip event. i make tooltip opening little bit away element, add more margin tooltip , eleemnt mean. i understand how in css if possible , if possible make both right,left,top,bottom tooltips hope question clear. this how tooltips looks on app: and , how should looks after this default css tooltip on top : .tooltip.top { padding: 5px 0; margin-top: -3px; } you can override in own css : .tooltip.top { margin-top: -10px; } note code work work tooltip on top, you'll nedd adapt css 3 other orientations : .tooltip.top { margin-top: -10px; } .tooltip.right { margin-left: 10px; } .tooltip.bottom { margin-top: 10px; } .tooltip.left { margin-left: -10px; }
Read more