I was looking to use this tool to review some C# code, and I peeked at the csfunction.conf file and saw 8 phrases that are being grepped for. After running the tool, it looks like there are more checks than just the 8 phrases in this file. I was wondering if you had a list of what else is scanned for besides the 8 phrases when scanning a set of C# files.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The conf files perform a fairly simple grep of known bad functions and allow for some user customisation in any cases where a user wishes to scan for extra (or less) stuff.
In addition to this there are some more complicated scans that take place for each language where more combinations of user-controlled input data interact with dangerous functions, etc. In the case of C# there are scans for:
case-insensitive password checks
XSS
SQL injection
unsanitised data being written to log files
logging of passwords
use of [unsafe] directives
use of deterministic pseudo-random numbers
unsanitised data being passed to the command line
Just drop me mail if you want to discuss this in more detail.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I was looking to use this tool to review some C# code, and I peeked at the csfunction.conf file and saw 8 phrases that are being grepped for. After running the tool, it looks like there are more checks than just the 8 phrases in this file. I was wondering if you had a list of what else is scanned for besides the 8 phrases when scanning a set of C# files.
Hi Chris
Sorry about the delay - I've been on holiday.
The conf files perform a fairly simple grep of known bad functions and allow for some user customisation in any cases where a user wishes to scan for extra (or less) stuff.
In addition to this there are some more complicated scans that take place for each language where more combinations of user-controlled input data interact with dangerous functions, etc. In the case of C# there are scans for:
case-insensitive password checks
XSS
SQL injection
unsanitised data being written to log files
logging of passwords
use of [unsafe] directives
use of deterministic pseudo-random numbers
unsanitised data being passed to the command line
Just drop me mail if you want to discuss this in more detail.