find-sec-bugs/find-sec-bugs version-1.4.5

Version 1.4.5 - Eh.. What's Up, Doc?

on GitHub

Many bug patterns have been added for this release (see Full Changelog below).

During this milestone, few important documentation additions were made:

• Creation of the project demos repository
  • Android demo (Gradle)
  • Java with JSP demo (Maven)
  • Scala with Play Framework demo (SBT)
• Writing your own detector
• Creating a injection-based detector
• Tutorial for Jenkins configuration for Android and Java projects (@mcwww) :
• Many description of old bug patterns were also refactored.

The support for Scala specific bug patterns is starting slowly. We are looking for feedback from the community and potentially bug patterns ideas.

Full Changelog

Implemented enhancements:

• Play framework demo #154
• New Rule : Scala Command injection #153
• New Rule : Unvalidated redirect in Play Framework #152
• New Rule : Additional coverage for predictable random generator in Scala #151
• New Rule: Detect weak HostnameVerifier #150
• Migrate the old XSS detector to the new TaintDetector mecanism #149
• Support alternative bytecode for setEscapeXml="false" JSP (Weblogic appc) #148
• (Dev internal) DSL for more intuitive method matching #147
• New Rule : Missing HttpOnly flag on cookie #144
• New Rule : Trust Boundary Violation #133
• Taint analysis : Add taint parameters annotate (RequestParam, PathVariable, ..) #132
• New Rule : EL Expression Injection #130
• New Rule : XSS detector using the taint detector approach #129
• (Dev internal) Debug info for taint value to allow troubleshooting of the stack #81
• New Rule : Seam Logger usage could lead to remote code execution #56
• New Rule: Detect SSL disabler (Java + Scala implementation) #34

Fixed bugs:

• Fix code bloc in description for multiples Bug Patterns : JSP_INCLUDE, JSP_SPRING_EVAL and JSP_JSTL_OUT #131
• Hard coded keys false positive when loading bytes from FileInputStream #126
• Description for weak digest need an update #119
• Error scanning Scala code in IntelliJ #112

Merged pull requests:

• Change description of cryptography plus bad grammar #146 (mcwww)
• Change to description #145 (mcwww)
• Correct SonarQube product name #142 (agabrys)
• Analysis of indirect subclasses of HttpServlet for XSS #137 (formanek)
• Properly handle paths to files #136 (jsotuyod)
• Fixed hard coded keys detector and out-of-bounds index in TaintAnalysis #135 (formanek)