您好,欢迎访问三七文档
当前位置:首页 > 办公文档 > 其它办公文档 > Fortify-SCA简介
FortifySCA简介FortifySCA是一个静态的、白盒的软件源代码安全测试工具。它通过内置的五大主要分析引擎:数据流、语义、结构、控制流、配置流等对应用软件的源代码进行静态的分析,分析的过程中与它特有的软件安全漏洞规则集进行全面地匹配、查找,从而将源代码中存在的安全漏洞扫描出来,并给予整理报告。扫描的结果中不但包括详细的安全漏洞的信息,还会有相关的安全知识的说明,以及修复意见的提供。1.FortifySCA扫描引擎介绍:ForitfySCA主要包含的五大分析引擎:z数据流引擎:跟踪,记录并分析程序中的数据传递过程所产生的安全问题。z语义引擎:分析程序中不安全的函数,方法的使用的安全问题。z结构引擎:分析程序上下文环境,结构中的安全问题。z控制流引擎:分析程序特定时间,状态下执行操作指令的安全问题。z配置引擎:分析项目配置文件中的敏感信息和配置缺失的安全问题。z特有的X-Tier™跟踪器:跨跃项目的上下层次,贯穿程序来综合分析问题2.FortifySCA的工作原理:ForitfySCA首先通过调用语言的编译器或者解释器把前端的语言代码(如JAVA,C/C++源代码)转换成一种中间媒体文件NST(NormalSyntaxTree)将其源代码之间的调用关系,执行环境,上下文等分析清楚。然后再通过上述的五大分析引擎从五个切面来分析这个NST,匹配所有规则库中的漏洞特征,一旦发现漏洞就抓取出来。最后形成包含详细漏洞信息的FPR结果文件,用AWB打开查看。图1:FortifySCA工作原理图2.FortifySCA扫描的结果如下:FortifySCA的结果文件为.FPR文件,包括详细的漏洞信息:漏洞分类,漏洞产生的全路径,漏洞所在的源代码行,漏洞的详细说明及修复建议等。如下图:分级报告漏洞的信息项目的源代码漏洞推荐修复的方法漏洞产生的全路径的跟踪信息漏洞的详细说明图2:ForitfyAWB查看结果图3.FortifySCA支持的平台:4.FortifySCA支持的编程语言:5.FortifySCAplug-In支持的有:6.FortifySCA目前能够扫描的安全漏洞种类有:目前FortifySCA可以扫描出约300种漏洞,Fortify将所有安全漏洞整理分类,根据开发语言分项目,再细分为8个大类,约300个子类,具体详细信息可登录Fortify官方网站进行查询:CodeCorrectness:CalltoGC.Collect()MissingCheckagainstNullObjectModelViolation:JustOneofEquals()andGetHashCode()DefinedOftenMisused:AuthenticationUncheckedReturnValueCodeCorrectness:ClassImplementsICloneableCodeCorrectness:Missing[Serializable]AttributeCodeCorrectness:MisspelledMethodNameCodeCorrectness:nullArgumenttoEquals()DeadCode:UnusedFieldDeadCode:UnusedMethodNullDereferenceObsoleteUnreleasedResourceJavaScriptHijacking:VulnerableFrameworkPoorLoggingPractice:UseofaSystemOutputStreamSystemInformationLeakTrustBoundaryViolationASP.NETMisconfiguration:RequestValidationDisabledASP.NETMisconfiguration:TraceOutputPoorErrorHandling:EmptyCatchBlockPoorErrorHandling:OverlyBroadCatchPoorErrorHandling:ProgramCatchesNullReferenceExceptionCommandInjectionCross-SiteScriptingDenialofServiceHTTPResponseSplittingLogForgingPathManipulationResourceInjectionSQLInjectionSQLInjection:NHibernateSettingManipulationASP.NETBadPractices:UseofImpersonationContextASP.NETMisconfiguration:PersistentAuthenticationAccessControl:DatabaseInsecureRandomnessPasswordManagementPasswordManagement:HardcodedPasswordPasswordManagement:WeakCryptographyPrivacyViolationASP.NETBadPractices:Non-SerializableObjectStoredinSessionCodeCorrectness:CalltoSystem.gc()CodeCorrectness:Erroneousfinalize()MethodEJBBadPractices:UseofAWT/SwingEJBBadPractices:UseofClassLoaderEJBBadPractices:UseofSocketsEJBBadPractices:UseofSynchronizationPrimitivesEJBBadPractices:Useofjava.ioJ2EEBadPractices:SocketsJ2EEBadPractices:getConnectionMissingCheckagainstNullMissingCheckforNullParameterObjectModelViolation:Erroneousclone()MethodObjectModelViolation:Justoneofequals()andhashCode()DefinedOftenMisused:AuthenticationPoorStyle:ExplicitCalltofinalize()Statistical:CheckedReturnValueStatistical:FunctionReturnUnusedStatistical:UnassignedReturnValueUncheckedReturnValueCodeCorrectness:CalltoThread.run()CodeCorrectness:ClassDoesNotImplementCloneableCodeCorrectness:ErroneousClassCompareCodeCorrectness:ErroneousStringCompareCodeCorrectness:MisspelledMethodNameCodeCorrectness:nullArgumenttoequals()DeadCode:ExpressionisAlwaysfalseDeadCode:ExpressionisAlwaystrueDeadCode:UnusedFieldDeadCode:UnusedMethodNullDereferenceObsoletePoorStyle:ConfusingNamingPoorStyle:EmptySynchronizedBlockPoorStyle:IdentifierContainsDollarSymbol($)PoorStyle:RedundantInitializationPoorStyle:ValueNeverReadUnreleasedResource:DatabaseUnreleasedResource:StreamsJ2EEBadPractices:LeftoverDebugCodeJavaScriptHijacking:AdHocAjaxJavaScriptHijacking:VulnerableFrameworkPoorLoggingPractice:LoggerNotDeclaredStaticFinalPoorLoggingPractice:MultipleLoggersPoorLoggingPractice:UseofaSystemOutputStreamSystemInformationLeakSystemInformationLeak:MissingCatchBlockTrustBoundaryViolationUnsafeMobileCode:AccessViolationUnsafeMobileCode:InnerClassUnsafeMobileCode:Publicfinalize()MethodUnsafeMobileCode:UnsafeArrayDeclarationUnsafeMobileCode:UnsafePublicFieldPoorErrorHandling:EmptyCatchBlockPoorErrorHandling:OverlyBroadCatchPoorErrorHandling:OverlyBroadThrowsPoorErrorHandling:ProgramCatchesNullPointerExceptionPoorErrorHandling:ReturninsideFinallyPoorErrorHandling:UnhandledSSLExceptionCommandInjectionCross-SiteScriptingDenialofServiceHTTPResponseSplittingLogForging(debug)LogForgingMissingXMLValidationNUMBERTaintSourcesPathManipulationProcessControlResourceInjectionSQLInjectionSQLInjection:HibernateSettingManipulationStruts:Erroneousvalidate()MethodUnsafeJNIUnsafeReflectionAccessControl:DatabaseInsecureRandomnessPasswordManagementPasswordManagement:HardcodedPasswordPasswordManagement:PasswordinRedirectPasswordManagement:WeakCryptographyPrivacyViolationCodeCorrectness:Double-CheckedLockingJ2EEBadPractices:Non-SerializableObjectStoredinSessionJ2EEBadPractices:System.exitJ2EEBadPractices:ThreadsRaceCondition:SingletonMemberFieldRaceCondition:StaticDatabaseConnectionSessionFixation
三七文档所有资源均是用户自行上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作他用。
扫描二维码
tmykwoaini
本文标题:Fortify-SCA简介
链接地址:https://www.777doc.com/doc-7296066 .html