Page tree
Skip to end of metadata
Go to start of metadata

The main purpose of the Dynamic Link Manager is for manually reviewing the status of links whose authenticity cannot be absolutely determined by CAST. This can be achieved using the GUI (see Reviewing Dynamic Links for more information about accessing the Dynamic Link Manager).

Links can be in three states:

  • To be reviewed: links are in this state when you open the Dynamic Link Manager after the completion of an analysis.
  • Ignored: links are in this state when you have ticked them after examination (and it proves to be incorrect or false). By default Ignored links are not displayed in the GUI - toggle the Hide Reviewed Links button to view them.
  • Validated: links are in this state when you have marked them as Validated after examination (and it proves to be correct). By default Validated links are not displayed in the GUI - toggle the Hide Reviewed Links button to view them.

Note that you can close the Dynamic Links Manager in the middle of a review session and changes will persist.

Ignore

To ignore a link after checking the called/calling objects and the link type, simply tick the check box next to the link:

  • Changes are saved to the Analysis Service when you click the OK button in the bottom right hand corner of the dialog box. The next time you open the Dynamic Link Manager, the ignored link will not be visible: toggle the Hide Reviewed Links button to view it.
  • Note that you can tick multiple links at the same time by selecting them with the mouse while holding down either the SHIFT key or the CTRL key and then ticking just one link:

Unignore

To unignore a link that you have previously ignored (i.e. to reset the link to "To be reviewed" status):

  • toggle the Hide Reviewed Links button to display the ignored links
  • untick the ignored link
  • Changes are saved to the Analysis Service when you click the OK button in the bottom right hand corner of the dialog box. The next time you open the Dynamic Link Manager, the link will be visible and is in "To be reviewed" status.
  • Note that you can untick multiple links at the same time by selecting them with the mouse while holding down either the SHIFT key or the CTRL key and then ticking just one link.

Validate

To validate a link after checking the called/calling objects and the link type:

  • right click the link
  • select Validate:

  • Changes are saved to the Analysis Service when you click the OK button in the bottom right hand corner of the dialog box. The next time you open the Dynamic Link Manager, the validated link will not be visible: toggle the Hide Reviewed Links button to view it.
  • Note that you can validate multiple links at the same time by selecting them with the mouse while holding down either the SHIFT key or the CTRL key and then right clicking just one link and choosing Validate:

Invalidate

To invalidated a link that you have previously ignored (i.e. to reset the link to "To be reviewed" status):

  • toggle the Hide Reviewed Links button to display the validated links
  • right click the link and select Invalidate
  • Changes are saved to the Analysis Service when you click the OK button in the bottom right hand corner of the dialog box. The next time you open the Dynamic Link Manager, the link will be visible and is in "To be reviewed" status.
  • Note that you can invalidate multiple links at the same time by selecting them with the mouse while holding down either the SHIFT key or the CTRL key and then right clicking just one link and choosing Invalidate.

Although this manual review method via the GUI is acceptable, it is really only usable for a small number of links becasue each link has to be validated/ignored manually. If you have many hundreds of links it can quickly become very tedious and time consuming to complete link reviews after an analysis.

In addition, when you rerun an analysis, new links that arise due to the same underlying cause will once again appear in the Dynamic Link Manager

CAST has various options that can help with this:

Method parametrization

You can use method parameterization via an Environment Profile (for VB and J2EE) to automatically ignore or validate links when they are created with a parameter of a method. This is particularly useful as you can create a parameterization rule for a particular unverified link (i.e. whether to ignore or validate a link) and when you re-run the analysis, all links caused by the same parameter of this method will be automatically validated or ignored depending on the action you defined. Thus, these types of links will never appear in the Dynamic Link Manager again.

See the Profile for Parametrization drop down list section in Reviewing Dynamic Links for more information.

External Link engine parametrization

Please see External Link engine parametrization for more information.

Using Dynamic Link filter rules

You can also define your own filters based on Caller/Callee objects and include these filter rules during an analysis. This option is a more sophisticated and scalable method than described in External link engine parametrization and CAST recommends switching to using it. Please see Dynamic Link Manager filter rules for more information.

Reviewing Dynamic Links


CAST Website

  • No labels