Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Redirect
visiblefalse
locationAIPCORE:Changes in results post upgrade - 8.3.27

Panel

Table of Contents


Info

Summary: this page lists:

  • Impacts of changes made to CAST AIP 8.3.27 on Quality Model results post upgrade
  • Other impacts of changes made in CAST AIP 8.3.27

...

Impacts of changes made in CAST AIP 8.3.27 on Quality Model results post upgrade

User Input Security

...

Updated rules

The following new rules have been implementedupdated, therefore after an upgrade to 8.3.27 and the generation of a consistency snapshot on unchanged source code, results may change: additional violations may be visible for these new rules:

Rule IDCWE IDRule nameInput nameTarget name.NET supportJEE support
8518400Regular Avoid regular expression injectionNetwork.readRegexp.writeYes (already supported in 8.3.26)Yes (support added in 8.3.2727)

8518 - Avoid regular expression injection

A bug has been identified where the Quality Standards tags added for this rule were incorrect. This bug has now been fixed and the correct tags have been applied. Therefore after an upgrade to 8.3.27 and the generation of a consistency snapshot on unchanged source code, results may change: reports generated through Report Generator may change and the SQL Injection tile in the Security Dashboard will now display correct information.

8098 - Avoid uncontrolled format string

A bug has been identified where some violations of this rule were not being correctly present in the CAST Engineering Dashboard due to missing bookmarks. This issue has now been fixed.