Skip to content

Instantly share code, notes, and snippets.

@DinisCruz

DinisCruz/SimpleVersion.xml

Last active December 26, 2016 08:59
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save DinisCruz/6220159 to your computer and use it in GitHub Desktop.
Save DinisCruz/6220159 to your computer and use it in GitHub Desktop.
Download ZIP
Sample example of CustomDescriptionRule to be used on Fortify SCA
Raw
SimpleVersion.xml
<?xml version="1.0" encoding="UTF-8"?>
<RulePack xmlns="xmlns://www.fortifysoftware.com/schema/rules">
<RulePackID>950F4B5A-85D0-4954-97D5-35C3F0285057</RulePackID>
<SKU>SKU-C:\Users\dinis\AppData\Local\Fortify\CRE-3.90\rules\custom-rule</SKU>
<Name>SimpleVersion-CustomDescriptionRule</Name>
<Version>1.0</Version>
<Description>
Description of RulePack
</Description>
<Rules version = "3.16">
<RuleDefinitions>
<CustomDescriptionRule formatVersion="3.15">
<RuleID>D40B319C-F9D6-424F-9D62-BB1FA3B3C645</RuleID>
<RuleMatch>
<Category>
<Value>SQL Injection</Value>
</Category>
</RuleMatch>
<Description formatVersion="3.2">
<Abstract>This is an Abstract</Abstract>
<Explanation>This is an Explanation</Explanation>
<Recommendations>The Recommendations go here</Recommendations>
<Tips>
<Tip>This is a Tip</Tip>
<Tip> this is another Tip</Tip>
</Tips>
<References>
<Reference>
<Title>title of reference</Title>
<Author>Author</Author>
<Pages>Pages</Pages>
<PublishedDate>2012</PublishedDate>
<Publisher>Published</Publisher>
<Source>Source</Source>
</Reference>
</References>
</Description>
</CustomDescriptionRule>
</RuleDefinitions>
</Rules>
</RulePack>
Raw
VersionWithSomeHtmlContent.xml
<?xml version="1.0" encoding="UTF-8"?>
<RulePack xmlns="xmlns://www.fortifysoftware.com/schema/rules">
<RulePackID>950F4B5A-85D0-4954-97D5-35C3F0285057</RulePackID>
<SKU>SKU-C:\Users\dinis\AppData\Local\Fortify\CRE-3.90\rules\custom-rule</SKU>
<Name>VersionWithSomeHtmlContent</Name>
<Version>1.0</Version>
<Description>
Description of RulePack
</Description>
<Rules version = "3.16">
<RuleDefinitions>
<CustomDescriptionRule formatVersion="3.15">
<RuleID>D40B319C-F9D6-424F-9D62-BB1FA3B3C645</RuleID>
<RuleMatch>
<Category>
<Value>SQL Injection</Value>
</Category>
</RuleMatch>
<RuleMatch>
<Category>
<Value>Access Control</Value>
</Category>
<Subcategory>
<Value>Database</Value>
</Subcategory>
</RuleMatch>
<Description formatVersion="3.2">
<ContentType value="HTML"></ContentType> <!-- not having any effect -->
<Abstract>This is an Abstract
&lt;a href="http://www.google.com"&gt;link to Google&lt;/a&gt;
&lt;h1&gt; H1 header &lt;/h1&gt;
&lt;h2&gt; no H2 header &lt;/h2&gt;
&lt;h3&gt; no H4 header &lt;/h3&gt;
&lt;p&gt;a paragraph
&lt;ul&gt;
&lt;li&gt;bullets&lt;/li&gt;
&lt;li&gt;don't need UL tag&lt;/li&gt;
&lt;/h3&gt;
&lt;/p&gt;
&lt;li&gt;they can be created using &lt;/li&gt;
&lt;li&gt;LI tags&lt;/li&gt;
Code samples can be created like this
&lt;pre&gt;
...
//code sample
public void CanGoHere()
{
var aVariable = "abc";
}
...
&lt;/pre&gt;
</Abstract>
<Explanation>This is an Explanation
2nd line of Explanation
&lt;a href="http://www.google.com"&gt;link&lt;/a&gt;
&lt;h1&gt; header&lt;/h1&gt; text
</Explanation>
<Recommendations>The Recommendations go here
2nd line of Recommendations
&lt;a href="http://www.google.com"&gt;link&lt;/a&gt;
&lt;h1&gt;header&lt;/h1&gt; text
</Recommendations>
<Tips>
<Tip>This is a TIP</Tip>
<Tip> this is another Tip</Tip>
<Tip>&lt;a href="http://www.google.com"&gt;link&lt;/a&gt; &lt;h1&gt; header &lt;/h1&gt; text</Tip>
</Tips>
<References>
<Reference>
<Title>title of reference 1 &lt;a href="http://www.google.com"&gt;no link&lt;/a&gt; &lt;h1&gt; header &lt;/h1&gt; text</Title>
<Author>Author</Author>
<Pages>Pages</Pages>
<PublishedDate>2012</PublishedDate>
<Publisher>Published</Publisher>
<Source>Source</Source>
</Reference>
</References>
</Description>
</CustomDescriptionRule>
</RuleDefinitions>
</Rules>
</RulePack>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment