From da33103e2c97870e0d050a5fcc0e51741e0d0ebe Mon Sep 17 00:00:00 2001 From: suxin <2439462239@qq.com> Date: Mon, 24 Oct 2022 07:38:52 +0000 Subject: [PATCH 1/2] =?UTF-8?q?update=20openKylin-C&C++=E8=AF=AD=E8=A8=80F?= =?UTF-8?q?ortify=E4=BB=A3=E7=A0=81=E5=AE=89=E5=85=A8=E6=A3=80=E6=9F=A5.md?= =?UTF-8?q?.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: suxin <2439462239@qq.com> --- ...11\345\205\250\346\243\200\346\237\245.md" | 39 +------------------ 1 file changed, 1 insertion(+), 38 deletions(-) diff --git "a/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" "b/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" index ed5702e..b544823 100644 --- "a/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" +++ "b/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" @@ -1,54 +1,17 @@ # Fortify代码安全检查 +openKylin | 审核人: | 编写日期: | | --- | --- | | 批准人: | 审核日期: | -openKylin ## 版本说明 | 日期 | 版本号 | 发布说明 | 编写人 | 审核人 | | --- | --- | --- | --- | --- | | 2022.09.19 | v1.0 | 添加命令注入、路径操纵、缓冲区溢出类型的规则 | 苏鑫 | - | - | - | - | - | - | - | - | - -# 目录 - -[0.](#_Toc1474278514)前言...............................................................3 - -[](#_Toc886152291)目的...............................................................3 - -[](#_Toc304473081)适用范围...............................................................3 - -[1.](#_Toc189507830)命令注入(Command Injection)类型...............................................................3 - -[1.1.](#_Toc1077273378)描述...............................................................3 - -[1.2.](#_Toc1128555694)整改建议...............................................................4 - -[2.](#_Toc1156090797)路径操纵(Path Manipulation)类型...............................................................5 - -[2.1.](#_Toc673585654)描述...............................................................5 - -[2.2.](#_Toc1348179914)整改建议...............................................................5 - -[3.](#_Toc892763222)缓冲区溢出(Buffer overflow)类型...............................................................6 - -[3.1.](#_Toc1540032177)描述...............................................................6 - -[3.2.](#_Toc178227594)整改建议...............................................................7 - -[4.](#_Toc168365859)代码规范工具...............................................................8 -[4.1. Fortify](#_Toc763838464)工具...............................................................8 # 0.前言 -- Gitee From 1e5cf2ae90bb95de39676d6e99b0247055cf9ae9 Mon Sep 17 00:00:00 2001 From: suxin <2439462239@qq.com> Date: Mon, 24 Oct 2022 07:40:21 +0000 Subject: [PATCH 2/2] =?UTF-8?q?update=20openKylin-C&C++=E8=AF=AD=E8=A8=80F?= =?UTF-8?q?ortify=E4=BB=A3=E7=A0=81=E5=AE=89=E5=85=A8=E6=A3=80=E6=9F=A5.md?= =?UTF-8?q?.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: suxin <2439462239@qq.com> --- ...5\256\211\345\205\250\346\243\200\346\237\245.md" | 12 ------------ 1 file changed, 12 deletions(-) diff --git "a/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" "b/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" index b544823..151141a 100644 --- "a/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" +++ "b/openKylin-C&C++\350\257\255\350\250\200Fortify\344\273\243\347\240\201\345\256\211\345\205\250\346\243\200\346\237\245.md" @@ -1,18 +1,6 @@ # Fortify代码安全检查 openKylin -| 审核人: | 编写日期: | -| --- | --- | -| 批准人: | 审核日期: | - - -## 版本说明 - -| 日期 | 版本号 | 发布说明 | 编写人 | 审核人 | -| --- | --- | --- | --- | --- | -| 2022.09.19 | v1.0 | 添加命令注入、路径操纵、缓冲区溢出类型的规则 | 苏鑫 | - - # 0.前言 ## 目的 -- Gitee