Классификация предупреждений PVS-Studio согласно OWASP Application Security Verification Standard (ASVS)
Стандарт OWASP Application Security Verification Standard (ASVS) — это список требований к безопасности приложений и тестов, которые могут использоваться архитекторами ПО, разработчиками, тестировщиками, специалистами по защищённости приложений, продавцами инструментов и пользователями для разработки, сборки, тестирования и верификации защищённых приложений.
C/C++ диагностики
|
Error Code |
Error Description |
Mapping |
|---|---|---|
|
It is highly probable that the semicolon ';' is missing after 'return' keyword. |
OWASP-11.1.1 |
|
|
An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing. |
OWASP-7.4.2 |
|
|
The object was created but it is not being used. The 'throw' keyword could be missing. |
OWASP-11.1.8 |
|
|
Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. |
OWASP-5.4.3 |
|
|
A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly. |
OWASP-5.4.3 |
|
|
More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits. |
OWASP-5.4.3 |
|
|
Consider inspecting the loop expression. It is possible that the 'i' variable should be incremented instead of the 'n' variable. |
OWASP-5.4.3 |
|
|
Classes should always be derived from std::exception (and alike) as 'public'. |
OWASP-7.4.2 |
|
|
Unchecked tainted data is used in expression. |
OWASP-5.1.3, OWASP-5.2.2, OWASP-5.3.8, OWASP-5.4.2 |
|
|
The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. |
OWASP-5.4.3 |
|
|
Possible overflow. Consider casting operands, not the result. |
OWASP-5.4.3 |
|
|
Potentially unsafe double-checked locking. |
OWASP-1.11.3, OWASP-11.1.6 |
|
|
Storing credentials inside source code can lead to security issues. |
OWASP-2.10.4 |
C# диагностики
|
Error Code |
Error Description |
Mapping |
|---|---|---|
|
Storing credentials inside source code can lead to security issues. |
OWASP-2.10.4 |
|
|
The object was created but it is not being used. The 'throw' keyword could be missing. |
OWASP-11.1.8 |
|
|
The original exception object was swallowed. Stack of original exception could be lost. |
OWASP-11.1.8 |
|
|
Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this. |
OWASP-1.11.3, OWASP-11.1.6 |
|
|
Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it. |
OWASP-1.11.3, OWASP-11.1.6 |
|
|
An exception handling block does not contain any code. |
OWASP-7.4.2 |
|
|
Exception classes should be publicly accessible. |
OWASP-7.4.2 |
|
|
Possible SQL injection. Potentially tainted data is used to create SQL command. |
OWASP-5.3.4, OWASP-5.3.5 |
|
|
Possible path traversal vulnerability. Potentially tainted data is used as a path. |
OWASP-12.3.1 |
|
|
Possible XSS vulnerability. Potentially tainted data might be used to execute a malicious script. |
OWASP-5.3.3 |
|
|
Potential insecure deserialization vulnerability. Potentially tainted data is used to create an object using deserialization. |
OWASP-1.5.2, OWASP-5.5.3 |
|
|
Do not use old versions of SSL/TLS protocols as it may cause security issues. |
OWASP-9.1.3 |
|
|
Use of outdated cryptographic algorithm is not recommended. |
OWASP-2.9.3, OWASP-8.3.7 |
|
|
Potential XXE vulnerability. Insecure XML parser is used to process potentially tainted data. |
OWASP-5.5.2 |
|
|
Possible command injection. Potentially tainted data is used to create OS command. |
OWASP-5.3.8 |
|
|
Assigning potentially negative or large value as timeout of HTTP session can lead to excessive session expiration time. |
OWASP-3.3.2 |
|
|
Possible server-side request forgery. Potentially tainted data is used in the URL. |
OWASP-12.6.1, OWASP-5.2.6 |
|
|
Possible log injection. Potentially tainted data is written into logs. |
OWASP-7.3.1 |
|
|
Possible LDAP injection. Potentially tainted data is used in a search filter. |
OWASP-5.3.7 |
|
|
Error message contains potentially sensitive data that may be exposed. |
OWASP-8.3.5 |
|
|
Possible XPath injection. Potentially tainted data is used in the XPath expression. |
OWASP-5.3.10 |
|
|
Possible open redirect vulnerability. Potentially tainted data is used in the URL. |
OWASP-5.1.5 |
|
|
Referenced package contains vulnerability. |
OWASP-9.1.3 |
|
|
Possible NoSQL injection. Potentially tainted data is used to create query. |
OWASP-5.3.4 |
|
|
Possible Zip Slip vulnerability. Potentially tainted data is used in the path to extract the file. |
OWASP-5.1.4 |
Java диагностики
|
Error Code |
Error Description |
Mapping |
|---|---|---|
|
An exception handling block does not contain any code. |
OWASP-7.4.2 |
|
|
Exception classes should be publicly accessible. |
OWASP-7.4.2 |
|
|
The object was created but it is not being used. The 'throw' keyword could be missing. |
OWASP-11.1.8 |
|
|
Unsafe double-checked locking. |
OWASP-1.11.3 |
|
|
Storing credentials inside source code can lead to security issues. |
OWASP-2.10.4 |
