Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix S2053 FN: Encoding.GetBytes #7617

Closed
3 tasks done
zsolt-kolbay-sonarsource opened this issue Jul 18, 2023 · 0 comments · Fixed by #7618
Closed
3 tasks done

Fix S2053 FN: Encoding.GetBytes #7617

zsolt-kolbay-sonarsource opened this issue Jul 18, 2023 · 0 comments · Fixed by #7618
Assignees
@zsolt-kolbay-sonarsource
Labels
Area: C# C# rules related issues. Area: CFG/SE CFG and SE related issues. Area: Security Related to Vulnerability and Security Hotspot rules Area: VB.NET VB.NET rules related issues. Type: False Negative Rule is NOT triggered when it should be.
Milestone
9.6

Comments

@zsolt-kolbay-sonarsource
Copy link
Contributor

zsolt-kolbay-sonarsource commented Jul 18, 2023
edited
Loading

This is a follow-up to the rule migration. Once the C# version of S2053 was migrated and the VB version was added:

  • Handle Encoding.GetBytes("hardcodedText")
  • Add more test cases for different control flows (conditional, try-catch-finally)
  • Change the issue location for named parameters (only highlight the argument value, but not the parameter name)
@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource added Type: False Negative Rule is NOT triggered when it should be. Area: CFG/SE CFG and SE related issues. Area: VB.NET VB.NET rules related issues. Area: C# C# rules related issues. Area: Security Related to Vulnerability and Security Hotspot rules Sprint: SE labels Jul 18, 2023
@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource added this to the 9.6 milestone Jul 18, 2023
Merged
@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource changed the title Migrate S2053: Hardening Fix S2053 FN: Encoding.GetBytes and ToArray Jul 18, 2023
@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource changed the title Fix S2053 FN: Encoding.GetBytes and ToArray Fix S2053 FN: Encoding.GetBytes Jul 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource

Labels
Area: C# C# rules related issues. Area: CFG/SE CFG and SE related issues. Area: Security Related to Vulnerability and Security Hotspot rules Area: VB.NET VB.NET rules related issues. Type: False Negative Rule is NOT triggered when it should be.
Projects
None yet
Milestone
9.6
Development

Successfully merging a pull request may close this issue.

Fix S2053 FN: Encoding.GetBytes SonarSource/sonar-dotnet
2 participants
@mary-georgiou-sonarsource @zsolt-kolbay-sonarsource