我试图编写一个强化规则,它只检查一个函数并在函数出现时标记它。我使用以下代码创建了一个 java 文件:
class t {
public static void main(String[] args) {
System.out.println("test");
}
}
class DialogError {
int getErrorCode() {
return 10;
}}
我写的强化规则的目的是检测getErrorCode内部的任何出现DialogError并标记相同的。
<?xml version="1.0" encoding="UTF-8"?>
<RulePack xmlns="xmlns://www.fortifysoftware.com/schema/rules">
<RulePackID>FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF</RulePackID>
<Name><![CDATA[my test ruleset]]></Name>
<Version>1.0</Version>
<Description><![CDATA[Rule to identify an instance of getErrorCode]]></Description>
<Rules version="3.10">
<RuleDefinitions>
<SemanticRule formatVersion="3.10" language="java">
<MetaInfo>
<Group name="Accuracy">5.0</Group>
<Group name="Impact">5.0</Group>
<Group name="RemediationEffort">5.0</Group>
<Group name="Probability">5.0</Group>
</MetaInfo>
<Label>label lololololol</Label>
<RuleID>01239X14-ASDF-41AA-BDFA-DF134asdf79A</RuleID>
<Notes><![CDATA[Checks if DialogError class if found yo]]></Notes>
<VulnKingdom>Security Features</VulnKingdom>
<VulnCategory>Function is evil</VulnCategory>
<VulnSubcategory>Some ol category</VulnSubcategory>
<DefaultSeverity>3.0</DefaultSeverity>
<Description formatVersion="3.2">
<Abstract><![CDATA[YO FIRING YO]]></Abstract>
<Explanation><![CDATA[YOYOYOYOYO]]></Explanation>
<Recommendations><![CDATA[YOYOYOYOY]]></Recommendations>
<References>
<Reference>
<Title><![CDATA[YO]]></Title>
<Source><![CDATA[YOYOYOYOYOYO]]></Source>
</Reference>
</References>
</Description>
<Type>default</Type>
<FunctionIdentifier>
<ClassName>
<Value>DialogError</Value>
</ClassName>
<FunctionName>
<Value>getErrorCode</Value>
</FunctionName>
<ApplyTo implements="true" overrides="true" extends="true"/>
</FunctionIdentifier>
</SemanticRule>
</RuleDefinitions>
</Rules>
</RulePack>
我究竟做错了什么?