Scan2Fix4Csh product
Scan2Fix4Csh the Microsoft C# source code analyzer
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
</project>
Nota : the plugin for Sonar is not required. Usage is limited to 5 days.
mvn clean compile site
Maven will generate the static Web site under target/site/index.html
Nota : the plugin for Sonar is not required. It is provided at the validation step of the command process or on explicit request (contact@qualitesys.com).
mvn clean compile sonar:sonar
Id | Priority | Description |
---|---|---|
QC-CSHCWE078 | BLOCKER | OS command injection |
QC-CSHCWE079 | BLOCKER | Basic XSS |
QC-CSHCWE080 | BLOCKER | SQL Injection |
QC-CSHCWE099 | BLOCKER | Ressource injection |
QC-CSHCWE369 | BLOCKER | Division by ZERO |
QC-CSHCWE412 | BLOCKER | Unrestricted lock of critical ressource, deadlock |
QC-CSHCWE470 | BLOCKER | Use of externally-controlled (unsafe reflection) |
QC-CSHCWE621 | BLOCKER | Variable extraction error |
QC-CSHCWE624 | BLOCKER | Executable regular expression error |
QC-CSHCWE833 | BLOCKER | Deadlock |
QC-CSH000002 | BLOCKER | An alone throw instruction preceeded by method invocations |
QC-CSH000004 | BLOCKER | String comparing : change x=='' to x.IsNullOrEmpty |
QC-CSH000005 | BLOCKER | String comparing : change x.Equals('') to x.IsNullOrEmpty |
QC-CSH000006 | BLOCKER | String comparing : change Equals(x,'') to x.IsNullOrEmpty |
QC-CSH000007 | BLOCKER | String concat : use concat instead of + |
QC-CSH000008 | BLOCKER | String comparing : change == or != to Equals() |
QC-CSH999999 | BLOCKER | Syntax analysis failure on the source code |
QC-CSH000001 | CRITICAL | Original stack trace lost because the catch exception is thrown |
QC-CSH000096 | CRITICAL | Insufficient control of directives in statically saved code |
QC-CSH000476 | CRITICAL | Null pointer reference |
QC-CSH000484 | CRITICAL | Omitted Break Statement in Switch |
QC-CSH000570 | CRITICAL | Condition NEVER true |
QC-CSH000616 | CRITICAL | Incomplete identification of uploaded file |
QC-CSHCWE190 | MAJOR | Overflow |
QC-CSHCWE390 | MAJOR | Detection of error condition without action |
QC-CSHCWE392 | MAJOR | Failure to report error in status code |
QC-CSHCWE481 | MAJOR | Assigning instead of comparing |
QC-CSHCWE493 | MAJOR | Critical public variable without final modifier |
QC-CSHCWE584 | MAJOR | Return inside finally block |
QC-CSHCWE252 | MINOR | Return type of function is not tested |
QC-CSHCWE500 | MINOR | Static public field not marked final |
QC-CSHCWE582 | MINOR | Array declared public, final and static |
QC-CSHCWE585 | MINOR | The software contains an empty synchronized block |
QC-CSHCWE626 | MINOR | Null byte interaction error |
QC-CSHCWE627 | MINOR | Dynamic variable evaluation for variable |
QC-CSH999996 | INFO | Local Cut and Paste Detector in single file |
* required fields