Skip to content

Commit 4f22959

Browse files
wireghoulwireghoul
committed
Fixed trailing space rules and added test to prevent in the future
1 parent 657e293 commit 4f22959

File tree

6 files changed

+72
-73
lines changed

6 files changed

+72
-73
lines changed

signatures/asp.db

Lines changed: 34 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,55 +1,54 @@
1-
Request.QueryString
2-
Request.Cookies
3-
Request.Certificate
4-
Request.ServerVariables
5-
Request.IsSecureConnection
6-
Request.Form
1+
Request\.QueryString
2+
Request\.Cookies
3+
Request\.Certificate
4+
Request\.ServerVariables
5+
Request\.IsSecureConnection
6+
Request\.Form
77
Replace
8-
Request.Write
9-
Response.Write
10-
Response.Write[[:space:]]*\(Request.QueryString[[:space:]]*\(
8+
Request\.Write
9+
Response\.Write
10+
Response\.Write[[:space:]]*\(.*\.QueryString[[:space:]]*\(
1111
FileSystemObject
12-
Scripting.FileSystemObject
13-
System.FileSystemInfo
14-
My.Computer.Registry
15-
System.IO
12+
Scripting\.FileSystemObject
13+
System\.FileSystemInfo
14+
My\.Computer\.Registry
15+
System\.IO
1616
StreamReader
1717
FileInputStream
1818
GetTempFileName
19-
System.Security.AccessControl
20-
Microsoft.Win32.RegistryKey
19+
System\.Security\.AccessControl
20+
Microsoft\.Win32\.RegistryKey
2121
AddFileSecurity
2222
AddDirectorySecurity
2323
DiscretionaryAcl
2424
SetAccessControl
2525
SqlError
2626
SqlException
27-
Server.Execute
28-
Server.Transfer
27+
Server\.Execute
28+
Server\.Transfer
2929
[Ee]val
3030
Execute
3131
Executeglobal
32-
Wscript.Shell
33-
Response.Write
34-
Response.AddHeader
35-
Response.Redirect
36-
Scripting.FileSystemObject.OpenTextFile
37-
Scripting.FileSystemObject.DeleteFile
32+
Wscript\.Shell
33+
Response\.Write
34+
Response\.AddHeader
35+
Response\.Redirect
36+
Scripting\.FileSystemObject\.OpenTextFile
37+
Scripting\.FileSystemObject\.DeleteFile
3838
GetObject
3939
LoadPicture
40-
Scripting.FileSystemObject.Write
41-
Scripting.FileSystemObject.WriteLine
42-
Scripting.FileSystemObject.GetFolder
43-
Scripting.FileSystemObject.OpenTextFile
44-
Scripting.FileSystemObject.Folder.Add
45-
Scripting.FileSystemObject.DeleteFolder
46-
Server.Createobject
40+
Scripting\.FileSystemObject\.Write
41+
Scripting\.FileSystemObject\.WriteLine
42+
Scripting\.FileSystemObject\.GetFolder
43+
Scripting\.FileSystemObject\.OpenTextFile
44+
Scripting\.FileSystemObject\.Folder\.Add
45+
Scripting\.FileSystemObject\.DeleteFolder
46+
Server\.Createobject
4747
CreateObject
48-
Scripting.FileSystemObject.BuildPath
48+
Scripting\.FileSystemObject\.BuildPath
4949
CDONTS
50-
ADODB.Connection
51-
ADODB.recordset
52-
ADODB.Command
53-
ADODB.Recordset
50+
ADODB\.Connection
51+
ADODB\.[Rr]ecordset
52+
ADODB\.Command
5453
[Ss][Ee][Ll][Ee][Cc][Tt][[:space:]]+.*[[:space:]]+[Ff][Rr][Oo][Mm][[:space:]]+.*\&[^_][^_]+
5554
[Ww][Hh][Ee][Rr][Ee][[:space:]]+.*=.*\&[^_][^_]+

signatures/asp/base.db

Lines changed: 34 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,53 +1,52 @@
1-
Request.QueryString
2-
Request.Cookies
3-
Request.Certificate
4-
Request.ServerVariables
5-
Request.IsSecureConnection
6-
Request.Form
1+
Request\.QueryString
2+
Request\.Cookies
3+
Request\.Certificate
4+
Request\.ServerVariables
5+
Request\.IsSecureConnection
6+
Request\.Form
77
Replace
8-
Request.Write
9-
Response.Write
10-
Response.Write[[:space:]]*\(Request.QueryString[[:space:]]*\(
8+
Request\.Write
9+
Response\.Write
10+
Response\.Write[[:space:]]*\(.*\.QueryString[[:space:]]*\(
1111
FileSystemObject
12-
Scripting.FileSystemObject
13-
System.FileSystemInfo
14-
My.Computer.Registry
15-
System.IO
12+
Scripting\.FileSystemObject
13+
System\.FileSystemInfo
14+
My\.Computer\.Registry
15+
System\.IO
1616
StreamReader
1717
FileInputStream
1818
GetTempFileName
19-
System.Security.AccessControl
20-
Microsoft.Win32.RegistryKey
19+
System\.Security\.AccessControl
20+
Microsoft\.Win32\.RegistryKey
2121
AddFileSecurity
2222
AddDirectorySecurity
2323
DiscretionaryAcl
2424
SetAccessControl
2525
SqlError
2626
SqlException
27-
Server.Execute
28-
Server.Transfer
27+
Server\.Execute
28+
Server\.Transfer
2929
[Ee]val
3030
Execute
3131
Executeglobal
32-
Wscript.Shell
33-
Response.Write
34-
Response.AddHeader
35-
Response.Redirect
36-
Scripting.FileSystemObject.OpenTextFile
37-
Scripting.FileSystemObject.DeleteFile
32+
Wscript\.Shell
33+
Response\.Write
34+
Response\.AddHeader
35+
Response\.Redirect
36+
Scripting\.FileSystemObject\.OpenTextFile
37+
Scripting\.FileSystemObject\.DeleteFile
3838
GetObject
3939
LoadPicture
40-
Scripting.FileSystemObject.Write
41-
Scripting.FileSystemObject.WriteLine
42-
Scripting.FileSystemObject.GetFolder
43-
Scripting.FileSystemObject.OpenTextFile
44-
Scripting.FileSystemObject.Folder.Add
45-
Scripting.FileSystemObject.DeleteFolder
46-
Server.Createobject
40+
Scripting\.FileSystemObject\.Write
41+
Scripting\.FileSystemObject\.WriteLine
42+
Scripting\.FileSystemObject\.GetFolder
43+
Scripting\.FileSystemObject\.OpenTextFile
44+
Scripting\.FileSystemObject\.Folder\.Add
45+
Scripting\.FileSystemObject\.DeleteFolder
46+
Server\.Createobject
4747
CreateObject
48-
Scripting.FileSystemObject.BuildPath
48+
Scripting\.FileSystemObject\.BuildPath
4949
CDONTS
50-
ADODB.Connection
51-
ADODB.recordset
52-
ADODB.Command
53-
ADODB.Recordset
50+
ADODB\.Connection
51+
ADODB\.[Rr]ecordset
52+
ADODB\.Command

signatures/dotnet.db

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ SecurityPermission.ControlPolicy
9393
# Reflection (C sharp): https://msdn.microsoft.com/en-us/library/mt656691.aspx
9494
Reflection
9595
# Dotnet HTTP request strings
96-
# Requests from external sources. Ensure that all HTTP requests received are data validated for
96+
# Requests from external sources. Ensure that all HTTP requests received are data validated for
9797
# composition, max and min length, and if the data falls with the realms of the
9898
parameter white-list.
9999
request.accepttypes

signatures/dotnet/request.db

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Dotnet HTTP request strings
2-
# Requests from external sources. Ensure that all HTTP requests received are data validated for
2+
# Requests from external sources. Ensure that all HTTP requests received are data validated for
33
# composition, max and min length, and if the data falls with the realms of the
44
parameter white-list.
55
request.accepttypes

signatures/ios.db

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,5 +40,5 @@ kSecAttrAccessibleAlways
4040
SUSStoreController handleApplicationURL[[:space:]]*:
4141
NSURL storeURLType
4242
SUStoreController _handleAccountURL[[:space:]]*:
43-
SKUIURL initWithURL[[:space:]]*:
43+
SKUIURL initWithURL[[:space:]]*:
4444
UIWebView[[:space:]]*:

t/t-signaturebugs.sh

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,4 +6,5 @@ test_description='Signature bug checks'
66
# Tests
77
test_expect_code 1 'Blank lines in signature files' 'grep -rE "^$" ../signatures'
88
test_expect_code 1 'Bad quantifiers in signatures' 'grep -rE "[+*?][+*?]" ../signatures'
9+
test_expect_code 1 'Trailing spaces in signatures' 'grep -rE "[[:space:]]+\$" ../signatures/'
910
test_done

0 commit comments

Comments
 (0)