From: Mart <mart@martlubbers.net>
Date: Wed, 9 Nov 2016 12:31:43 +0000 (+0100)
Subject: push fortify reports and analysis file
X-Git-Url: https://git.martlubbers.net/?a=commitdiff_plain;h=c1fdfc79abdb34eca075442189f8f8139dcb2f54;p=ssproject1617.git

push fortify reports and analysis file
---

diff --git a/fortify-reports/ss.fpr b/fortify-reports/ss.fpr
new file mode 100644
index 0000000..20103a2
Binary files /dev/null and b/fortify-reports/ss.fpr differ
diff --git a/fortify-reports/testcms-final-anon CWESANSTop25.pdf b/fortify-reports/testcms-final-anon CWESANSTop25.pdf
new file mode 100644
index 0000000..0408323
Binary files /dev/null and b/fortify-reports/testcms-final-anon CWESANSTop25.pdf differ
diff --git a/fortify-reports/testcms-final-anon DISASTIG.pdf b/fortify-reports/testcms-final-anon DISASTIG.pdf
new file mode 100644
index 0000000..5d5973f
Binary files /dev/null and b/fortify-reports/testcms-final-anon DISASTIG.pdf differ
diff --git a/fortify-reports/testcms-final-anon DeveloperWorkbook.pdf b/fortify-reports/testcms-final-anon DeveloperWorkbook.pdf
new file mode 100644
index 0000000..e62b9a8
Binary files /dev/null and b/fortify-reports/testcms-final-anon DeveloperWorkbook.pdf differ
diff --git a/fortify-reports/testcms-final-anon FISMAComplianceFIPS-200.pdf b/fortify-reports/testcms-final-anon FISMAComplianceFIPS-200.pdf
new file mode 100644
index 0000000..036bb34
Binary files /dev/null and b/fortify-reports/testcms-final-anon FISMAComplianceFIPS-200.pdf differ
diff --git a/fortify-reports/testcms-final-anon OWASPMobileTop10.pdf b/fortify-reports/testcms-final-anon OWASPMobileTop10.pdf
new file mode 100644
index 0000000..b164c0c
Binary files /dev/null and b/fortify-reports/testcms-final-anon OWASPMobileTop10.pdf differ
diff --git a/fortify-reports/testcms-final-anon PCIDSSComplianceApplicationSecurityRequirements.pdf b/fortify-reports/testcms-final-anon PCIDSSComplianceApplicationSecurityRequirements.pdf
new file mode 100644
index 0000000..aad3053
Binary files /dev/null and b/fortify-reports/testcms-final-anon PCIDSSComplianceApplicationSecurityRequirements.pdf differ
diff --git a/testcms-final-anon/Fortifytestcms-final-anon.bat b/testcms-final-anon/Fortifytestcms-final-anon.bat
new file mode 100644
index 0000000..f8161a7
--- /dev/null
+++ b/testcms-final-anon/Fortifytestcms-final-anon.bat
@@ -0,0 +1,135 @@
+@echo off
+REM ###########################################################################
+REM Script generated by HPE Security Fortify SCA Scan Wizard (c) 2011-2016 Hewlett Packard Enterprise Development LP
+REM Created on 2016/11/09 09:06:13
+REM ###########################################################################
+REM Generated for the following languages:
+REM 	Javascript
+REM 	PHP
+REM 	SQL
+REM ###########################################################################
+REM DEBUG - if set to true, runs SCA in debug mode
+REM SOURCEANALYZER - the name of the SCA executable
+REM FPR - the name of analysis result file
+REM BUILDID - the SCA build id
+REM ARGFILE - the name of the argument file that's extracted and passed to SCA
+REM BYTECODE_ARGFILE - the name of the argument file for Java Bytecode translation that's extracted and passed to SCA
+REM MEMORY - the memory settings for SCA
+REM LAUNCHERSWITCHES - the launcher settings that are used to invoke SCA
+REM OLDFILENUMBER - this defines the file which contains the number of files within the project, it is automatically generated
+REM FILENOMAXDIFF - this is the percentage of difference between the number of files which will trigger a warning by the script
+REM ###########################################################################
+
+set DEBUG=false
+set SOURCEANALYZER=sourceanalyzer
+set FPR="Fortifytestcms-final-anon.fpr"
+set BUILDID="testcms-final-anon"
+set ARGFILE="Fortifytestcms-final-anon.bat.args"
+set BYTECODE_ARGFILE="Fortifytestcms-final-anon.bat.bytecode.args"
+set MEMORY=-Xmx682M -Xms400M -Xss24M 
+set LAUNCHERSWITCHES=""
+set OLDFILENUMBER=Fortifytestcms-final-anon.bat.fileno
+set FILENOMAXDIFF=10
+set ENABLE_BYTECODE=false
+
+set PROJECTROOT0="C:\Users\mrl\Desktop\ssproject1617\testcms-final-anon"
+IF NOT EXIST %PROJECTROOT0% (
+   ECHO  ERROR: This script is being run on a different machine than it was
+   ECHO         generated on or the targeted project has been moved. This script is 
+   ECHO         configured to locate files at
+   ECHO            %PROJECTROOT0%
+   ECHO         Please modify the %%PROJECTROOT0%% variable found
+   ECHO         at the top of this script to point to the corresponding directory
+   ECHO         located on this machine.
+   GOTO :FINISHED
+)
+
+IF %DEBUG%==true set LAUNCHERSWITCHES=-debug %LAUNCHERSWITCHES%
+echo Extracting Arguments File
+
+
+echo. >%ARGFILE%
+echo. >%BYTECODE_ARGFILE%
+SETLOCAL ENABLEDELAYEDEXPANSION
+IF EXIST %0 (
+   set SCAScriptFile=%0
+) ELSE (
+  set SCAScriptFile=%0.bat
+)
+
+set PROJECTROOT0=%PROJECTROOT0:)=^)%
+FOR /f "delims=" %%a IN ('findstr /B /C:"REM ARGS" %SCAScriptFile%' ) DO (
+   set argVal=%%a
+   set argVal=!argVal:PROJECTROOT0_MARKER=%PROJECTROOT0:~1,-1%!
+   echo !argVal:~9! >> %ARGFILE%
+)
+set PROJECTROOT0=%PROJECTROOT0:)=^)%
+FOR /f "delims=" %%a IN ('findstr /B /C:"REM BYTECODE_ARGS" %SCAScriptFile%' ) DO (
+   set ENABLE_BYTECODE=true
+   set argVal=%%a
+   set argVal=!argVal:PROJECTROOT0_MARKER=%PROJECTROOT0:~1,-1%!
+   echo !argVal:~18! >> %BYTECODE_ARGFILE%
+)
+ENDLOCAL && set ENABLE_BYTECODE=%ENABLE_BYTECODE%
+
+REM ###########################################################################
+echo Cleaning previous scan artifacts
+%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% -clean 
+IF %ERRORLEVEL%==1 (
+echo Sourceanalyzer failed, exiting
+GOTO :FINISHED
+)
+REM ###########################################################################
+echo Translating files
+%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% @%ARGFILE%
+IF %ERRORLEVEL%==1 (
+echo Sourceanalyzer failed, exiting
+GOTO :FINISHED
+)
+REM ###########################################################################
+IF %ENABLE_BYTECODE%==true (
+echo Translating Java bytecode files
+%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% @%BYTECODE_ARGFILE%
+IF %ERRORLEVEL%==1 (
+echo Sourceanalyzer failed, exiting
+GOTO :FINISHED
+)
+)
+REM ###########################################################################
+echo Testing Difference between Translations
+SETLOCAL
+FOR /F "delims=" %%A in ('%SOURCEANALYZER% -b %BUILDID% -show-files ^| findstr /R /N "^" ^| find /C ":" ') DO SET FILENUMBER=%%A
+IF NOT EXIST %OLDFILENUMBER% (
+	ECHO It appears to be the first time running this script, setting %OLDFILENUMBER% to %FILENUMBER%
+	ECHO %FILENUMBER% > %OLDFILENUMBER%
+	GOTO TESTENDED
+)
+
+FOR /F "delims=" %%i IN (%OLDFILENUMBER%) DO SET OLDFILENO=%%i
+set /a DIFF=%OLDFILENO% * %FILENOMAXDIFF%
+set /a DIFF /=  100
+set /a MAX=%OLDFILENO% + %DIFF%
+set /a MIN=%OLDFILENO% - %DIFF%
+
+IF %FILENUMBER% LSS %MIN% set SHOWWARNING=true
+IF %FILENUMBER% GTR %MAX% set SHOWWARNING=true
+
+IF DEFINED SHOWWARNING (
+	ECHO WARNING: The number of files has changed by over %FILENOMAXDIFF%%%, it is recommended 
+	ECHO          that this script is regenerated with the ScanWizard
+)
+:TESTENDED
+ENDLOCAL
+
+REM ###########################################################################
+echo Starting scan
+%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% -scan -f %FPR%
+IF %ERRORLEVEL%==1 (
+echo Sourceanalyzer failed, exiting
+GOTO :FINISHED
+)
+REM ###########################################################################
+echo Finished
+:FINISHED
+REM ARGS "-Dcom.fortify.sca.fileextensions.sql=PLSQL"
+REM ARGS "PROJECTROOT0_MARKER"
diff --git a/testcms-final-anon/Fortifytestcms-final-anon.bat.args b/testcms-final-anon/Fortifytestcms-final-anon.bat.args
new file mode 100644
index 0000000..4023a99
--- /dev/null
+++ b/testcms-final-anon/Fortifytestcms-final-anon.bat.args
@@ -0,0 +1,3 @@
+ 
+"-Dcom.fortify.sca.fileextensions.sql=PLSQL" 
+"C:\Users\mrl\Desktop\ssproject1617\testcms-final-anon" 
diff --git a/testcms-final-anon/Fortifytestcms-final-anon.bat.bytecode.args b/testcms-final-anon/Fortifytestcms-final-anon.bat.bytecode.args
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/testcms-final-anon/Fortifytestcms-final-anon.bat.bytecode.args
@@ -0,0 +1 @@
+ 
diff --git a/testcms-final-anon/Fortifytestcms-final-anon.bat.fileno b/testcms-final-anon/Fortifytestcms-final-anon.bat.fileno
new file mode 100644
index 0000000..d58bbba
--- /dev/null
+++ b/testcms-final-anon/Fortifytestcms-final-anon.bat.fileno
@@ -0,0 +1 @@
+91