Versions Compared

Old Version 5

changes.mady.by.user Eliezer Basner

Saved on

compared with

New Version Current

changes.mady.by.user Eliezer Basner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Each Ruleset Content Pack includes improvements to queries, and optionally also to presets. Technically, these changes are delivered through database upgrade scripts which affect the relevant tables.

...

Expand
titleQueries improved for CSharp language

  • CSharp_General/Find_Integers - The query now uses a whitelist to search for C# methods that contain the word "countCount" and which actually return integers. Previously it matched any name containing the word "countCount".

  • CSharp/CSharp_Low_Visibility/Heap_Inspection - The query now assumes cases like var pass = x.ToString() are possible Heap Inspection attacks. The query infers that the value is of type string and does not discard the case. Previously it discarded such cases.

...

Expand
titleFAQ

Which CxSAST version is this Content Pack for?
As stated in the release notes, this Content Pack is only compatible with CxSAST v9.3.0.

Which languages were targeted in this Content Pack?
This Content Pack provides improvements for CSharp and VBNet.

Can this Content Pack be installed on top of other Content Packs?
Yes, this Content Pack is a multi-language Content Pack. It inherits all the characteristics of previous Content Packs, in other words, it is cumulative.

Does this Content Pack depend on other Content Packs?
No, there are no dependencies on other Content Packs. All Content Packs are cumulative, meaning that when one Content Pack is installed it includes all the previous Content Packs.

Can this Content Pack be installed over other Content Packs?
Yes it can. It will override its content.

Is there any order of installation between this Content Pack and Content Pack 15?
Yes. But there is no need to install other Content Packs. This Content Pack includes all the previous.

Can this Content Pack be installed in further/previous versions, like CxSAST 9.0?
No.

Does this Content Pack depend on any HotFix?
Yes, It requires the Hotfix 4 previously installed on the environment (manager and engines).

...