DS440100 - False Positive #545
Assignees
Labels
Comments
|
Thanks for the report. We are still working on updates to the rules and I'll add this to that effort. |
|
This one looks tricky to resolve, the original regex is not very sophisticated in how it's looking for ciphers. May need to significantly refactor this one. |
|
@atrompler I think this rule is too generic. It may need to be refactored to look for the specific constants for the curve name in each language rather than the generic curve names in general - it could then use a word separator around the declared constants to ensure that its not conincidentally part of some other variable declaration. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Rule ID
DS440100
What the rule matched
https://github.com/fedora-iot/fido-device-onboard-rs/blob/e94c588277a8310d0ba25424708bd2df06097a12/admin-tool/src/aio/configure.rs#L46-L47
https://github.com/fedora-iot/fido-device-onboard-rs/blob/e94c588277a8310d0ba25424708bd2df06097a12/admin-tool/src/aio/configure.rs#L272-L272
Why should this not be matched?
It is the name of a struct field in Rust.
The text was updated successfully, but these errors were encountered: