FindbugsReader: CWE mapping now compatible with old versions

h3xstream · h3xstream · commit 74bfc5c3296c · 2015-09-18T11:59:53.000-04:00
diff --git a/src/main/java/org/owasp/benchmark/score/parsers/FindbugsReader.java b/src/main/java/org/owasp/benchmark/score/parsers/FindbugsReader.java
@@ -113,13 +113,56 @@ else if ( cwe.equals( "326" ) ) {
 			return Integer.parseInt( cwe );
 		}
 
+		//This is a fallback mapping for unsupported/old versions of the Find Security Bugs plugin
+		//All important bug patterns have their CWE ID associated in later versions (1.4.3+).
 		switch( cat ) {
-
-			//Padding oracle (no specific CWE .. and not analyze by benchmark)
-			case "PADORA" :      return 00; // servlet cookie - not a vuln
 			//Cookies
-			case "SECCU" :      return 00; // servlet cookie - not a vuln
-			//Others informational elements
+			case "SECIC" : 		return 614;  // insecure cookie use
+			case "SECCU" :      return 00; // servlet cookie
+
+			//Injections
+			case "SECSQLIHIB"     : return 564;  // Hibernate Injection, child of SQL Injection
+			case "SECSQLIJDO"     : return 72;
+			case "SECSQLIJPA"     : return 72;
+			case "SECSQLISPRJDBC" : return 72;
+			case "SECSQLIJDBC"    : return 72;
+
+			//LDAP injection
+			case "SECLDAPI" : 	return 90;   // LDAP injection
+
+			//XPath injection
+			case "SECXPI" : 	return 643;  // XPATH injection
+
+			//Command injection
+			case "SECCI" : 		return 78;   // command injection
+
+			//Weak random
+			case "SECPR" : 		return 330;  // weak random
+
+			//Weak encryption
+			case "SECDU" : 		return 327;  // weak encryption DES
+			case "CIPINT" : 	return 327;	 // weak encryption - cipher with no integrity
+			case "PADORA" : 	return 327;  // padding oracle -- FIXME: probably wrong
+			case "STAIV" : 		return 329;  // static initialization vector for crypto
+
+			//Weak hash
+			case "SECWMD" : 	return 328;  // weak hash
+
+			//Path traversal
+			case "SECPTO" : 	return 22;   // path traversal
+			case "SECPTI" : 	return 22;   // path traversal
+
+			//XSS
+			case "SECXRW" :		return 79;   // XSS
+			case "SECXSS1" :	return 79;   // XSS
+			case "SECXSS2" :	return 79;   // XSS
+
+			//XXE
+			case "SECXXEDOC" :  return 611;  // XXE
+			case "SECXXEREAD" :  return 611;  // XXE
+			case "SECXXESAX" :  return 611;  // XXE
+
+			//Input sources
 			case "SECSP" : 		return 00;	 // servlet parameter - not a vuln
 			case "SECSH" : 		return 00;   // servlet header -- not a vuln
 			case "SECSSQ" : 	return 00;   // servlet query - not a vuln
