You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
it is unclear to me which versions of CogniCrypt that this issue is expected to be fixed in.
I have been looking at this dataset and from my findings, this is still an issue,
I am able to reproduce the error from the following configuration(s):
Setup:
get the (built) project in question: git clone https://github.com/anam-dodhy/dragonite-java.git
using the following few versions of CogniCrypt (note these versions are released after the close date of the original issue):
a fairly recent buildable version of CogniCrypt, using the rules from the 2.3 release
the corresponding buildable version of CogniCrypt from approx. the 2.3 release, using the rules from the 2.3 release
Attempted an analysis of both the entire project using this classpath: dragonite-java/dragonite-sdk/build/classes/java/mainas well as just a copy of the isolated AESCryptor.class
Both results in the following in the report:
in Method: byte[] encryptImpl(byte[])
RequiredPredicateError violating CrySL rule for javax.crypto.spec.IvParameterSpec
First parameter was not properly generated as randomized
at statement: specialinvoke $r6.<javax.crypto.spec.IvParameterSpec: void <init>(byte[])>(r16)
Not clear why this issue arises, if it has reappeared, or if the version that it seemed to be fixed in is different than my current work environment in some way.
Please let me know if you need any other details to reproduce,
more details to be found in 68
The text was updated successfully, but these errors were encountered:
Reopening of issue 68
it is unclear to me which versions of CogniCrypt that this issue is expected to be fixed in.
I have been looking at this dataset and from my findings, this is still an issue,
I am able to reproduce the error from the following configuration(s):
Setup:
get the (built) project in question:
git clone https://github.com/anam-dodhy/dragonite-java.git
using the following few versions of CogniCrypt (note these versions are released after the close date of the original issue):
Attempted an analysis of both the entire project using this classpath:
dragonite-java/dragonite-sdk/build/classes/java/main
as well as just a copy of the isolatedAESCryptor.class
Both results in the following in the report:
Not clear why this issue arises, if it has reappeared, or if the version that it seemed to be fixed in is different than my current work environment in some way.
Please let me know if you need any other details to reproduce,
more details to be found in 68
The text was updated successfully, but these errors were encountered: