Drop autofp #1300
Merged
Drop autofp #1300
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
janowagner
force-pushed
the
drop_autofp
branch
from
912cfe4 to
018209c
Compare
janowagner
requested review from
mattmundell and
timopollmeier
as code owners
janowagner
force-pushed
the
drop_autofp
branch
from
018209c to
1e200ed
Compare
The columns array for index 0 was reserved for autofp. So, for removing autofp the index 1 need to become 0 and 2 become 1.
In the result iterator for severity type, the autofp was preferred if exists. Now only the overriden alone is applied. This makes the iterator element number 5 unneeded.
Autofp was number 5 in the iterator count, so decrease any iterator element beyond 5 by 1.
Apparently there was no direct reference into the column numbers, so this patch is short and there is no need to adjust index numbers.
Document the removal of "autofp" and "auto_type".
This remains from merging with master. The auto_type does not exist anymore, so testing it for NULL is not necessary anymore. This case is always true now.
janowagner
force-pushed
the
drop_autofp
branch
from
e7591dc to
fcda896
Compare
mattmundell
requested changes
Oct 5, 2020
mattmundell
requested changes
Oct 5, 2020
src/manage_sql.c
Outdated
| " OR %s = 1)", | ||
| new_severity_sql, | ||
| auto_type_sql); | ||
| " )", |
There was a problem hiding this comment.
Also would be nicer as ")))", on line 21261.
And clean up formatting.
The iterator does not have a int type as first element anymore. If it is not "done", then it is a double type at position 0.
mattmundell
approved these changes
Oct 5, 2020
Merged
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What:
Remove the functionality "autofp" (Auto False Positives).
This is a filter functionality for scan results using CVEs of confirmed
applied vendor fixes to eliminate same CVE alerts from less reliable tests (like
remote banner tests).
Associated with this the "auto_type" is removed, which is the new
severity type "False Positive" in case autofp applies to the result.
Why:
The QoD is capable to filter our less reliable results where wanted.
This method shows a much better performance as well, and actually
is applied by default already with a vlaue of 70%.
How:
The handling of the filter element "autofp" is removed as well as
the corresponding SQL query extensions and the returned result
extensions.
Checklist: