search

f5devcentral / vscode-f5

Let the F5 VSCode extension supercharge your workflows with schema validation, rest client, fast templates, and so much more!!!
https://f5devcentral.github.io/vscode-f5/#/
Apache License 2.0
57 stars 14 forks source link

XC Diagnostics Ruleset Rule for Reserved Ports Needs End of String match #225

Closed scoffeyfv closed 1 day ago

scoffeyfv commented 1 year ago

The ruleset provided for XC Diagnostics has a rule for XC Reserved Ports (code 05ab). Its regex matches the known XC reserved ports but doesn't specify an end of string, so matches on substrings of the port number. For example a VS with port 5001 will trigger due to the reserved port 500.

DumpySquare commented 11 months ago

lookin at this rule, I'm not sure how this is happening. I'll have to dig a bit deeper

    {
        "code": "05ab",
        "severity": "Warning",
        "title": "XC reserved ports",
        "message": "List of reserved ports 22|53|68|323|500|1067|2379|2380|4500|5355|6443|8005|8007|8087|8443|8444|8505|8507|9007|9090|9153|9999|10249|10250|10251|10252|10256|10257|10259|18091|18092|18093|18095|22222|23790|23791|23801|23802|28000-32767|65000-65535 (github issue #209)",
        "regex": "(?<=\\bdestination\\s\\/\\S+\/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}:)(?:2[89][0-9]{3}|3[01][0-9]{3}|32[0-6][0-9]{2}|327[0-5][0-9]|6[5-9][0-9]{3}|65[0-4][0-9]{2}|6553[0-5]|(?:22|53|68|323|500|1067|2379|2380|4500|5355|6443|8005|8007|8087|8443|8444|8505|8507|9007|9090|9153|9999|10249|10250|10251|10252|10256|10257|10259|18091|18092|18093|18095|22222|23790|23791|23801|23802))"
    }
DumpySquare commented 1 day ago

this should have been covered with the other rule updates