Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications.
We were evaluating Puma.Security.Rules 1.0.6 against our old project and we are experiencing weird behavior. When you build, it says “build has started…” and just stays there… I was able to reconstruct this behavior and have created a console app to demonstrate this. Below is the snippet of code where this occurs.
I was expecting to see SEC0027 and SEC0029 warning messages but instead, it hangs during build and never finishes. Do you have any suggestions?
class Program
{
enum enuHashMethod : int
{
MD5 = 0,
SHA1 = 1,
SHA256 = 2,
SHA384 = 3,
SHA512 = 4
}
static void Main(string[] args)
{
}
private static HashAlgorithm Algorithm(enuHashMethod hashMethod)
{
HashAlgorithm hashAlg = null;
switch (hashMethod)
{
case enuHashMethod.MD5:
hashAlg = new MD5CryptoServiceProvider(); // Build hangs… commenting out builds fine…
break;
case enuHashMethod.SHA1:
hashAlg = new SHA1Managed(); // Build hangs… commenting out builds fine…
break;
case enuHashMethod.SHA256:
hashAlg = new SHA256Managed();
break;
case enuHashMethod.SHA384:
hashAlg = new SHA384Managed();
break;
case enuHashMethod.SHA512:
hashAlg = new SHA512Managed();
break;
}
return (hashAlg);
}
}
RE: Hkim
We were evaluating Puma.Security.Rules 1.0.6 against our old project and we are experiencing weird behavior. When you build, it says “build has started…” and just stays there… I was able to reconstruct this behavior and have created a console app to demonstrate this. Below is the snippet of code where this occurs.
I was expecting to see SEC0027 and SEC0029 warning messages but instead, it hangs during build and never finishes. Do you have any suggestions?