Search in sources :

Example 1 with Severity

use of com.checkmarx.flow.dto.iast.ql.utils.Severity in project cx-flow by checkmarx-ltd.

the class IastService method thresholdsSeverity.

/**
 * create an exception if the severity thresholds are exceeded
 */
private void thresholdsSeverity(ScanVulnerabilities scanVulnerabilities) {
    Map<Severity, AtomicInteger> thresholdsSeverity = new HashMap<>(7);
    for (Severity severity : Severity.values()) {
        thresholdsSeverity.put(severity, new AtomicInteger(0));
    }
    boolean throwThresholdsSeverity = false;
    for (int i = 0; i < scanVulnerabilities.getVulnerabilities().size(); i++) {
        VulnerabilityInfo vulnerabilityInfo = scanVulnerabilities.getVulnerabilities().get(i);
        int countSeverityVulnerabilities = thresholdsSeverity.get(vulnerabilityInfo.getHighestSeverity()).incrementAndGet();
        Integer countPossibleVulnerability = iastProperties.getThresholdsSeverity().get(vulnerabilityInfo.getHighestSeverity());
        if (countPossibleVulnerability != -1 && countSeverityVulnerabilities >= countPossibleVulnerability) {
            throwThresholdsSeverity = true;
        }
    }
    if (throwThresholdsSeverity) {
        log.warn("\nThresholds severity are exceeded. " + "\n High:   " + thresholdsSeverity.get(Severity.HIGH).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.HIGH) + "\n Medium: " + thresholdsSeverity.get(Severity.MEDIUM).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.MEDIUM) + "\n Low:    " + thresholdsSeverity.get(Severity.LOW).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.LOW) + "\n Info:   " + thresholdsSeverity.get(Severity.INFO).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.INFO));
        throw new IastThresholdsSeverityException();
    }
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) HashMap(java.util.HashMap) Severity(com.checkmarx.flow.dto.iast.ql.utils.Severity) VulnerabilityInfo(com.checkmarx.flow.dto.iast.manager.dto.VulnerabilityInfo)

Aggregations

VulnerabilityInfo (com.checkmarx.flow.dto.iast.manager.dto.VulnerabilityInfo)1 Severity (com.checkmarx.flow.dto.iast.ql.utils.Severity)1 HashMap (java.util.HashMap)1 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1