Reviewing a fix
Last updated
Last updated
Once you have filtered for the set of fixes for review, you may begin processing them. That typically begins with clicking on the Unresolved tab to see what fixes need to be reviewed. In our example, we will be looking at a set of fixes within the Sensitive Data Exposure category. There were 7 fixes identified. To show how to process a fix, we will look at Fix SDE-PyRRG-1-1.
In this example, it has detected the use of a weak encryption library leading to possible attacks. To learn more about this issue, you can click on the link should not be used for security purposes to learn more about the use of pseudo-random generators.
To strengthen the security for this issue, it is recommended that the weak random library be replaced with the stronger secrets library.
To see the diffs for this fix, click on the Show Diff button. Doing that reveals an expanded display.
There is a Diff: tab shown where the tab displays the changes suggested for the affected file. In this example, Diff: 1 is selected and displayed. This is the diff for the file using the weak library.
The lines that were changed are identified by the red highlighted statements. In this example, those are Lines 1 and 32. The text below that shows the corrected code with green highlights. The iCR generated code corrects the issue by replacing the import of the random library with the stronger secrets one. In addition, the usage statement 32 is updated to refer to the stronger pseudo-random number generator secrets.SystemRandom.
If you want to browse the original source file associated with this fix, you can click on the Show Source button. A scrollable window will appear below the diff window with tabs for each of the files that have a diff for this fix. You can click on any tab to browse the source for any of the affected files. In this case Source of Diff: 1.
You can scroll through the original source file independently of the diff window.
Once you are satisfied with reviewing a particular correction, you can select other Diff: tabs to review all the suggested changes for this fix.
To view other fixes, scroll through the list of fixes or select new filters.
