They are not real problems.

> -----Original Message-----
> From: itext-questions-admin@(protected)
> [mailto:itext-questions-admin@(protected)
> Behalf Of Carsten Hammer
> Sent: Sunday, June 26, 2005 5:21 PM
> To: itext-questions@(protected)
> Subject: [iText-questions] Warnings fortify generates on itext
>
> Hi,
> for your information.
> These are some warnings fortify generates on itext:
>
> ResourceInjection - Tainted data affecting resources entering
> the system
> PdfPKCS7.java (4 Vulnerabilities)
> java.io.File.File(java.lang.String, java.lang.String): 511
> java.io.File.File(java.io.File, java.lang.String): 512
> java.io.File.File(java.io.File, java.lang.String): 513
> java.io.FileInputStream.FileInputStream(java.io.File): 516
> RandomAccessFileOrArray.java (1 Vulnerability)
> java.io.File.File(java.lang.String): 73
> SimplePatternParser.java (1 Vulnerability)
> java.io.FileInputStream.FileInputStream(java.lang.String): 271
> XmlToHtml.java (1 Vulnerability)
> java.io.FileInputStream.FileInputStream(java.lang.String): 123
> XmlToPdf.java (1 Vulnerability)
> java.io.FileInputStream.FileInputStream(java.lang.String): 123
> XmlToRtf.java (1 Vulnerability)
> java.io.FileInputStream.FileInputStream(java.lang.String): 123
> BuildTutorial.java (10 Vulnerabilities)
> java.io.File.File(java.lang.String): 44
> java.io.File.File(java.lang.String): 45
> java.io.File.File(java.io.File, java.lang.String): 46
> java.io.File.File(java.io.File, java.lang.String): 47
> java.io.File.File(java.lang.String, java.lang.String): 50
> java.io.File.File(java.io.File, java.lang.String): 83
> java.io.File.File(java.io.File, java.lang.String): 94
> java.io.File.File(java.io.File, java.lang.String): 95
> java.io.FileInputStream.FileInputStream(java.io.File): 127
> java.io.FileInputStream.FileInputStream(java.io.File): 144
>
> InformationLeakage - Tainted data escaping the system
> concat_pdf.java (1 Vulnerability)
> java.io.PrintStream.println(java.lang.String): 65
> encrypt_pdf.java (2 Vulnerabilities)
> java.io.PrintStream.println(java.lang.String): 83
> java.io.PrintStream.println(java.lang.String): 85
> split_pdf.java (1 Vulnerability)
> java.io.PrintStream.println(java.lang.String): 91
>
> UncheckedReturnValue - Failure to check informative return value
> BmpImage.java (4 Vulnerabilities)
> java.io.InputStream.read(byte, int, int): 318
> java.io.InputStream.read(byte, int, int): 407
> java.io.InputStream.read(byte, int, int): 434
> java.io.InputStream.read(byte, int, int): 520
>
> However most of it does not seem to be real problems.
> Because of problems with fortify itself (!!:)) it might be
> partially not
> analysed.
>
> Best regards,
> Carsten
>
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> iText-questions mailing list
> iText-questions@(protected)
> https://lists.sourceforge.net/lists/listinfo/itext-questions
>


-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
iText-questions mailing list
iText-questions@(protected)
https://lists.sourceforge.net/lists/listinfo/itext-questions