Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
3.0.0.Final
-
None
-
40
Description
Windup xml rule definition of where named patterns are interfering
if there is not used where parameter it works fine, otherwise it is not triggered for all occurrences when second javaclass condition should be triggered.
Example of rule:
... <rule id="jni-native-code-00001"> <when> <or> <javaclass references="java.lang.System.{systemNativeMethods}({*})"> <location>METHOD_CALL</location> </javaclass> <javaclass references="java.lang.Runtime.{runtimeNativeMethods}({*})"> <location>METHOD_CALL</location> </javaclass> </or> </when> <perform> <hint title="Application uses native libraries" effort="1" category-id="potential"> <message>The application uses native libraries.</message> </hint> </perform> <where param="systemNativeMethods"> <matches pattern="(load|loadLibrary|mapLibraryName)"/> </where> <where param="runtimeNativeMethods"> <matches pattern="(load|loadLibrary)"/> </where> </rule> ..