|  |  |  |  | 

Bug Tracking Ethical Hacking and Pentesting Software Engineering Software Security

Workaround for “Fortify SCA Scan Wizard Script” That Does Not Work Due to Parentheses in File Path Name

img-responsive

In the “BAT” file that generated by the Fortify SCA “Scan Wizard” tool, if the source code path to be scanned contains parentheses, the script will not work because of a path conversion (renaming/replacing).

In order to fully understand what the problem is, I put in the script file the “echo markers” where the errors could point.

The output from step 3 of this output (Worked 3) has not been printed, which indicates that there was an error in the previous code block. Immediately after reading the code block above step 3, we understand that a string replace operation has been performed.

 

In summary, finding the parentheses in the internal file path and replacing it with “^)” will cause the following error to occur, since the source file will become unreadable after this operation (because such a folder is not found in our system).

If you try to temporarily remove this code here, the code will not work again.

So we need to get the correct path first by doing a string replace and then by replacing it again. (It is my way may be another solution is exist)

And it is working now as shown below


But I do not know how right this solution is, just to save the day for me 🙂 Please submit yours if you found another solution…

workaround-for-fortify-sca-scan-wizard-script-that-does-not-work-due-to-parentheses-in-file-path-name

ABOUT THE AUTHOR

Application Security , Information and Software Security Specialist Ethical Hacker and Pentester

POST YOUR COMMENTS