1. Randy Zaffke
  2. PowerBuilder
  3. Monday, 13 November 2017

Does Powerbuilder 2017 support Fortify code scans?

Chris Pollach Accepted Answer Pending Moderation

Hi Randy;

    Unfortunately, the HP Fortify product does not support the PowerScript language.

    As a workaround though, PB does emit C++ or C# depending on whether you are a) compiling to machine code;  b) deploying as a Winform app; c) deploying a .NET Assembly; or d) deploying Web Service. During these compilation / deployments - you can trap the generated C++ and/or C# code and then feed that into Fortify. The generated code is basically a 100% reflection of the PowerScript commands. Thus, the Fortify scan of the generated C++ / C# source should expose any vulnerability issues from the static perspective.

   Note: the Winform deployment option was removed in PB 2017 but was present on PB versions 11.x through 12.6.

Regards ... Chris


There are no comments made yet.
  1. Monday, 13 November 2017
  2. PowerBuilder
  3. # 1
  • Page :
  • 1

There are no replies made for this question yet.
However, you are not allowed to reply to this question.