1. Randy Zaffke
  2. PowerBuilder
  3. Monday, 13 November 2017

Does Powerbuilder 2017 support Fortify code scans?

Chris Pollach Accepted Answer Pending Moderation
0
Votes
Undo

Hi Randy;

    Unfortunately, the HP Fortify product does not support the PowerScript language.

    As a workaround though, PB does emit C++ or C# depending on whether you are a) compiling to machine code;  b) deploying as a Winform app; c) deploying a .NET Assembly; or d) deploying Web Service. During these compilation / deployments - you can trap the generated C++ and/or C# code and then feed that into Fortify. The generated code is basically a 100% reflection of the PowerScript commands. Thus, the Fortify scan of the generated C++ / C# source should expose any vulnerability issues from the static perspective.

   Note: the Winform deployment option was removed in PB 2017 but was present on PB versions 11.x through 12.6.

Regards ... Chris

 

Comment
There are no comments made yet.
  1. Monday, 13 November 2017
  2. PowerBuilder
  3. # 1
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.
We use cookies which are necessary for the proper functioning of our websites. We also use cookies to analyze our traffic, improve your experience and provide social media features. If you continue to use this site, you consent to our use of cookies. Learn More