|
| 1 | +class Unbuffered(object): |
| 2 | + def __init__(self, stream): |
| 3 | + self.stream = stream |
| 4 | + def write(self, data): |
| 5 | + self.stream.write(data) |
| 6 | + self.stream.flush() |
| 7 | + def writelines(self, datas): |
| 8 | + self.stream.writelines(datas) |
| 9 | + self.stream.flush() |
| 10 | + def __getattr__(self, attr): |
| 11 | + return getattr(self.stream, attr) |
| 12 | + |
| 13 | +import sys |
| 14 | +import os |
| 15 | +import fnmatch |
| 16 | +from subprocess import call |
| 17 | +import subprocess |
| 18 | +import os |
| 19 | +import time |
| 20 | + |
| 21 | +""" |
| 22 | +This is a simple way to get a simple, light |
| 23 | +report started for those who cannot use |
| 24 | +and FPR file nor log into your SSC... |
| 25 | +""" |
| 26 | +sys.stdout = Unbuffered(sys.stdout) |
| 27 | + |
| 28 | +""" |
| 29 | +You need to edit the two lines below as your versions get upgraded... |
| 30 | +""" |
| 31 | +fortifyVersion="20.1.0" |
| 32 | +jreVersion="1.8.0_212" |
| 33 | +fprUtil="C:\\PROGRA~1\\Fortify\\Fortify_SCA_and_Apps_"+fortifyVersion+"\\bin\\FPRUtility.bat" |
| 34 | + |
| 35 | +files = [f for f in os.listdir('.') if os.path.isfile(f)] |
| 36 | +for filename in files: |
| 37 | + if fnmatch.fnmatch(filename, '*.fpr'): |
| 38 | + now = time.strftime("%c") |
| 39 | + print ("") |
| 40 | + print ("------------------------------------------------------------") |
| 41 | + print ("Fortify Report filename: " + filename) |
| 42 | + print ("Report start: %s" % now ) |
| 43 | + print ("------------------------------------------------------------") |
| 44 | + print ("\r\n") |
| 45 | + print ("Scan Date: ") |
| 46 | + print ("Scanned: files, LOC (Executable)") |
| 47 | + print ("Gross Issues: (0 critical, 0 high, 0 medium, 0 low)") |
| 48 | + print ("Files: ") |
| 49 | + print ("Executable LoC: ") |
| 50 | + print ("Total LoC: ") |
| 51 | + print ("Certified: Results Certification Valid") |
| 52 | + print ("Warnings: ") |
| 53 | + print ("SCA Engine Version: HPE Security Fortify Static Code Analyzer " + fortifyVersion + " (using JRE " + jreVersion + ")") |
| 54 | + print ("\r\n") |
| 55 | + print ("The following are Fortify Issue Severity Counts:") |
| 56 | + print ("-----------------------------------------------") |
| 57 | + print ("CRITICAL: _") |
| 58 | + print ("HIGH: _") |
| 59 | + print ("MEDIUM: _") |
| 60 | + print ("LOW: _") |
| 61 | + print ("FALSE POSITIVE: _") |
| 62 | + print ("Total for all severities: _ Issues") |
| 63 | + print ("\r\n") |
| 64 | + print ("The following are Fortify analyzer Issue Counts by Criticality:") |
| 65 | + print ("--------------------------------------------------------------") |
| 66 | + print ("CRITICAL") |
| 67 | + print ("--------") |
| 68 | + print ("\r\n") |
| 69 | + print ("HIGH") |
| 70 | + print ("--------") |
| 71 | + print ("\r\n") |
| 72 | + print ("MEDIUM") |
| 73 | + print ("--------") |
| 74 | + print ("\r\n") |
| 75 | + print ("LOW") |
| 76 | + print ("--------") |
| 77 | + print ("\r\n") |
| 78 | + print ("FALSE POSITIVE") |
| 79 | + print ("--------------") |
| 80 | + print ("\r\n") |
| 81 | + print ("------------------------------------------------------------") |
| 82 | + print ("Fortify SCA Category Issue Counts for: " + filename) |
| 83 | + print ("------------------------------------------------------------") |
| 84 | + os.system(fprUtil + " -information -categoryIssueCounts -project " + filename) |
| 85 | + print ("") |
| 86 | + print ("------------------------------------------------------------") |
| 87 | + print ("Fortify SCA Analyzer Issue Counts for: " + filename) |
| 88 | + print ("------------------------------------------------------------") |
| 89 | + os.system(fprUtil + " -information -analyzerIssueCounts -project " + filename) |
| 90 | + print ("") |
| 91 | + print ("------------------------------------------------------------") |
| 92 | + print ("Fortify SCA Errors for: " + filename) |
| 93 | + print ("------------------------------------------------------------") |
| 94 | + os.system(fprUtil + " -information -errors -project " + filename) |
| 95 | + print ("") |
| 96 | + print ("") |
| 97 | + print ("------------------------------------------------------------") |
| 98 | + print ("Done with ad-hoc reporting on: " + filename) |
| 99 | + print ("------------------------------------------------------------") |
| 100 | + now = time.strftime("%c") |
| 101 | + print ("Report end: %s" % now ) |
| 102 | + print ("------------------------------------------------------------") |
| 103 | + print ("") |
0 commit comments