PowerBuilder

PowerBuilder Rules

Category Severity Name Description
Bug Major All branches in a conditional structure should not have exactly the same implementation All branches in a conditional structure should not have exactly the same implementation
Vulnerability Critical Always use AES encryption algorithm in a secure mode AES encryption algorithm should be used with secured mode
Maintainability Minor Boolean checks should not be inverted Boolean checks should not be inverted
Maintainability Minor Boolean literals should not be redundant Boolean literals should not be redundant
Maintainability Major CASE clauses should not have too many lines CASE clauses should not have too many lines
Maintainability Critical CASE expressions should end with ELSE clauses CASE expressions should end with ELSE clauses
Maintainability Minor CASE should be used for sequences of simple tests CASE should be used for sequences of simple tests
Maintainability Major CASE structures should not have too many CASE clauses CASE structures should not have too many case clauses
Maintainability Minor Code elements must not be unused List all unused components
Maintainability Major Collapsible if statements should be merged Collapsible if statements should be merged
Maintainability Minor Comments should not be located at the end of lines of code Comments should not be located at the end of lines of code
Vulnerability Critical Cryptographic Hash Functions should not use SHA-1 or Message-Digest Algorithms SHA-1 and Message-Digest hash algorithms should not be used in secure contexts
Vulnerability Critical Database queries should not be vulnerable to injection attacks Database queries should not be vulnerable to injection attacks
Vulnerability Critical DES (Data Encryption Standard) or 3DES should not be used DES Crypting should not be used
Vulnerability Critical Encryption algorithms must be used with the appropriate secure mode and padding scheme. Encryption algorithms should be used with secure mode and padding scheme
Vulnerability Critical Encryption keys should be long enough Cryptographic keys should be robust
Vulnerability Critical Encryption keys should not be hardcoded Encryption keys should not be hardcoded
Maintainability Minor EXIT should not be used in loops EXIT should not be used in loops
Maintainability Minor Fields should not have public accessibility Fields should not have public accessibility
Maintainability Major Files should not have too many lines of code Files should not have too many lines of code
Maintainability Major FOR loop end conditions should not be hard - coded FOR loop end conditions should not be hard - coded
Maintainability Major Function and Event parameters should comply with a naming convention Function and Event parameters should comply with a naming convention
Maintainability Major Function OR Event name should comply with a naming convention Function OR Event name should comply with a naming convention
Bug Major Function return type does not match with the actual variable returned Function return type does not match with the actual variable returned
Maintainability Major Functions Or Events should not have too many parameters Functions Or Events should not have too many parameters
Bug Critical Functions should end with RETURN statements Functions should end with RETURN statements
Maintainability Minor Generic exceptions should not be ignored Generic exceptions should not be ignored
Maintainability Critical GOTO should not be used to jump backwards GOTO should not be used to jump backwards
Maintainability Major GOTO should not be used within loops GOTO should not be used within loops
Maintainability Major GOTO statements should not be used GOTO statements should not be used
Maintainability Critical IF ... ELSEIF constructs should end with ELSE clauses IF ... ELSEIF constructs should end with ELSE clauses
Bug Major IF statement conditions should not evaluate unconditionally to TRUE or to FALSE IF statement conditions should not evaluate unconditionally to TRUE or to FALSE
Maintainability Critical IF statements should not be nested too deeply IF statements should not be nested too deeply
Vulnerability Critical IP addresses should not be Hardcoded Hard coded IP address should not be used
Bug Major Jump statements should not be followed by dead code Jump statements should not be followed by dead code
Maintainability Minor Jump statements should not be redundant Jump statements should not be redundant
Maintainability Major Lines should not be too long Lines should not be too long
Maintainability Minor Lines should not end with trailing whitespaces Lines should not end with trailing whitespaces
Bug Major Loops with at most one iteration should be refactored Loops with at most one iteration should be refactored
Maintainability Minor Methods must not be empty Empty Method
Maintainability Minor Missing destructor Missing destructor
Maintainability Minor Naming conventions must be applied Naming Conventions
Vulnerability Minor Never use Console logging in production Console logging should not be used
Vulnerability Critical Never use CoSetProxyBlanket or CoInitializeSecurity CoSetProxyBlanket and CoInitializeSecurity should not be used
Maintainability Critical Newline and control characters should not be used in string literals Newline and control characters should not be used in string literals
Maintainability Minor Objects should not be duplicated (same name and same type) Duplicated Components
Vulnerability Critical OS commands should not allow injection attacks OS commands should not be vulnerable to injection attacks
Maintainability Minor PBLs should not exceed a certain size Large PBL
Maintainability Major Redundant pairs of parentheses should be removed Redundant pairs of parentheses should be removed
Vulnerability Critical Regular expressions should not allow Denial of Service attacks Regular expressions should not be vulnerable to Denial of Service attacks
Bug Major Related IF/ELSIF statements and WHEN clauses in a CASE should not have the same condition Related IF/ELSIF statements and WHEN clauses in a CASE should not have the same condition
Maintainability Minor Return of boolean expressions should not be wrapped into an if-then-else statement Return of boolean expressions should not be wrapped into an if-then-else statement
Maintainability Minor Scripts must be commented Uncommented scripts
Maintainability Minor Scripts must not exceed a certain size Large Scripts
Vulnerability Critical SOAP and INET objects should not be used SOAP and INET PowerBuilder objects do not support use of TLS 1.2 and that makes it vulnerable to attacks
Maintainability Major Statements should be on separate lines Statements should be on separate lines
Maintainability Critical String literals should not be duplicated String literals should not be duplicated
Bug Critical Syntax Errors Syntax Errors
Vulnerability Critical The OLE web browser should not be used anymore (not secure) OLE Web Browser not secured
Maintainability Major Track uses of FIXME tags Track uses of FIXME tags
Maintainability Information Track uses of TODO tags Track uses of TODO tags
Maintainability Major Two branches in a conditional structure should not have exactly the same implementation Two branches in a conditional structure should not have exactly the same implementation
Maintainability Major Unused event parameters should be removed Unused event parameters should be removed
Maintainability Major Unused function parameters should be removed Unused function parameters should be removed
Maintainability Minor Unused global variables/constants should be removed Unused global variables/constants should be removed
Maintainability Major Unused labels should be removed Unused labels should be removed
Maintainability Minor Unused local variables should be removed Unused local variables should be removed
Vulnerability Critical User IDs and Passwords should not be Hardcoded Hard coded UserId / Password for database connection should not be used
Vulnerability Critical User input should not allow path injection or path transversal attacks I/O function calls should not be vulnerable to path injection attacks
Maintainability Minor Variables should comply with a naming convention Variables should comply with a naming convention
Bug Major Variables should not be self-assigned Variables should not be self-assigned