1. 首页
  2. 问答
  3. 为什么BIRTReportGenerator无法找到我的源文件?

为什么BIRTReportGenerator无法找到我的源文件?

2017-10-18 103 views
0

我正在尝试使用SCA用户指南中概述的BIRTReportGenerator来构建强化报告。扫描工作正常,并生成一个fpr文件,但是当我运行报告生成器时,出现以下错误。为什么BIRTReportGenerator无法找到我的源文件?

FPR source file not found or not readable.

这里是我使用的命令。这些是从用户指南中直接剪切和粘贴的。唯一修改的是路径。

sourceanalyzer -b myproject -clean 
sourceanalyzer -b myproject -cp /Users/ginger.mcmurray/Mobuyle-Android-New-Ui/MobuyleCore/libs -Dcom.fortify.sca.SuppressLowSeverity=true -Dcom.fortify.sca.LowSeverityCutoff=10.0 -jdk 1.6 MobuyleCore/src 
sourceanalyzer -b myproject -scan -f results.fpr 
BIRTReportGenerator -template "OWASP Top 10" -source results.fpr -format PDF -showSuppressed --Version "OWASP Top 10 2013" --UseFortifyPriorityOrder -output MyOWASP_Top10_Report.pdf

如果我改用ReportGenerator,则一切正常。但是,我需要为我们的安全部门创建BIRT报告的能力。

这是为了一个android java项目,以防万一。

另外,尽管在命令中包含路径,但我仍然在我的jar文件中发现了很多未知的函数和参考问题。

带有-debug选项的BIRTReportGenerator的输出。

Start VM: -Xms40m 
-Xmx1088m 
-XX:MaxPermSize=320m 
-XX:-UseCompressedOops 
-Xdock:icon=../Resources/Awb.icns 
-XstartOnFirstThread 
-Dorg.eclipse.swt.internal.carbon.smallFonts 
-Dcom.fortify.InstallRoot=../../../../../../.. 
-Djava.awt.headless=true 
-Dcom.fortify.InstallRoot=/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/bin/.. 
-Xmx1000M 
-XX:MaxPermSize=256m 
-Djava.class.path=/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/Auditworkbench.app/Contents/MacOS//../../../plugins/org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 
-os macosx 
-ws cocoa 
-arch x86_64 
-launcher /Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/Auditworkbench.app/Contents/MacOS/eclipse 
-name HPE Security Fortify Report Generation 
--launcher.library /Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/Auditworkbench.app/Contents/MacOS//../../../plugins/org.eclipse.equinox.launcher.cocoa.macosx.x86_64_1.1.200.v20150204-1316/eclipse_1607.so 
-startup /Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/Auditworkbench.app/Contents/MacOS//../../../plugins/org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 
--launcher.appendVmargs 
-application com.hp.fortify.birt.report.generator.console.Application 
-data /Users/ginger.mcmurray/.fortify/BIRT16.10/workspace 
-configuration /Users/ginger.mcmurray/.fortify/BIRT16.10/configuration442 
-template OWASP Top 10 
-source results.fpr 
-format PDF 
-showSuppressed 
--Version OWASP Top 10 2013 
--UseFortifyPriorityOrder 
-debug 
-output MyOWASP_Top10_Report.pdf 
-consoleLog 
-vm /Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/jre/lib/jli/libjli.dylib 
-vmargs 
-Xms40m 
-Xmx1088m 
-XX:MaxPermSize=320m 
-XX:-UseCompressedOops 
-Xdock:icon=../Resources/Awb.icns 
-XstartOnFirstThread 
-Dorg.eclipse.swt.internal.carbon.smallFonts 
-Dcom.fortify.InstallRoot=../../../../../../.. 
-Djava.awt.headless=true 
-Dcom.fortify.InstallRoot=/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/bin/.. 
-Xmx1000M 
-XX:MaxPermSize=256m 
-Djava.class.path=/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/Auditworkbench.app/Contents/MacOS//../../../plugins/org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar 
Configuration location: 
    file:/Users/ginger.mcmurray/.fortify/BIRT16.10/configuration442/ 
Configuration file: 
    file:/Users/ginger.mcmurray/.fortify/BIRT16.10/configuration442/config.ini loaded 
Install location: 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/ 
Configuration file: 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/configuration/config.ini loaded 
Loading timestamp file from: 
    file:/Users/ginger.mcmurray/.fortify/BIRT16.10/configuration442/ .baseConfigIniTimestamp 
    No timestamp file found 
Timestamps found: 
    config.ini in the base: 1458848541000 
    remembered -1 
Shared configuration location: 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/configuration/ 
Framework located: 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/plugins/org.eclipse.osgi_3.10.2.v20150203-1939.jar 
Loading extension: reference:file:org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar 
    eclipse.properties not found 
Framework classpath: 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/plugins/org.eclipse.osgi_3.10.2.v20150203-1939.jar 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/plugins/ 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/plugins/org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar 
Debug options: 
    file:/Applications/HP_Fortify/HP_Fortify_SCA_and_Apps_16.10/Core/private-bin/awb/eclipse/Auditworkbench.app/Contents/MacOS/.options not found 
Time to load bundles: 5 
Starting application: 864 
FPR source file not found or not readable.

来源

2017-10-18 Ginger McMurray

+0

尝试使用'-debug'选项运行'BIRTReportGenerator'命令。任何有用的信息? – SBurris

+0

你提到'我的jar文件'在路径中,这是指定的'-cp'路径吗?它在特定的目录或子目录中吗?尝试将'** \ *。jar'添加到'-cp'选项的末尾。 – SBurris

+0

@SBurris,我在使用-debug时添加了输出。另外,这些罐子都在指定的文件夹中。 –

回答

1

似乎是在BIRTReportGenerator在具有相对路径做的版本上的MacOS时16.10/16.20的错误。

此问题已在17.10(截至2017年10月的当前版本)中修复。

我不知道解决方法,您可以尝试联系Fortify技术支持([email protected])并查看他们是否有解决方法。

来源

2017-10-19 16:58:54 SBurris

+0

我更新了对BIRTReportGenerator - 模板“OWASP Top 10”的调用-source /Users/ginger.mcmurray/Mobuyle-Android-New-Ui/results.fpr -format PDF -showSuppressed --UseFortifyPriorityOrder -debug -output/Users/ginger .mcmurray/Mobuyle-Android-New-Ui/MyOWASP_Top10_Report.pdf,但仍然得到相同的错误。有什么地方需要改变路径吗? –

+0

更新后,仔细看了一个错误,当我说绝对值​​时,我错过了。对不起 – SBurris

+0

不好。我升级到17.10,仍然得到相同的错误。 –

相关问题

 相关问题