XC Diagnostics Ruleset Rule for Reserved Ports Needs End of String match
scoffeyfv opened this issue · comments
scoffeyfv commented
The ruleset provided for XC Diagnostics has a rule for XC Reserved Ports (code 05ab). Its regex matches the known XC reserved ports but doesn't specify an end of string, so matches on substrings of the port number. For example a VS with port 5001 will trigger due to the reserved port 500.
Ben Novak commented
lookin at this rule, I'm not sure how this is happening. I'll have to dig a bit deeper
{
"code": "05ab",
"severity": "Warning",
"title": "XC reserved ports",
"message": "List of reserved ports 22|53|68|323|500|1067|2379|2380|4500|5355|6443|8005|8007|8087|8443|8444|8505|8507|9007|9090|9153|9999|10249|10250|10251|10252|10256|10257|10259|18091|18092|18093|18095|22222|23790|23791|23801|23802|28000-32767|65000-65535 (github issue #209)",
"regex": "(?<=\\bdestination\\s\\/\\S+\/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}:)(?:2[89][0-9]{3}|3[01][0-9]{3}|32[0-6][0-9]{2}|327[0-5][0-9]|6[5-9][0-9]{3}|65[0-4][0-9]{2}|6553[0-5]|(?:22|53|68|323|500|1067|2379|2380|4500|5355|6443|8005|8007|8087|8443|8444|8505|8507|9007|9090|9153|9999|10249|10250|10251|10252|10256|10257|10259|18091|18092|18093|18095|22222|23790|23791|23801|23802))"
}