From 1b7199ea162b739f08471a94663176676d67f5a4 Mon Sep 17 00:00:00 2001
From: Jon Hood <squinky86@gmail.com>
Date: Fri, 8 Sep 2017 13:20:28 -0500
Subject: [PATCH] add detection of errant equal, mismatch, and is_permutation

---
 flawfinder | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/flawfinder b/flawfinder
index e99c2c9..634e5c9 100755
--- a/flawfinder
+++ b/flawfinder
@@ -816,10 +816,16 @@ def c_static_array(hit):
         add_warning(hit)  # Found a static array, warn about it.
 
 
+def cpp_unsafe_stl(hit):
+    # Use one of the overloaded classes from the STL in C++14 and higher
+    # instead of the <C++14 versions of theses functions that did not
+    # if the second iterator could overflow
+    if len(hit.parameters) <= 4:
+        add_warning(hit)
+
 def normal(hit):
     add_warning(hit)
 
-
 # "c_ruleset": the rules for identifying "hits" in C (potential warnings).
 # It's a dictionary, where the key is the function name causing the hit,
 # and the value is a tuple with the following format:
@@ -1309,6 +1315,13 @@ c_ruleset = {
      "Make sure input data is filtered, especially if an attacker could manipulate it",
      "input", "", {'input': 1}),
 
+    # Unsafe STL functions that don't check the second iterator
+    "equal|mismatch|is_permutation":
+    (cpp_unsafe_stl,
+     2, # need further analysis to consider risk level
+     "Function does not check the second iterator for overflow conditions (CWE-119/CWE-120)",
+     "These functions are typically banned by most C++ coding standards in favor of their safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it",
+     "buffer", "", {}),
 
     # TODO: detect C++'s:   cin >> charbuf, where charbuf is a char array; the problem
     #       is that flawfinder doesn't have type information, and ">>" is safe with