walkero
/
flawfinder
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Added amiga makefile for creating the releases

This commit is contained in:
George Sokianos 2022-07-25 14:43:59 +01:00
parent 0387fab1c7
commit 248c4449fb
2 changed files with 73 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Makefile.amiga Normal file
View File

@ -0,0 +1,20 @@
#
# Project: flawfinder
# Created by George "walkero" Sokianos
# 2022-07-25
#
release: clean
mkdir -p release/flawfinder
cp -r release_files/* release/flawfinder/
cp flawfinder.py release/flawfinder/flawfinder
protect release/flawfinder/flawfinder srwed
cp -r simplejson release/flawfinder
cp ChangeLog release/flawfinder/
cp README.md release/flawfinder/
cp COPYING release/flawfinder/
lha -aeqr3 a flawfinder.lha release/
clean:
rm -f simplejson/#?.pyc

105
flawfinder.py Executable file → Normal file
View File

@ -1,4 +1,4 @@
#!/usr/bin/env python #!python
"""flawfinder: Find potential security flaws ("hits") in source code. """flawfinder: Find potential security flaws ("hits") in source code.
Usage: Usage:
@ -40,7 +40,7 @@
# That *finally* makes it possible to semi-gracefully transition. # That *finally* makes it possible to semi-gracefully transition.
from __future__ import division from __future__ import division
from __future__ import print_function # from __future__ import print_function
import functools import functools
import sys import sys
import re import re
@ -53,7 +53,7 @@ import operator # To support filename expansion on Windows
import time import time
import csv # To support generating CSV format import csv # To support generating CSV format
import hashlib import hashlib
import json import simplejson as json
version = "2.0.19" version = "2.0.19"
@ -488,16 +488,16 @@ def print_multi_line(text):
prefix = " " prefix = " "
starting_position = len(prefix) + 1 starting_position = len(prefix) + 1
# #
print(prefix, end='') print(prefix),
position = starting_position position = starting_position
# #
for w in text.split(): for w in text.split():
if len(w) + position >= width: if len(w) + position >= width:
print() print '\n',
print(prefix, end='') print(prefix),
position = starting_position position = starting_position
print(' ', end='') # print(' '),
print(w, end='') print(w),
position += len(w) + 1 position += len(w) + 1
@ -608,44 +608,44 @@ class Hit(object):
if sarif_output: if sarif_output:
return return
if output_format: if output_format:
print("<li>", end='') print("<li>"),
sys.stdout.write(h(self.filename)) sys.stdout.write(h(self.filename))
if show_columns: if show_columns:
print(":%(line)s:%(column)s:" % self, end='') print(":%(line)s:%(column)s:" % self),
else: else:
print(":%(line)s:" % self, end='') print(":%(line)s:" % self),
if output_format: if output_format:
print(" <b>", end='') print(" <b>"),
# Extra space before risk level in text, makes it easier to find: # Extra space before risk level in text, makes it easier to find:
print(" [%(level)s]" % self, end=' ') print(" [%(level)s] " % self),
if output_format: if output_format:
print("</b> ", end='') print("</b> "),
print("(%(category)s)" % self, end=' ') print("(%(category)s) " % self),
if output_format: if output_format:
print("<i> ", end='') print("<i> "),
print(h("%(name)s:" % self), end='') print(h("%(name)s:" % self)),
main_text = h("%(warning)s. " % self) main_text = h("%(warning)s. " % self)
if output_format: # Create HTML link to CWE definitions if output_format: # Create HTML link to CWE definitions
main_text = link_cwe_pattern.sub( main_text = link_cwe_pattern.sub(
r'<a href="https://cwe.mitre.org/data/definitions/\2.html">\1</a>\3', r'<a href="https://cwe.mitre.org/data/definitions/\2.html">\1</a>\3',
main_text) main_text)
if single_line: if single_line:
print(main_text, end='') print(main_text),
if self.suggestion: if self.suggestion:
print(" " + h(self.suggestion) + ".", end='') print(" " + h(self.suggestion) + "."),
print(' ' + h(self.note), end='') print(' ' + h(self.note)),
else: else:
if self.suggestion: if self.suggestion:
main_text += h(self.suggestion) + ". " main_text += h(self.suggestion) + ". "
main_text += h(self.note) main_text += h(self.note)
print() print '\n',
print_multi_line(main_text) print_multi_line(main_text)
if output_format: if output_format:
print(" </i>", end='') print(" </i>"),
print("</li>", end='') print("</li>"),
print() print '\n',
if show_context: if show_context:
if output_format: if output_format:
print("<pre>") print("<pre>")
@ -676,7 +676,8 @@ def add_warning(hit):
def internal_warn(message): def internal_warn(message):
print(h(message), file=sys.stderr) # print(h(message), file=sys.stderr)
print h(message)
# C Language Specific # C Language Specific
@ -1756,9 +1757,9 @@ def process_c_file(f, patch_infos):
if not quiet: if not quiet:
if output_format: if output_format:
print("Examining", h(f), "<br>") print 'Examining %s<br>' % (h(f))
else: else:
print("Examining", f) print 'Examining %s' % (h(f))
sys.stdout.flush() sys.stdout.flush()
# Python3 is often configured to use only UTF-8, and presumes # Python3 is often configured to use only UTF-8, and presumes
@ -1767,10 +1768,10 @@ def process_c_file(f, patch_infos):
# in such cases - with some hints on how to solve it. # in such cases - with some hints on how to solve it.
try: try:
text = "".join(my_input.readlines()) text = "".join(my_input.readlines())
except UnicodeDecodeError as err: except UnicodeDecodeError, err:
print('Error: encoding error in', h(f)) print('Error: encoding error in', h(f))
print(err) print(err)
print() print '\n',
print('Python3 requires input character data to be perfectly encoded;') print('Python3 requires input character data to be perfectly encoded;')
print('it also requires perfectly correct system encoding settings.') print('it also requires perfectly correct system encoding settings.')
print('Unfortunately, your data and/or system settings are not.') print('Unfortunately, your data and/or system settings are not.')
@ -1948,8 +1949,7 @@ def display_ruleset(ruleset):
def initialize_ruleset(): def initialize_ruleset():
expand_ruleset(c_ruleset) expand_ruleset(c_ruleset)
if showheading: if showheading:
print("Number of rules (primarily dangerous function names) in C/C++ ruleset:", len( print 'Number of rules (primarily dangerous function names) in C/C++ ruleset: %d' % len(c_ruleset)
c_ruleset))
if output_format: if output_format:
print("<p>") print("<p>")
if list_rules: if list_rules:
@ -2313,7 +2313,7 @@ def process_options():
diffhitlist_filename = value diffhitlist_filename = value
display_header() display_header()
if showheading: if showheading:
print("Showing hits not in", value) print("Showing hits not in %s" % value)
elif opt == "--version": elif opt == "--version":
print(version) print(version)
sys.exit(0) sys.exit(0)
@ -2338,7 +2338,7 @@ def process_options():
# In Python 2 the convention is "getopt.GetoptError", but we # In Python 2 the convention is "getopt.GetoptError", but we
# use "getopt.error" here so it's compatible with both # use "getopt.error" here so it's compatible with both
# Python 1.5 and Python 2. # Python 1.5 and Python 2.
except getopt.error as text: except getopt.error, text:
print("*** getopt error:", text) print("*** getopt error:", text)
usage() usage()
sys.exit(16) sys.exit(16)
@ -2384,13 +2384,13 @@ def show_final_results():
for i in possible_levels: # Initialize count_per_level_and_up for i in possible_levels: # Initialize count_per_level_and_up
count_per_level_and_up[i] = 0 count_per_level_and_up[i] = 0
if show_immediately or not quiet: # Separate the final results. if show_immediately or not quiet: # Separate the final results.
print() print '\n',
if showheading: if showheading:
if output_format: if output_format:
print("<h2>Final Results</h2>") print("<h2>Final Results</h2>")
else: else:
print("FINAL RESULTS:") print("FINAL RESULTS:")
print() print '\n',
hitlist.sort(key=hitlist_sort_key) hitlist.sort(key=hitlist_sort_key)
# Display results. The HTML format now uses # Display results. The HTML format now uses
# <ul> so that the format differentiates each entry. # <ul> so that the format differentiates each entry.
@ -2418,14 +2418,14 @@ def show_final_results():
if output_format: if output_format:
print("<h2>Analysis Summary</h2>") print("<h2>Analysis Summary</h2>")
else: else:
print() print '\n',
print("ANALYSIS SUMMARY:") print("ANALYSIS SUMMARY:")
if output_format: if output_format:
print("<p>") print("<p>")
else: else:
print() print '\n',
if count > 0: if count > 0:
print("Hits =", count) print 'Hits = %d' % count
else: else:
print("No hits found.") print("No hits found.")
if output_format: if output_format:
@ -2436,27 +2436,27 @@ def show_final_results():
time_analyzing = time.time() - starttime time_analyzing = time.time() - starttime
if required_regex: if required_regex:
print("Hits limited to regular expression " + required_regex) print("Hits limited to regular expression " + required_regex)
print("Lines analyzed = %d" % sumlines, end='') print("Lines analyzed = %d" % sumlines),
if time_analyzing > 0 and not omit_time: # Avoid divide-by-zero. if time_analyzing > 0 and not omit_time: # Avoid divide-by-zero.
print(" in approximately %.2f seconds (%.0f lines/second)" % ( print(" in approximately %.2f seconds (%.0f lines/second)" % (
time_analyzing, (sumlines / time_analyzing))) time_analyzing, (sumlines / time_analyzing)))
else: else:
print() print '\n',
if output_format: if output_format:
print("<br>") print("<br>")
print("Physical Source Lines of Code (SLOC) = %d" % sloc) print("Physical Source Lines of Code (SLOC) = %d" % sloc)
if output_format: if output_format:
print("<br>") print("<br>")
# Output hits@each level. # Output hits@each level.
print("Hits@level =", end='') print("Hits@level ="),
for i in possible_levels: for i in possible_levels:
print(" [%d] %3d" % (i, count_per_level[i]), end='') print(" [%d] %3d" % (i, count_per_level[i])),
if output_format: if output_format:
print(" <br>") print(" <br>")
else: else:
print() print '\n',
# Compute hits at "level x or higher" # Compute hits at "level x or higher"
print("Hits@level+ =", end='') print("Hits@level+ ="),
for i in possible_levels: for i in possible_levels:
for j in possible_levels: for j in possible_levels:
if j >= i: if j >= i:
@ -2464,20 +2464,20 @@ def show_final_results():
i] = count_per_level_and_up[i] + count_per_level[j] i] = count_per_level_and_up[i] + count_per_level[j]
# Display hits at "level x or higher" # Display hits at "level x or higher"
for i in possible_levels: for i in possible_levels:
print(" [%d+] %3d" % (i, count_per_level_and_up[i]), end='') print(" [%d+] %3d" % (i, count_per_level_and_up[i])),
if output_format: if output_format:
print(" <br>") print(" <br>")
else: else:
print() print '\n',
if sloc > 0: if sloc > 0:
print("Hits/KSLOC@level+ =", end='') print("Hits/KSLOC@level+ ="),
for i in possible_levels: for i in possible_levels:
print(" [%d+] %3g" % ( print(" [%d+] %3g" % (
i, count_per_level_and_up[i] * 1000.0 / sloc), end='') i, count_per_level_and_up[i] * 1000.0 / sloc)),
if output_format: if output_format:
print(" <br>") print(" <br>")
else: else:
print() print '\n',
# #
if num_links_skipped: if num_links_skipped:
print("Symlinks skipped =", num_links_skipped, "(--allowlink overrides but see doc for security issue)") print("Symlinks skipped =", num_links_skipped, "(--allowlink overrides but see doc for security issue)")
@ -2488,14 +2488,14 @@ def show_final_results():
if output_format: if output_format:
print("<br>") print("<br>")
if num_ignored_hits > 0: if num_ignored_hits > 0:
print("Suppressed hits =", num_ignored_hits, "(use --neverignore to show them)") print("Suppressed hits = %d (use --neverignore to show them)" % num_ignored_hits)
if output_format: if output_format:
print("<br>") print("<br>")
print("Minimum risk level = %d" % minimum_level) print("Minimum risk level = %d" % minimum_level)
if output_format: if output_format:
print("<br>") print("<br>")
else: else:
print() print '\n',
if count > 0: if count > 0:
print("Not every hit is necessarily a security vulnerability.") print("Not every hit is necessarily a security vulnerability.")
print("You can inhibit a report by adding a comment in this form:") print("You can inhibit a report by adding a comment in this form:")
@ -2505,7 +2505,7 @@ def show_final_results():
if output_format: if output_format:
print("<br>") print("<br>")
else: else:
print() print '\n',
print("There may be other security vulnerabilities; review your code!") print("There may be other security vulnerabilities; review your code!")
if output_format: if output_format:
print("<br>") print("<br>")
@ -2550,3 +2550,4 @@ def main():
if __name__ == '__main__': if __name__ == '__main__':
main() main()