diff --git a/correct-results-005.txt b/correct-results-005.txt new file mode 100644 index 0000000..5e83b7c --- /dev/null +++ b/correct-results-005.txt @@ -0,0 +1 @@ +test-patched.c:13:2: [4] (buffer) strcpy:Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). diff --git a/correct-results-006.txt b/correct-results-006.txt new file mode 100644 index 0000000..a58c527 --- /dev/null +++ b/correct-results-006.txt @@ -0,0 +1,7 @@ +test.c:32:2: [5] (buffer) gets:Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. +test.c:56:3: [5] (buffer) strncat:Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. +test.c:57:3: [5] (buffer) _tcsncat:Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. +test.c:60:3: [5] (buffer) MultiByteToWideChar:Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is high, it appears that the size is given as bytes, but the function requires size as characters. +test.c:62:3: [5] (buffer) MultiByteToWideChar:Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is high, it appears that the size is given as bytes, but the function requires size as characters. +test.c:73:3: [5] (misc) SetSecurityDescriptorDacl:Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). +test.c:73:3: [5] (misc) SetSecurityDescriptorDacl:Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732). diff --git a/flawfinder b/flawfinder index 6abae83..9621310 100755 --- a/flawfinder +++ b/flawfinder @@ -1973,10 +1973,12 @@ def process_options(): def process_files(): + """Process input (files or hitlist); return True if okay.""" global hitlist if loadhitlist: - f = open(loadhitlist) + f = open(loadhitlist, "rb") hitlist = pickle.load(f) + return True else: patch_infos = None if patch_file != "": @@ -1986,7 +1988,7 @@ def process_files(): print("*** No input files") return None process_file_args(files, patch_infos) - return 1 + return True def hitlist_sort_key(hit): """Sort key for hitlist.""" @@ -2140,7 +2142,7 @@ def save_if_desired(): if savehitlist: if not quiet: print("Saving hitlist to", savehitlist) - f = open(savehitlist, "w") + f = open(savehitlist, "wb") pickle.dump(hitlist, f) f.close() diff --git a/makefile b/makefile index d98f853..c62c020 100644 --- a/makefile +++ b/makefile @@ -157,10 +157,20 @@ test_005: flawfinder test-diff-0005.patch test-patched.c test-patched.c > test-results-005.txt @diff -u correct-results-005.txt test-results-005.txt +test_006: flawfinder test.c + @echo 'test_006 (save/load hitlist)' + @$(PYTHON) ./flawfinder -m 5 -S -DC --quiet \ + --savehitlist test-saved-hitlist-006.txt \ + test.c > test-junk-006.txt + @$(PYTHON) ./flawfinder -SQDC \ + --loadhitlist test-saved-hitlist-006.txt > \ + test-results-006.txt + @diff -u correct-results-006.txt test-results-006.txt + # Run all tests; output shows differences from expected results. # If everything works as expected, it just prints test numbers. # Set PYTHON as needed, including to "" -test: test_001 test_002 test_003 test_004 test_005 +test: test_001 test_002 test_003 test_004 test_005 test_006 @echo 'All tests pass!' check: test @@ -172,6 +182,7 @@ test-is-correct: test-results.txt mv test-results.csv correct-results.csv mv test-results-004.txt correct-results-004.txt mv test-results-005.txt correct-results-005.txt + mv test-results-006.txt correct-results-006.txt profile: /usr/lib/python1.5/profile.py ./flawfinder > profile-results $(SAMPLE_DIR)/*/*.[ch] > profile-results