Tell users how to disable false positives
If there are >0 hits, tell users how to ignore them in the output. This resolves: https://github.com/david-a-wheeler/flawfinder/issues/24 Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit is contained in:
parent
48ebb4023e
commit
41857c6364
|
@ -2243,10 +2243,18 @@ def show_final_results():
|
||||||
print("Minimum risk level = %d" % minimum_level)
|
print("Minimum risk level = %d" % minimum_level)
|
||||||
if output_format:
|
if output_format:
|
||||||
print("<br>")
|
print("<br>")
|
||||||
|
else:
|
||||||
|
print()
|
||||||
if count > 0:
|
if count > 0:
|
||||||
print("Not every hit is necessarily a security vulnerability.")
|
print("Not every hit is necessarily a security vulnerability.")
|
||||||
|
print("You can inhibit a report by adding a comment in this form:")
|
||||||
|
print("// flawfinder: ignore")
|
||||||
|
print("Make *sure* it's a false positive!")
|
||||||
|
print("You can use the option --neverignore to show these.")
|
||||||
if output_format:
|
if output_format:
|
||||||
print("<br>")
|
print("<br>")
|
||||||
|
else:
|
||||||
|
print()
|
||||||
print("There may be other security vulnerabilities; review your code!")
|
print("There may be other security vulnerabilities; review your code!")
|
||||||
if output_format:
|
if output_format:
|
||||||
print("<br>")
|
print("<br>")
|
||||||
|
|
|
@ -12,6 +12,7 @@ Hits@level+ = [0+] 0 [1+] 0 [2+] 0 [3+] 0 [4+] 0 [5+] 0
|
||||||
Hits/KSLOC@level+ = [0+] 0 [1+] 0 [2+] 0 [3+] 0 [4+] 0 [5+] 0
|
Hits/KSLOC@level+ = [0+] 0 [1+] 0 [2+] 0 [3+] 0 [4+] 0 [5+] 0
|
||||||
Suppressed hits = 2 (use --neverignore to show them)
|
Suppressed hits = 2 (use --neverignore to show them)
|
||||||
Minimum risk level = 1
|
Minimum risk level = 1
|
||||||
|
|
||||||
There may be other security vulnerabilities; review your code!
|
There may be other security vulnerabilities; review your code!
|
||||||
See 'Secure Programming HOWTO'
|
See 'Secure Programming HOWTO'
|
||||||
(https://dwheeler.com/secure-programs) for more information.
|
(https://dwheeler.com/secure-programs) for more information.
|
||||||
|
|
|
@ -335,6 +335,10 @@ Suppressed hits = 2 (use --neverignore to show them)
|
||||||
Minimum risk level = 1
|
Minimum risk level = 1
|
||||||
<br>
|
<br>
|
||||||
Not every hit is necessarily a security vulnerability.
|
Not every hit is necessarily a security vulnerability.
|
||||||
|
You can inhibit a report by adding a comment in this form:
|
||||||
|
// flawfinder: ignore
|
||||||
|
Make *sure* it's a false positive!
|
||||||
|
You can use the option --neverignore to show these.
|
||||||
<br>
|
<br>
|
||||||
There may be other security vulnerabilities; review your code!
|
There may be other security vulnerabilities; review your code!
|
||||||
<br>
|
<br>
|
||||||
|
|
|
@ -154,7 +154,13 @@ Hits@level+ = [0+] 54 [1+] 38 [2+] 29 [3+] 20 [4+] 17 [5+] 7
|
||||||
Hits/KSLOC@level+ = [0+] 642.857 [1+] 452.381 [2+] 345.238 [3+] 238.095 [4+] 202.381 [5+] 83.3333
|
Hits/KSLOC@level+ = [0+] 642.857 [1+] 452.381 [2+] 345.238 [3+] 238.095 [4+] 202.381 [5+] 83.3333
|
||||||
Suppressed hits = 2 (use --neverignore to show them)
|
Suppressed hits = 2 (use --neverignore to show them)
|
||||||
Minimum risk level = 1
|
Minimum risk level = 1
|
||||||
|
|
||||||
Not every hit is necessarily a security vulnerability.
|
Not every hit is necessarily a security vulnerability.
|
||||||
|
You can inhibit a report by adding a comment in this form:
|
||||||
|
// flawfinder: ignore
|
||||||
|
Make *sure* it's a false positive!
|
||||||
|
You can use the option --neverignore to show these.
|
||||||
|
|
||||||
There may be other security vulnerabilities; review your code!
|
There may be other security vulnerabilities; review your code!
|
||||||
See 'Secure Programming HOWTO'
|
See 'Secure Programming HOWTO'
|
||||||
(https://dwheeler.com/secure-programs) for more information.
|
(https://dwheeler.com/secure-programs) for more information.
|
||||||
|
|
Loading…
Reference in New Issue