walkero
/
flawfinder
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Change www.dwheeler.com to dwheeler.com 

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit is contained in:
David A. Wheeler 2018-09-30 21:35:11 -04:00
parent 13d8cc9efa
commit 530a88a395
8 changed files with 21 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CONTRIBUTING.md
View File

@ -9,7 +9,7 @@ For normal problems, bugs, and feature requests, please file a
[ticket](https://sourceforge.net/p/flawfinder/_list/tickets). [ticket](https://sourceforge.net/p/flawfinder/_list/tickets).
If you find a vulnerability, please separately send a private email to If you find a vulnerability, please separately send a private email to
[David A. Wheeler](https://www.dwheeler.com/contactme.html). [David A. Wheeler](https://dwheeler.com/contactme.html).
We plan to handle vulnerabilities separately, fixing them and *then* We plan to handle vulnerabilities separately, fixing them and *then*
telling the world. We will gladly provide credit to vulnerability reporters telling the world. We will gladly provide credit to vulnerability reporters
(unless you don't want the credit). We've never had a vulnerability (unless you don't want the credit). We've never had a vulnerability

4
README.md
View File

@ -9,12 +9,12 @@ static source code analysis tools more generally. It is designed to
be easy to install and use. Flawfinder supports the Common Weakness be easy to install and use. Flawfinder supports the Common Weakness
Enumeration (CWE) and is officially CWE-Compatible. Enumeration (CWE) and is officially CWE-Compatible.
For more information, see the [project website](http://www.dwheeler.com/flawfinder) For more information, see the [project website](http://dwheeler.com/flawfinder)
# Platforms # Platforms
Flawfinder is designed for use on Unix/Linux/POSIX systems Flawfinder is designed for use on Unix/Linux/POSIX systems
(including Cygwin, Linux-based systems, MacOS, and *BSDs) as a (including Cygwin, Linux-based systems, MacOS, and various BSDs) as a
command line tool. It requires Python 2.7 or Python 3. command line tool. It requires Python 2.7 or Python 3.
# Installation # Installation

8
correct-results.html
View File

@ -9,8 +9,8 @@
<body> <body>
<h1>Flawfinder Results</h1> <h1>Flawfinder Results</h1>
Here are the security scan results from Here are the security scan results from
<a href="https://www.dwheeler.com/flawfinder">Flawfinder version 2.0.6</a>, <a href="https://dwheeler.com/flawfinder">Flawfinder version 2.0.6</a>,
(C) 2001-2017 <a href="https://www.dwheeler.com">David A. Wheeler</a>. (C) 2001-2017 <a href="https://dwheeler.com">David A. Wheeler</a>.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
<p> <p>
Examining test.c <br> Examining test.c <br>
@ -324,7 +324,7 @@ Not every hit is necessarily a security vulnerability.
<br> <br>
There may be other security vulnerabilities; review your code! There may be other security vulnerabilities; review your code!
<br> <br>
See '<a href="https://www.dwheeler.com/secure-programs">Secure Programming HOWTO</a>' See '<a href="https://dwheeler.com/secure-programs">Secure Programming HOWTO</a>'
(<a href="https://www.dwheeler.com/secure-programs">https://www.dwheeler.com/secure-programs</a>) for more information. (<a href="https://dwheeler.com/secure-programs">https://dwheeler.com/secure-programs</a>) for more information.
</body> </body>
</html> </html>

2
correct-results.txt
View File

@ -151,7 +151,7 @@ Minimum risk level = 1
Not every hit is necessarily a security vulnerability. Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code! There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO' See 'Secure Programming HOWTO'
(https://www.dwheeler.com/secure-programs) for more information. (https://dwheeler.com/secure-programs) for more information.
Testing for no ending newline: Testing for no ending newline:
Lines analyzed = 32 Lines analyzed = 32

10
flawfinder
View File

@ -1670,8 +1670,8 @@ def display_header():
print("<body>") print("<body>")
print("<h1>Flawfinder Results</h1>") print("<h1>Flawfinder Results</h1>")
print("Here are the security scan results from") print("Here are the security scan results from")
print('<a href="https://www.dwheeler.com/flawfinder">Flawfinder version %s</a>,' % version) print('<a href="https://dwheeler.com/flawfinder">Flawfinder version %s</a>,' % version)
print('(C) 2001-2017 <a href="https://www.dwheeler.com">David A. Wheeler</a>.') print('(C) 2001-2017 <a href="https://dwheeler.com">David A. Wheeler</a>.')
else: else:
print("Flawfinder version %s, (C) 2001-2017 David A. Wheeler." % version) print("Flawfinder version %s, (C) 2001-2017 David A. Wheeler." % version)
displayed_header = 1 displayed_header = 1
@ -2159,11 +2159,11 @@ def show_final_results():
print("There may be other security vulnerabilities; review your code!") print("There may be other security vulnerabilities; review your code!")
if output_format: if output_format:
print("<br>") print("<br>")
print("See '<a href=\"https://www.dwheeler.com/secure-programs\">Secure Programming HOWTO</a>'") print("See '<a href=\"https://dwheeler.com/secure-programs\">Secure Programming HOWTO</a>'")
print("(<a href=\"https://www.dwheeler.com/secure-programs\">https://www.dwheeler.com/secure-programs</a>) for more information.") print("(<a href=\"https://dwheeler.com/secure-programs\">https://dwheeler.com/secure-programs</a>) for more information.")
else: else:
print("See 'Secure Programming HOWTO'") print("See 'Secure Programming HOWTO'")
print("(https://www.dwheeler.com/secure-programs) for more information.") print("(https://dwheeler.com/secure-programs) for more information.")
if output_format: if output_format:
print("</body>") print("</body>")
print("</html>") print("</html>")

10
flawfinder.1
View File

@ -266,11 +266,11 @@ If you're getting an extraordinary number of false positives because
variable names look like dangerous function names, use the \-F option variable names look like dangerous function names, use the \-F option
to remove reports about them. to remove reports about them.
If you don't understand the error message, please see documents such as the If you don't understand the error message, please see documents such as the
.UR "https://www.dwheeler.com/secure-programs" .UR "https://dwheeler.com/secure-programs"
.I "Secure Programming HOWTO" .I "Secure Programming HOWTO"
.UE .UE
at at
https://www.dwheeler.com/secure-programs https://dwheeler.com/secure-programs
which provides more information on writing secure programs. which provides more information on writing secure programs.
.PP .PP
Once you identify the problem and understand it, you can fix it. Once you identify the problem and understand it, you can fix it.
@ -1043,7 +1043,7 @@ can be fixed.
However, developers and reviewers must However, developers and reviewers must
know how to develop secure software to use this tool, because otherwise, know how to develop secure software to use this tool, because otherwise,
\fIa fool with a tool is still a fool\fR. \fIa fool with a tool is still a fool\fR.
My book at https://www.dwheeler.com/secure-programs may help. My book at https://dwheeler.com/secure-programs may help.
.PP .PP
This tool should be, at most, a small part of a larger software This tool should be, at most, a small part of a larger software
development process designed development process designed
@ -1258,11 +1258,11 @@ Still, it can serve as a useful aid for humans, helping to identify
useful places to examine further, and that's the point of this simple tool. useful places to examine further, and that's the point of this simple tool.
.SH "SEE ALSO" .SH "SEE ALSO"
See the flawfinder website at https://www.dwheeler.com/flawfinder. See the flawfinder website at https://dwheeler.com/flawfinder.
You should also see the You should also see the
.I "Secure Programming HOWTO" .I "Secure Programming HOWTO"
at at
.IR "https://www.dwheeler.com/secure-programs" . .IR "https://dwheeler.com/secure-programs" .
.SH AUTHOR .SH AUTHOR
David A. Wheeler (dwheeler@dwheeler.com). David A. Wheeler (dwheeler@dwheeler.com).

4
flawfinder.spec
View File

@ -4,8 +4,8 @@ Version: 2.0.6
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Group: Development/Tools Group: Development/Tools
URL: http://www.dwheeler.com/flawfinder/ URL: http://dwheeler.com/flawfinder/
Source: http://www.dwheeler.com/flawfinder/%{name}-%{version}.tar.gz Source: http://dwheeler.com/flawfinder/%{name}-%{version}.tar.gz
Requires: python Requires: python
BuildArch: noarch BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

2
setup.py
View File

@ -21,7 +21,7 @@ setup (# Distribution meta-data
C/C++ source code and identify out potential security flaws, C/C++ source code and identify out potential security flaws,
ranking them by likely severity. ranking them by likely severity.
It is released under the GNU GPL license.""", It is released under the GNU GPL license.""",
url = "http://www.dwheeler.com/flawfinder/", url = "http://dwheeler.com/flawfinder/",
download_url = "https://sourceforge.net/projects/flawfinder/files/flawfinder-2.0.6.tar.gz/download", download_url = "https://sourceforge.net/projects/flawfinder/files/flawfinder-2.0.6.tar.gz/download",
zip_safe = True, zip_safe = True,
keywords = ['analysis', 'security', 'analyzer'], keywords = ['analysis', 'security', 'analyzer'],