Better error message when the files cannot be read

git-svn-id: svn+ssh://svn.code.sf.net/p/flawfinder/code/trunk@7 5c01084b-1f27-0410-9f85-80411afe95dc
2007-01-16 03:44:31 +00:00 · 2007-01-16 03:44:31 +00:00 · 5808029a6a
parent 47c7711a79
commit 5808029a6a
4 changed files with 24 additions and 12 deletions
--- a/8
+++ b/8
@ -1,3 +1,11 @@
+2007-01-15 Steve Kemp <steve at shellcode dot org>
+	* Fix Debian bug #268236.
+	  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=268236
+	  This complains that flawfinder crashes when presented with a
+	  file it cannot read.  The patch obviously can't prevent
+	  the problem, since the tool can't review what it can't read,
+	  but at least it halts with a cleaner error message.
+
 2007-01-15 cmorgan <cmorgan47, at earthlink dooot net>
 	* Fixed Debian bug #271287 (flawfinder).  See:
 	   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=271287
--- a/correct-results.html
+++ b/correct-results.html
@ -9,9 +9,9 @@
 <body>
 <h1>Flawfinder Results</h1>
 Here are the security scan results from
-<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.25</a>,
+<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.27</a>,
 (C) 2001-2004 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
-Number of dangerous functions in C/C++ ruleset: 137
+Number of dangerous functions in C/C++ ruleset: 158
 <p>
 Examining test.c <br>
 Examining test2.c <br>
@ -256,9 +256,9 @@ Lines analyzed = 118
 <br>
 Physical Source Lines of Code (SLOC) = 80
 <br>
-Hits @ level =   [0]   0 [1]   9 [2]   7 [3]   3 [4]  10 [5]   7 <br>
-Hits @ level+ =  [0+]  36 [1+]  36 [2+]  27 [3+]  20 [4+]  17 [5+]   7 <br>
-Hits/KSLOC @ level+ =  [0+] 450 [1+] 450 [2+] 338 [3+] 250 [4+] 213 [5+]  88 <br>
+Hits@level = [0]   0 [1]   9 [2]   7 [3]   3 [4]  10 [5]   7 <br>
+Hits@level+ = [0+]  36 [1+]  36 [2+]  27 [3+]  20 [4+]  17 [5+]   7 <br>
+Hits/KSLOC@level+ = [0+] 450 [1+] 450 [2+] 337.5 [3+] 250 [4+] 212.5 [5+] 87.5 <br>
 Suppressed hits = 2 (use --neverignore to show them)
 <br>
 Minimum risk level = 1
--- a/correct-results.txt
+++ b/correct-results.txt
@ -1,5 +1,5 @@
-Flawfinder version 1.25, (C) 2001-2004 David A. Wheeler.
-Number of dangerous functions in C/C++ ruleset: 137
+Flawfinder version 1.27, (C) 2001-2004 David A. Wheeler.
+Number of dangerous functions in C/C++ ruleset: 158
 Examining test.c
 Examining test2.c
 test.c:32:  [5] (buffer) gets:
@ -130,9 +130,9 @@ test.c:66:  [1] (buffer) MultiByteToWideChar:
 Hits = 36
 Lines analyzed = 118
 Physical Source Lines of Code (SLOC) = 80
-Hits @ level =   [0]   0 [1]   9 [2]   7 [3]   3 [4]  10 [5]   7
-Hits @ level+ =  [0+]  36 [1+]  36 [2+]  27 [3+]  20 [4+]  17 [5+]   7
-Hits/KSLOC @ level+ =  [0+] 450 [1+] 450 [2+] 338 [3+] 250 [4+] 213 [5+]  88
+Hits@level = [0]   0 [1]   9 [2]   7 [3]   3 [4]  10 [5]   7
+Hits@level+ = [0+]  36 [1+]  36 [2+]  27 [3+]  20 [4+]  17 [5+]   7
+Hits/KSLOC@level+ = [0+] 450 [1+] 450 [2+] 337.5 [3+] 250 [4+] 212.5 [5+] 87.5
 Suppressed hits = 2 (use --neverignore to show them)
 Minimum risk level = 1
 Not every hit is necessarily a security vulnerability.
--- a/8
+++ b/8
@ -1242,12 +1242,16 @@ def process_c_file(f, patch_infos):
  if f == "-":
   input = sys.stdin
  else:
-    # This should never happen.
+    # Symlinks should never get here, but just in case...
    if ((not allowlink) and os.path.islink(f)):
      print "BUG! Somehow got a symlink in process_c_file!"
      num_links_skipped = num_links_skipped + 1
      return
-    input = open(f, "r")
+    try:
+      input = open(f, "r")
+    except: 
+      print "Error: failed to open", h(f)
+      sys.exit(1)

  # Read ENTIRE file into memory.  Use readlines() to convert \n if necessary.
  # This turns out to be very fast in Python, even on large files, and it