Update version# and years

correct-results.html

@@ -9,8 +9,8 @@
 <body>
 <h1>Flawfinder Results</h1>
 Here are the security scan results from
-<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.28</a>,
-(C) 2001-2007 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
+<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.29</a>,
+(C) 2001-2014 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
 Number of dangerous functions in C/C++ ruleset: 160
 <p>
 Examining test.c <br>

correct-results.txt

@@ -1,4 +1,4 @@
-Flawfinder version 1.28, (C) 2001-2007 David A. Wheeler.
+Flawfinder version 1.29, (C) 2001-2014 David A. Wheeler.
 Number of dangerous functions in C/C++ ruleset: 160
 Examining test.c
 Examining test2.c

flawfinder

@@ -6,7 +6,7 @@
 
  See the man page for a description of the options."""
 
-version="1.28"
+version="1.29"
 
 # The default output is as follows:
 # filename:line_number [risk_level] (type) function_name: message
@@ -1478,9 +1478,9 @@ def display_header():
       print "<h1>Flawfinder Results</h1>"
       print "Here are the security scan results from"
       print '<a href="http://www.dwheeler.com/flawfinder">Flawfinder version %s</a>,' % version
-      print '(C) 2001-2007 <a href="http://www.dwheeler.com">David A. Wheeler</a>.'
+      print '(C) 2001-2014 <a href="http://www.dwheeler.com">David A. Wheeler</a>.'
     else:
-      print "Flawfinder version %s, (C) 2001-2007 David A. Wheeler." % version
+      print "Flawfinder version %s, (C) 2001-2014 David A. Wheeler." % version
     displayed_header = 1
 
 

flawfinder.spec

@@ -1,6 +1,6 @@
 Name: flawfinder
 Summary: Examines C/C++ source code for security flaws
-Version: 1.28
+Version: 1.29
 Release: 1%{?dist}
 License: GPLv2+
 Group: Development/Tools

makefile

@@ -9,7 +9,7 @@
 # Eventually switch to using DistUtils to autogenerate.
 
 NAME=flawfinder
-VERSION=1.28
+VERSION=1.29
 RPM_VERSION=1
 VERSIONEDNAME=$(NAME)-$(VERSION)
 ARCH=noarch

test-results.html

@@ -1,278 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="Content-type" content="text/html; charset=utf8">
-<title>Flawfinder Results</title>
-<meta name="author" content="David A. Wheeler">
-<meta name="keywords" lang="en" content="flawfinder results, security scan">
-</head>
-<body>
-<h1>Flawfinder Results</h1>
-Here are the security scan results from
-<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.28</a>,
-(C) 2001-2007 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
-Number of dangerous functions in C/C++ ruleset: 160
-<p>
-Examining test.c <br>
-Examining test2.c <br>
-<ul>
-<li>test.c:32: <b>  [5] </b> (buffer) <i> gets:
-  Does not check for buffer overflows (CWE-120). Use fgets() instead.  </i>
-<pre>
- gets(f);
-</pre>
-<li>test.c:56: <b>  [5] </b> (buffer) <i> strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
-  resizing strings. Risk is high; the length parameter appears to be a
-  constant, instead of computing the number of characters left. </i>
-<pre>
-  strncat(d,s,sizeof(d)); /* Misuse - this should be flagged as riskier. */
-</pre>
-<li>test.c:57: <b>  [5] </b> (buffer) <i> _tcsncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
-  resizing strings. Risk is high; the length parameter appears to be a
-  constant, instead of computing the number of characters left. </i>
-<pre>
-  _tcsncat(d,s,sizeof(d)); /* Misuse - flag as riskier */
-</pre>
-<li>test.c:60: <b>  [5] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  high, it appears that the size is given as bytes, but the function
-  requires size as characters. </i>
-<pre>
-  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName));
-</pre>
-<li>test.c:62: <b>  [5] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  high, it appears that the size is given as bytes, but the function
-  requires size as characters. </i>
-<pre>
-  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName);
-</pre>
-<li>test.c:73: <b>  [5] </b> (misc) <i> SetSecurityDescriptorDacl:
-  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
-  Access), which would even forbid administrator access (CWE-732).  </i>
-<pre>
-  SetSecurityDescriptorDacl(&amp;sd,TRUE,NULL,FALSE);
-</pre>
-<li>test.c:73: <b>  [5] </b> (misc) <i> SetSecurityDescriptorDacl:
-  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
-  Access), which would even forbid administrator access (CWE-732).  </i>
-<pre>
-  SetSecurityDescriptorDacl(&amp;sd,TRUE,NULL,FALSE);
-</pre>
-<li>test.c:17: <b>  [4] </b> (buffer) <i> strcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
-  easily misused).  </i>
-<pre>
- strcpy(b, a);
-</pre>
-<li>test.c:20: <b>  [4] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf.  </i>
-<pre>
- sprintf(s, "hello %s", bug);
-</pre>
-<li>test.c:21: <b>  [4] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf.  </i>
-<pre>
- sprintf(s, gettext("hello %s"), bug);
-</pre>
-<li>test.c:22: <b>  [4] </b> (format) <i> sprintf:
-  Potential format string problem (CWE-134). Make format string
-  constant.  </i>
-<pre>
- sprintf(s, unknown, bug);
-</pre>
-<li>test.c:23: <b>  [4] </b> (format) <i> printf:
-  If format strings can be influenced by an attacker, they can be
-  exploited (CWE-134). Use a constant for the format specification.  </i>
-<pre>
- printf(bf, x);
-</pre>
-<li>test.c:25: <b>  [4] </b> (buffer) <i> scanf:
-  The scanf() family's %s operation, without a limit specification,
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
-  different input function.  </i>
-<pre>
- scanf("%s", s);
-</pre>
-<li>test.c:27: <b>  [4] </b> (buffer) <i> scanf:
-  The scanf() family's %s operation, without a limit specification,
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
-  different input function.  </i>
-<pre>
- scanf("%s", s);
-</pre>
-<li>test.c:38: <b>  [4] </b> (format) <i> syslog:
-  If syslog's format strings can be influenced by an attacker, they can
-  be exploited (CWE-134). Use a constant format string for syslog.  </i>
-<pre>
- syslog(LOG_ERR, attacker_string);
-</pre>
-<li>test.c:49: <b>  [4] </b> (buffer) <i> _mbscpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using a function version that stops copying at the end of
-  the buffer.  </i>
-<pre>
-  _mbscpy(d,s); /* like strcpy, this doesn't check for buffer overflow */
-</pre>
-<li>test.c:52: <b>  [4] </b> (buffer) <i> lstrcat:
-  Does not check for buffer overflows when concatenating to destination
-  (CWE-120).  </i>
-<pre>
-  lstrcat(d,s);
-</pre>
-<li>test.c:75: <b>  [3] </b> (shell) <i> CreateProcess:
-  This causes a new process to execute and is difficult to use safely
-  (CWE-78). Specify the application path in the first argument, NOT as part
-  of the second, or embedded spaces could allow an attacker to force a
-  different program to run.  </i>
-<pre>
-  CreateProcess(NULL, "C:\\Program Files\\GoodGuy\\GoodGuy.exe -x", "");
-</pre>
-<li>test.c:75: <b>  [3] </b> (shell) <i> CreateProcess:
-  This causes a new process to execute and is difficult to use safely
-  (CWE-78). Specify the application path in the first argument, NOT as part
-  of the second, or embedded spaces could allow an attacker to force a
-  different program to run.  </i>
-<pre>
-  CreateProcess(NULL, "C:\\Program Files\\GoodGuy\\GoodGuy.exe -x", "");
-</pre>
-<li>test.c:91: <b>  [3] </b> (buffer) <i> getopt_long:
-  Some older implementations do not protect against internal buffer
-  overflows (CWE-120). Check implementation on installation, or limit the
-  size of all string inputs.  </i>
-<pre>
-    while ((optc = getopt_long (argc, argv, "a",longopts, NULL )) != EOF) {
-</pre>
-<li>test.c:16: <b>  [2] </b> (buffer) <i> strcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
-  easily misused). Risk is low because the source is a constant string. </i>
-<pre>
- strcpy(a, gettext("Hello there")); // Did this work?
-</pre>
-<li>test.c:19: <b>  [2] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf. Risk is low because the source has a constant maximum
-  length. </i>
-<pre>
- sprintf(s, "hello");
-</pre>
-<li>test.c:45: <b>  [2] </b> (buffer) <i> char:
-  Statically-sized arrays can be overflowed (CWE-120). Perform bounds
-  checking, use functions that limit length, or ensure that the size is
-  larger than the maximum possible length (CWE-119).  </i>
-<pre>
-  char d[20];
-</pre>
-<li>test.c:46: <b>  [2] </b> (buffer) <i> char:
-  Statically-sized arrays can be overflowed (CWE-120). Perform bounds
-  checking, use functions that limit length, or ensure that the size is
-  larger than the maximum possible length (CWE-119).  </i>
-<pre>
-  char s[20];
-</pre>
-<li>test.c:50: <b>  [2] </b> (buffer) <i> memcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Make sure destination can always hold the source data.  </i>
-<pre>
-  memcpy(d,s);
-</pre>
-<li>test.c:51: <b>  [2] </b> (buffer) <i> CopyMemory:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Make sure destination can always hold the source data.  </i>
-<pre>
-  CopyMemory(d,s);
-</pre>
-<li>test.c:97: <b>  [2] </b> (misc) <i> fopen:
-  Check when opening files - can an attacker redirect it (via symlinks),
-  force the opening of special file type (e.g., device files), move
-  things around to create a race condition, control its ancestors, or change
-  its contents? (CWE-362).  </i>
-<pre>
-  f = fopen("/etc/passwd", "r"); 
-</pre>
-<li>test.c:15: <b>  [1] </b> (buffer) <i> strcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
-  easily misused). Risk is low because the source is a constant
-  character. </i>
-<pre>
- strcpy(a, "\n"); // Did this work?
-</pre>
-<li>test.c:18: <b>  [1] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf. Risk is low because the source is a constant character. </i>
-<pre>
- sprintf(s, "\n");
-</pre>
-<li>test.c:26: <b>  [1] </b> (buffer) <i> scanf:
-  it's unclear if the %s limit in the format string is small enough
-  (CWE-120). Check that the limit is sufficiently small, or use a different
-  input function.  </i>
-<pre>
- scanf("%10s", s);
-</pre>
-<li>test.c:53: <b>  [1] </b> (buffer) <i> strncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
-  invalid pointers (CWE-120).  </i>
-<pre>
-  strncpy(d,s);
-</pre>
-<li>test.c:54: <b>  [1] </b> (buffer) <i> _tcsncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
-  invalid pointers (CWE-120).  </i>
-<pre>
-  _tcsncpy(d,s);
-</pre>
-<li>test.c:55: <b>  [1] </b> (buffer) <i> strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
-  resizing strings.  </i>
-<pre>
-  strncat(d,s,10);
-</pre>
-<li>test.c:58: <b>  [1] </b> (buffer) <i> strlen:
-  Does not handle strings that are not \0-terminated (it could cause a
-  crash if unprotected) (CWE-119).  </i>
-<pre>
-  n = strlen(d);
-</pre>
-<li>test.c:64: <b>  [1] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  very low, the length appears to be in characters not bytes. </i>
-<pre>
-  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName)/sizeof(wszUserName[0]));
-</pre>
-<li>test.c:66: <b>  [1] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  very low, the length appears to be in characters not bytes. </i>
-<pre>
-  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName /sizeof(wszUserName[0]));
-</pre>
-</ul>
-<p>
-Hits = 36
-<br>
-Lines analyzed = 118
-<br>
-Physical Source Lines of Code (SLOC) = 80
-<br>
-Hits@level = [0]   0 [1]   9 [2]   7 [3]   3 [4]  10 [5]   7 <br>
-Hits@level+ = [0+]  36 [1+]  36 [2+]  27 [3+]  20 [4+]  17 [5+]   7 <br>
-Hits/KSLOC@level+ = [0+] 450 [1+] 450 [2+] 337.5 [3+] 250 [4+] 212.5 [5+] 87.5 <br>
-Suppressed hits = 2 (use --neverignore to show them)
-<br>
-Minimum risk level = 1
-<br>
-Not every hit is necessarily a security vulnerability.
-<br>
-There may be other security vulnerabilities; review your code!
-</body>
-</html>

test-results.txt

@@ -1,150 +0,0 @@
-Flawfinder version 1.28, (C) 2001-2007 David A. Wheeler.
-Number of dangerous functions in C/C++ ruleset: 160
-Examining test.c
-Examining test2.c
-test.c:32:  [5] (buffer) gets:
-  Does not check for buffer overflows (CWE-120). Use fgets() instead. 
-test.c:56:  [5] (buffer) strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
-  resizing strings. Risk is high; the length parameter appears to be a
-  constant, instead of computing the number of characters left.
-test.c:57:  [5] (buffer) _tcsncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
-  resizing strings. Risk is high; the length parameter appears to be a
-  constant, instead of computing the number of characters left.
-test.c:60:  [5] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  high, it appears that the size is given as bytes, but the function
-  requires size as characters.
-test.c:62:  [5] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  high, it appears that the size is given as bytes, but the function
-  requires size as characters.
-test.c:73:  [5] (misc) SetSecurityDescriptorDacl:
-  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
-  Access), which would even forbid administrator access (CWE-732). 
-test.c:73:  [5] (misc) SetSecurityDescriptorDacl:
-  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
-  Access), which would even forbid administrator access (CWE-732). 
-test.c:17:  [4] (buffer) strcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
-  easily misused). 
-test.c:20:  [4] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf. 
-test.c:21:  [4] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf. 
-test.c:22:  [4] (format) sprintf:
-  Potential format string problem (CWE-134). Make format string
-  constant. 
-test.c:23:  [4] (format) printf:
-  If format strings can be influenced by an attacker, they can be
-  exploited (CWE-134). Use a constant for the format specification. 
-test.c:25:  [4] (buffer) scanf:
-  The scanf() family's %s operation, without a limit specification,
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
-  different input function. 
-test.c:27:  [4] (buffer) scanf:
-  The scanf() family's %s operation, without a limit specification,
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
-  different input function. 
-test.c:38:  [4] (format) syslog:
-  If syslog's format strings can be influenced by an attacker, they can
-  be exploited (CWE-134). Use a constant format string for syslog. 
-test.c:49:  [4] (buffer) _mbscpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using a function version that stops copying at the end of
-  the buffer. 
-test.c:52:  [4] (buffer) lstrcat:
-  Does not check for buffer overflows when concatenating to destination
-  (CWE-120). 
-test.c:75:  [3] (shell) CreateProcess:
-  This causes a new process to execute and is difficult to use safely
-  (CWE-78). Specify the application path in the first argument, NOT as part
-  of the second, or embedded spaces could allow an attacker to force a
-  different program to run. 
-test.c:75:  [3] (shell) CreateProcess:
-  This causes a new process to execute and is difficult to use safely
-  (CWE-78). Specify the application path in the first argument, NOT as part
-  of the second, or embedded spaces could allow an attacker to force a
-  different program to run. 
-test.c:91:  [3] (buffer) getopt_long:
-  Some older implementations do not protect against internal buffer
-  overflows (CWE-120). Check implementation on installation, or limit the
-  size of all string inputs. 
-test.c:16:  [2] (buffer) strcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
-  easily misused). Risk is low because the source is a constant string.
-test.c:19:  [2] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf. Risk is low because the source has a constant maximum
-  length.
-test.c:45:  [2] (buffer) char:
-  Statically-sized arrays can be overflowed (CWE-120). Perform bounds
-  checking, use functions that limit length, or ensure that the size is
-  larger than the maximum possible length (CWE-119). 
-test.c:46:  [2] (buffer) char:
-  Statically-sized arrays can be overflowed (CWE-120). Perform bounds
-  checking, use functions that limit length, or ensure that the size is
-  larger than the maximum possible length (CWE-119). 
-test.c:50:  [2] (buffer) memcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Make sure destination can always hold the source data. 
-test.c:51:  [2] (buffer) CopyMemory:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Make sure destination can always hold the source data. 
-test.c:97:  [2] (misc) fopen:
-  Check when opening files - can an attacker redirect it (via symlinks),
-  force the opening of special file type (e.g., device files), move
-  things around to create a race condition, control its ancestors, or change
-  its contents? (CWE-362). 
-test.c:15:  [1] (buffer) strcpy:
-  Does not check for buffer overflows when copying to destination
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
-  easily misused). Risk is low because the source is a constant
-  character.
-test.c:18:  [1] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
-  snprintf, or vsnprintf. Risk is low because the source is a constant character.
-test.c:26:  [1] (buffer) scanf:
-  it's unclear if the %s limit in the format string is small enough
-  (CWE-120). Check that the limit is sufficiently small, or use a different
-  input function. 
-test.c:53:  [1] (buffer) strncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
-  invalid pointers (CWE-120). 
-test.c:54:  [1] (buffer) _tcsncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
-  invalid pointers (CWE-120). 
-test.c:55:  [1] (buffer) strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
-  resizing strings. 
-test.c:58:  [1] (buffer) strlen:
-  Does not handle strings that are not \0-terminated (it could cause a
-  crash if unprotected) (CWE-119). 
-test.c:64:  [1] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  very low, the length appears to be in characters not bytes.
-test.c:66:  [1] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
-  very low, the length appears to be in characters not bytes.
-
-Hits = 36
-Lines analyzed = 118
-Physical Source Lines of Code (SLOC) = 80
-Hits@level = [0]   0 [1]   9 [2]   7 [3]   3 [4]  10 [5]   7
-Hits@level+ = [0+]  36 [1+]  36 [2+]  27 [3+]  20 [4+]  17 [5+]   7
-Hits/KSLOC@level+ = [0+] 450 [1+] 450 [2+] 337.5 [3+] 250 [4+] 212.5 [5+] 87.5
-Suppressed hits = 2 (use --neverignore to show them)
-Minimum risk level = 1
-Not every hit is necessarily a security vulnerability.
-There may be other security vulnerabilities; review your code!
-
-Testing for no ending newline:
-Lines analyzed = 32