Fix up "make show-cwes"

This commit is contained in:
David A. Wheeler 2014-07-19 19:21:23 -04:00
parent 60948e8368
commit 8423c14116
3 changed files with 7 additions and 3 deletions

View File

@ -286,7 +286,7 @@ def print_multi_line(text):
position = position + len(w) + 1 position = position + len(w) + 1
# This matches references to CWE identifiers, so we can HTMLize them. # This matches references to CWE identifiers, so we can HTMLize them.
# We don't refer to CWE-1 through CWE-9, so we'll only match on 2+ digits. # We don't refer to CWE's with one digit, so we'll only match on 2+ digits.
link_cwe_pattern = re.compile(r'(CWE-([1-9][0-9]+))([,()])') link_cwe_pattern = re.compile(r'(CWE-([1-9][0-9]+))([,()])')
class Hit: class Hit:

View File

@ -766,6 +766,8 @@ for it to be more specific than the mappings currently implemented.
This also means that it is unlikely to need much This also means that it is unlikely to need much
updating for map currency; it simply doesn't have enough information to updating for map currency; it simply doesn't have enough information to
refine to a detailed CWE level that CWE changes would typically affect. refine to a detailed CWE level that CWE changes would typically affect.
The list of CWE identifiers was generated automatically using "make show-cwes",
so there is confidence that this list is correct.
Please report CWE mapping problems as bugs if you find any. Please report CWE mapping problems as bugs if you find any.
.PP .PP
Flawfinder may fail to find a vulnerability, even if flawfinder covers Flawfinder may fail to find a vulnerability, even if flawfinder covers

View File

@ -20,6 +20,8 @@ INSTALL_DIR=/usr/local
INSTALL_DIR_BIN=$(INSTALL_DIR)/bin INSTALL_DIR_BIN=$(INSTALL_DIR)/bin
INSTALL_DIR_MAN=$(INSTALL_DIR)/man/man1 INSTALL_DIR_MAN=$(INSTALL_DIR)/man/man1
FLEX=flex
# For Cygwin on Windows, set PYTHONEXT=.py # For Cygwin on Windows, set PYTHONEXT=.py
# (EXE=.exe would be needed on some systems, but not for flawfinder) # (EXE=.exe would be needed on some systems, but not for flawfinder)
EXE= EXE=
@ -150,8 +152,8 @@ my_install: flawfinder.pdf flawfinder.ps
# This is intended to be a local capability to list CWEs # This is intended to be a local capability to list CWEs
show-cwes: show-cwes:
flex -o cwe.c cwe.l $(FLEX) -o cwe.c cwe.l
gcc -o cwe cwe.c -lfl $(CC) -o cwe cwe.c -lfl
./cwe < flawfinder | sort -u -V ./cwe < flawfinder | sort -u -V