diff --git a/README b/README index 0c18367..ae10059 100644 --- a/README +++ b/README @@ -4,21 +4,45 @@ Flawfinder is a simple program that scans C/C++ source code and reports potential security problems. It can be a useful tool for examining software, and it can also serve as a simple introduction to static source code analysis tools more generally. It is designed to be easy to install and use. - -More technically, flawfinder uses lexical scanning to find tokens -(such as function names) that suggest likely problems, estimates their -level of risk (e.g., by the text of function calls), and reports the results. +Flawfinder supports the Common Weakness Enumeration (CWE) and is +officially CWE-Compatible. For more information, see: http://www.dwheeler.com/flawfinder -On Unix/Linux/POSIX systems, you can typically install it by extracting -its files, using "cd" to enter its directory, and then run this: - sudo make prefix=/usr install +Flawfinder is designed for use on Unix/Linux/POSIX systems +(including Cygwin, Linux-based systems, MacOS, and *BSDs) as a +command line tool. It requires Python 2 (version 2.5 or later). + +You can typically install flawfinder from its source code by doing this: + tar xvzf FILENAME.tar.gz # Uncompress distribution file + cd flawfinder-* # cd into it. + sudo make prefix=/usr install # Install in /usr +This installs the program as "/usr/bin/flawfinder" as well as the man page. You can omit the "prefix=/usr"; it will then install under "/usr/local". -The file INSTALL.txt has more detailed installation instructions. -Flawfinder requires Python 2 (version 2.5 or later). +The file INSTALL.txt has more detailed installation instructions; +flawfinder supports the usual conventions (prefix, DESTDIR, etc.). +You don't HAVE to install it to run it, but it's easiest that way. + +To run flawfinder, just give it a list of source files or directories to +example. For example, to examine all files in "src/" and down recursively: + flawfinder src/ +The manual page (flawfinder.1 or flawfinder.pdf) describes how to use +flawfinder (including its various options) and related information +(such as how it supports CWE). For example, the "--html" option generates +output in HTML format. The "--help" option gives a brief list of options. + +More technically, flawfinder uses lexical scanning to find tokens +(such as function names) that suggest likely vulnerabilities, estimates their +level of risk (e.g., by the text of function calls), and reports the results. +Flawfinder does not use or have access to information about control flow, +data flow, or data types. Thus, flawfinder will necessarily +produce many false positives for vulnerabilities and fail to report +many vulnerabilities. On the other hand, flawfinder can find +vulnerabilities in programs that cannot be built or cannot be linked. +Flawfinder also doesn't get as confused by macro definitions +and other oddities that more sophisticated tools have trouble with. Flawfinder is released under the GNU GPL license version 2 or later (GPLv2+). -See the COPYING file for more license information. +See the COPYING file for license information.