From 179a6100def72c8c527a1855769b3f4500be044e Mon Sep 17 00:00:00 2001
From: Mario Campos <mario-campos@github.com>
Date: Thu, 30 Jun 2022 11:11:41 -0500
Subject: [PATCH 1/2] Add missing CWE(s) to FF1057's warning text

---
 flawfinder.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/flawfinder.py b/flawfinder.py
index 1e7eb04..fbaac2c 100755
--- a/flawfinder.py
+++ b/flawfinder.py
@@ -1500,7 +1500,7 @@ c_ruleset = {
      "access", "", {}, "FF1056"),
 
     "InitializeCriticalSection":
-    (normal, 3, "Exceptions can be thrown in low-memory situations",
+    (normal, 3, "Exceptions can be thrown in low-memory situations (CWE-248, CWE-400)",
      "Use InitializeCriticalSectionAndSpinCount instead",
      "misc", "", {}, "FF1057"),
 

From 25c90615b954ac0639d40fe30a4914c633f0a520 Mon Sep 17 00:00:00 2001
From: Mario Campos <mario-campos@github.com>
Date: Thu, 30 Jun 2022 11:29:41 -0500
Subject: [PATCH 2/2] Return generic helpURI if there are no CWEs

It can happen (by human error) that a rule may be missing CWEs in the warning text. So, to guard against that, if there are no CWEs, FlawFinder will generate and return a generic URI.
---
 flawfinder.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/flawfinder.py b/flawfinder.py
index fbaac2c..b811b82 100755
--- a/flawfinder.py
+++ b/flawfinder.py
@@ -587,6 +587,8 @@ class Hit(object):
     # Help uri for each defined rule. e.g. "https://dwheeler.com/flawfinder#FF1002"
     # return first CWE link for now
     def helpuri(self):
+        if self.cwes() == '':
+            return 'https://dwheeler.com/flawfinder#{}'.format(self.ruleid)
         cwe = re.split(',|!', self.cwes())[0] + ")"
         return link_cwe_pattern.sub(
                 r'https://cwe.mitre.org/data/definitions/\2.html',