From f5e02e9ec2f623d23b9cfb692d22ca6bf84f2fb2 Mon Sep 17 00:00:00 2001
From: "David A. Wheeler" <dwheeler@dwheeler.com>
Date: Sat, 12 Jul 2014 07:01:23 -0400
Subject: [PATCH] Version number now 1.28, add test for filenames without
 trailing newline

---
 correct-results.html |  4 ++--
 correct-results.txt  |  5 ++++-
 flawfinder           |  2 +-
 flawfinder.spec      |  2 +-
 makefile             | 13 +++++++++----
 no-ending-newline.c  | 32 ++++++++++++++++++++++++++++++++
 setup.py             |  2 +-
 test-results.html    |  4 ++--
 test-results.txt     |  5 ++++-
 9 files changed, 56 insertions(+), 13 deletions(-)
 create mode 100644 no-ending-newline.c

diff --git a/correct-results.html b/correct-results.html
index d29886c..6e7999f 100644
--- a/correct-results.html
+++ b/correct-results.html
@@ -9,8 +9,8 @@
 <body>
 <h1>Flawfinder Results</h1>
 Here are the security scan results from
-<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.27</a>,
-(C) 2001-2004 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
+<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.28</a>,
+(C) 2001-2007 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
 Number of dangerous functions in C/C++ ruleset: 160
 <p>
 Examining test.c <br>
diff --git a/correct-results.txt b/correct-results.txt
index a596e28..aa1de9d 100644
--- a/correct-results.txt
+++ b/correct-results.txt
@@ -1,4 +1,4 @@
-Flawfinder version 1.27, (C) 2001-2004 David A. Wheeler.
+Flawfinder version 1.28, (C) 2001-2007 David A. Wheeler.
 Number of dangerous functions in C/C++ ruleset: 160
 Examining test.c
 Examining test2.c
@@ -137,3 +137,6 @@ Suppressed hits = 2 (use --neverignore to show them)
 Minimum risk level = 1
 Not every hit is necessarily a security vulnerability.
 There may be other security vulnerabilities; review your code!
+
+Testing for no ending newline:
+Lines analyzed = 32
diff --git a/flawfinder b/flawfinder
index 8af54ce..9f317ba 100755
--- a/flawfinder
+++ b/flawfinder
@@ -6,7 +6,7 @@
 
  See the man page for a description of the options."""
 
-version="1.27"
+version="1.28"
 
 # The default output is as follows:
 # filename:line_number [risk_level] (type) function_name: message
diff --git a/flawfinder.spec b/flawfinder.spec
index 8021265..92cf64a 100644
--- a/flawfinder.spec
+++ b/flawfinder.spec
@@ -1,6 +1,6 @@
 Name: flawfinder
 Summary: Examines C/C++ source code for security flaws
-Version: 1.27
+Version: 1.28
 Release: 1
 License: GPL
 Group: Development/Tools
diff --git a/makefile b/makefile
index 0c2d9f8..86c48bb 100644
--- a/makefile
+++ b/makefile
@@ -9,7 +9,7 @@
 # Eventually switch to using DistUtils to autogenerate.
 
 NAME=flawfinder
-VERSION=1.27
+VERSION=1.28
 RPM_VERSION=1
 VERSIONEDNAME=$(NAME)-$(VERSION)
 ARCH=noarch
@@ -97,12 +97,17 @@ time:
 test: flawfinder test.c test2.c
 	# Omit time report so that results are always the same textually.
 	./flawfinder --omittime test.c test2.c > test-results.txt
+	echo >> test-results.txt
+	echo "Testing for no ending newline:" >> test-results.txt
+	./flawfinder --omittime no-ending-newline.c | \
+	  grep 'Lines analyzed' >> test-results.txt
 	./flawfinder --omittime --html --context test.c test2.c > test-results.html
-	less test-results.txt
+	@echo "Differences from expected results:"
+	@diff -u correct-results.txt test-results.txt
 
-check:
-	diff -u correct-results.txt test-results.txt
+check: test
 
+# Run "make test-is-correct" if the results are as expected.
 test-is-correct: test-results.txt
 	mv test-results.txt correct-results.txt
 	mv test-results.html correct-results.html
diff --git a/no-ending-newline.c b/no-ending-newline.c
new file mode 100644
index 0000000..06166af
--- /dev/null
+++ b/no-ending-newline.c
@@ -0,0 +1,32 @@
+// Test file to show bug in 1.27
+
+#include	<stdio.h>
+#include	<stdlib.h>
+#include	<string.h>
+
+int main()
+{
+	FILE	*f;
+	char	buf[1024], *s;
+	int	first;
+
+	first = 1;
+	while(fgets(buf, sizeof(buf), stdin) != 0) {
+		if(first == 0) {
+			printf("\n");
+		}
+		s = buf;
+		while(*s != '\0') {
+			if(*s == '\n' || *s == '\r') {
+				*s = '\0';
+				break;
+			}
+			s++;
+		}
+		printf("%s", buf);
+		first = 0;
+	}
+}
+
+/* end with spaces and no \n or \r */
+   
\ No newline at end of file
diff --git a/setup.py b/setup.py
index 0a5aa8f..29ad607 100644
--- a/setup.py
+++ b/setup.py
@@ -25,7 +25,7 @@ import commands
 
 setup (# Distribution meta-data
        name = "flawfinder",
-       version = "1.27",
+       version = "1.28",
        description = "a program that examines source code looking for security weaknesses",
        author = "David A. Wheeler",
        author_email = "dwheeler@dwheeler.com",
diff --git a/test-results.html b/test-results.html
index d29886c..6e7999f 100644
--- a/test-results.html
+++ b/test-results.html
@@ -9,8 +9,8 @@
 <body>
 <h1>Flawfinder Results</h1>
 Here are the security scan results from
-<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.27</a>,
-(C) 2001-2004 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
+<a href="http://www.dwheeler.com/flawfinder">Flawfinder version 1.28</a>,
+(C) 2001-2007 <a href="http://www.dwheeler.com">David A. Wheeler</a>.
 Number of dangerous functions in C/C++ ruleset: 160
 <p>
 Examining test.c <br>
diff --git a/test-results.txt b/test-results.txt
index a596e28..aa1de9d 100644
--- a/test-results.txt
+++ b/test-results.txt
@@ -1,4 +1,4 @@
-Flawfinder version 1.27, (C) 2001-2004 David A. Wheeler.
+Flawfinder version 1.28, (C) 2001-2007 David A. Wheeler.
 Number of dangerous functions in C/C++ ruleset: 160
 Examining test.c
 Examining test2.c
@@ -137,3 +137,6 @@ Suppressed hits = 2 (use --neverignore to show them)
 Minimum risk level = 1
 Not every hit is necessarily a security vulnerability.
 There may be other security vulnerabilities; review your code!
+
+Testing for no ending newline:
+Lines analyzed = 32