diff --git a/flawfinder b/flawfinder
index a924854..8d674fe 100755
--- a/flawfinder
+++ b/flawfinder
@@ -294,6 +294,9 @@ def print_multi_line(text):
position = starting_position
print nextword, # Print remainder (can be overlong if no spaces)
+# This matches references to CWE identifiers, so we can HTMLize them.
+# We don't refer to CWE-1 through CWE-9, so we'll only match on 2+ digits.
+link_cwe_pattern = re.compile(r'(CWE-([1-9][0-9]+))([,()])')
class Hit:
"""
@@ -368,12 +371,16 @@ class Hit:
print "(%(category)s)" % self,
if output_format: print "",
print h("%(name)s:" % self),
+ main_text = h("%(warning)s. " % self)
+ if output_format: # Create HTML link to CWE definitions
+ main_text = link_cwe_pattern.sub(
+ r'\1\3',
+ main_text)
if single_line:
- print h("%(warning)s." % self),
+ print main_text,
if self.suggestion: print h(self.suggestion)+".",
print h(self.note),
else:
- main_text = h("%(warning)s. " % self)
if self.suggestion: main_text = main_text + h(self.suggestion) + ". "
main_text = main_text + h(self.note)
print
@@ -1781,11 +1788,11 @@ def show_final_results():
count_per_level[i] = 0
for i in range(0,6): # Initialize count_per_level
count_per_level_and_up[i] = 0
- if show_immediately: # Separate the final results.
+ if show_immediately or not quiet: # Separate the final results.
print
if showheading:
if output_format:
- print "Final Results
"
+ print "Final Results
"
else:
print "FINAL RESULTS:"
print
@@ -1805,15 +1812,6 @@ def show_final_results():
count = count + 1
if output_format: print ""
diff_file.close()
- if showheading:
- if output_format:
- print "
"
- if count > 0:
- print "Hits not in original histlist =", count
- else:
- print "No hits found that weren't already in the hitlist."
- if output_format:
- print "
"
else:
if output_format: print "
"
- else:
- print
- if count > 0:
- print "Hits =", count
- else:
- print "No hits found."
- if output_format:
- print "
"
+ # Done with list, show the post-hitlist summary.
if showheading:
+ if output_format:
+ print "
"
+ else:
+ print
+ if count > 0:
+ print "Hits =", count
+ else:
+ print "No hits found."
+ if output_format:
+ print "
"
# Compute the amount of time spent, and lines analyzed/second.
# By computing time here, we also include the time for
# producing the list of hits, which is reasonable.