3c9bf48736
Fixes #19 - don't warn if memcpy call includes sizeof(first arg)
...
Also fixes for the test output, comprising the bulk of the patch.
2018-12-19 08:07:47 -05:00
27ee4b0c8c
Update test results for new version number
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-08 18:58:01 -04:00
fccc59cdcb
Update for next version (2.0.8)
...
Change the version number NOW, so we won't forget later.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-08 18:55:52 -04:00
6abb7c524b
Fix SourceForge bug #14 No special warning for filename with long dash
...
This was reported by philipp. After some tweaking I got the warning
to work on both Python 2 and Python 3.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-06 19:11:21 -04:00
006a39e966
Fix SourceForge #18 Renamed file still referenced by other files
...
We renamed README to README.md but didn't fix all the references.
This fixes the references (hopefully we got them all!).
My thanks to philipp for reporting this!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-10-06 18:46:09 -04:00
79d7dbdc0f
Add latest info to ChangeLog
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:54:30 -04:00
da8b2016e0
Change vesion number to 2.0.7
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:42:56 -04:00
530a88a395
Change www.dwheeler.com to dwheeler.com
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:35:11 -04:00
13d8cc9efa
Fix PYTHONEXT error in makefile
...
Fixes bug report #16 Installation with filename extension override fails
from philipp. It noted that
'make PYTHONEXT=.py install fails because it tries to copy "flawfinder.py".'
Thanks for the report!!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:26:43 -04:00
3021892deb
Halt if --listrules and --html are invoked simultaneously
...
We don't currently support this combination, so error out if it's attempted.
Fixes SourceForge bug report #15 "Incomplete HTML output for list of rules".
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:20:48 -04:00
86eef5aa00
Fix installation, including a misspelling of "command"
...
This fixes #17 , "Typo in installation instructions".
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:15:03 -04:00
0eed96c22d
Remove unused global variables
...
This fixes bug report #13 , "Unused global variables" from philipp.
Thanks!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 21:08:48 -04:00
fdd8a3bf47
Do not halt on unterminated parameter list in C code
...
If we see an unterminated parameter list in the code being analyzed,
continue to warn, but treat it as an empty list and continue.
That say, we can try to process at least some of the code.
This fixes bug report #12 TypeError raised for incomplete source code
from philipp created: 2018-03-10.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 20:43:13 -04:00
dbb7ef1622
Merge branch 'nickthetait_branch' after fixing conflicts
...
Merge in a nice long set of improvements from:
https://github.com/nickthetait/flawfinder/
A BIG thanks goes to Nicholas Tait (nickthetait).
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-09-30 20:35:03 -04:00
8e12d79029
Fix a comment
...
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-05-01 21:57:54 -06:00
a037bed859
Document that in release we must push tags
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-04-04 11:39:38 -04:00
54039e0bd5
Fix flawfinder man page (e.g., fix the title of my book)
...
This fixes bug #11 , see:
https://sourceforge.net/p/flawfinder/bugs/11/
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-04-04 11:31:07 -04:00
c6480a884c
Convert installation instructions to markdown and cleanup wording a little
...
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 23:18:00 -06:00
e9304cb50f
Standardize formatting of commands or code in documentation
2018-03-15 23:17:12 -06:00
265f8ce140
Broaden an ignore rule
2018-03-15 22:49:45 -06:00
cda1b97c2e
Standardize membership checking style
...
Reported as E713 by pycodestyle
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:49:45 -06:00
7e5531da5b
Standardize whitespace between functions
...
Reported as E305 and E305 by pycodestyle
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:49:22 -06:00
aeac180dbb
Fix leading whitespace before comments
...
reported as E261 by pycodestyle
2018-03-15 22:46:01 -06:00
db09996c01
Convert README to use markdown
...
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:46:01 -06:00
23c1a7e289
Fix test case to work on Ubuntu
...
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
2018-03-15 22:45:32 -06:00
d7ce082024
Add "--error-level" option for continuous integration systems
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-27 18:11:52 -05:00
ba8e4bf6b6
Add some material to ChangeLog
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:28:52 -05:00
196943f223
Add release_process.md documentation and tweak makefile
...
Document the release process, so we're more likely to
do it correctly.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:26:36 -05:00
34a58911d3
Update version numbers
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:24:39 -05:00
cc84bdedfd
Fix typo in README
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-26 00:07:36 -05:00
2691ac6de5
Use https:, not http:, for cwe.mitre.org
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:52:35 -05:00
6380038c34
Fix CWE hyperlinks with trailing ! or /
...
This fixes SF bug #9 .
Thanks to philipp for reporting it!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:48:05 -05:00
f91e3ea60b
Note in man page that the extension .c++ is supported
...
This fixes SF bug #10 .
My thanks to philipp for reporting this.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:40:36 -05:00
9d1378e110
Fix typo in gsignal|ssignal rule
...
Fix a typo in the gsignal|ssignal rule.
This fixes SF bug #8 .
My thanks to philipp for reporting this!
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2018-01-25 23:29:37 -05:00
2c4e1d996b
Update version#
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-11-16 21:08:27 -05:00
6b350e7bdd
Call make using $(MAKE)
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-11-16 21:01:23 -05:00
5f1b87ab51
"make check" tests against both python2 AND python3
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-11-16 20:08:30 -05:00
90269a2c75
Add documentation about #if, #ifdef, and #if 0
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-24 22:50:10 -04:00
9299168b47
Update ChangeLog to show highlights
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-24 22:14:07 -04:00
5aa1dec7f7
Update www.dwheeler.com URLs to use https
...
The www.dwheeler.com site has long supported https, but I forgot
to change these URLs. Fix that, so that people will use https.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-23 20:45:03 -04:00
4d589859dc
Change array to tuple
...
Change possible_levels to a tuple. Arrays are mutable,
but we never want to mutate this value, so changing it
to a tuple reduces the risk of accidentally mutating it.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-23 20:41:45 -04:00
6f513af900
Always report hit counts correctly, even if ignored using -m
...
This commit means that the output provides useful summary data,
even if the lower-level hits are suppressed.
Note that this does use a little more memory when some hits
are supressed, since the hitlist is fully created even
if only parts are displayed. However, modern systems have
lots of memory. Hopefully we'll never analyze software
with so many problems that this is a problem itself :-).
If someone ever has that problem, they can output everything
and filter it separately.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-23 20:36:50 -04:00
e06e2ba3df
update CWE, risk, and discussion for C++14 STL functions
2017-09-14 13:16:22 -05:00
22507eabdb
Update tests to pass (new rules, so rule count changed)
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-09 20:47:08 -04:00
05ad330a53
Merge /u/squinky86/flawfinder-2/ branch master into master
...
https://sourceforge.net/p/flawfinder/code/merge-requests/2/
2017-09-10 00:45:36 +00:00
1b7199ea16
add detection of errant equal, mismatch, and is_permutation
2017-09-08 13:20:28 -05:00
e522ea7291
add detection of crypt_r function
2017-09-07 13:47:10 -05:00
0c4dbe8cc0
Tweak makefile to prevent unnecessary failures
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-02 21:15:02 -04:00
77121b15ed
Update ChangeLog (we support pip installs)
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-02 21:09:41 -04:00
9a55bdd175
In makefile, add warning in comment about using upload-pypi
...
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
2017-09-02 21:04:18 -04:00
Michael Clark
David A. Wheeler
nickthetait
Jon Hood
David A. Wheeler