walkero
/
flawfinder
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity
259 Commits 2 Branches 24 Tags 724 KiB
Commit Graph

259 Commits

Author SHA1 Message Date
David A. Wheeler dbb7ef1622 Merge branch 'nickthetait_branch' after fixing conflicts 
Merge in a nice long set of improvements from:
https://github.com/nickthetait/flawfinder/

A BIG thanks goes to Nicholas Tait (nickthetait).

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-09-30 20:35:03 -04:00
nickthetait 8e12d79029 Fix a comment 
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
 2018-05-01 21:57:54 -06:00
David A. Wheeler a037bed859 Document that in release we must push tags 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-04-04 11:39:38 -04:00
David A. Wheeler 54039e0bd5 Fix flawfinder man page (e.g., fix the title of my book) 
This fixes bug #11, see:
https://sourceforge.net/p/flawfinder/bugs/11/

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-04-04 11:31:07 -04:00
nickthetait c6480a884c Convert installation instructions to markdown and cleanup wording a little 
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
 2018-03-15 23:18:00 -06:00
nickthetait e9304cb50f Standardize formatting of commands or code in documentation 2018-03-15 23:17:12 -06:00
nickthetait 265f8ce140 Broaden an ignore rule 2018-03-15 22:49:45 -06:00
nickthetait cda1b97c2e Standardize membership checking style 
Reported as E713 by pycodestyle

Signed-off-by: nickthetait <nicholas.tait@ieee.org>
 2018-03-15 22:49:45 -06:00
nickthetait 7e5531da5b Standardize whitespace between functions 
Reported as E305 and E305 by pycodestyle

Signed-off-by: nickthetait <nicholas.tait@ieee.org>
 2018-03-15 22:49:22 -06:00
nickthetait aeac180dbb Fix leading whitespace before comments 
reported as E261 by pycodestyle
 2018-03-15 22:46:01 -06:00
nickthetait db09996c01 Convert README to use markdown 
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
 2018-03-15 22:46:01 -06:00
nickthetait 23c1a7e289 Fix test case to work on Ubuntu 
Signed-off-by: nickthetait <nicholas.tait@ieee.org>
 2018-03-15 22:45:32 -06:00
David A. Wheeler d7ce082024 Add "--error-level" option for continuous integration systems 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-27 18:11:52 -05:00
David A. Wheeler ba8e4bf6b6 Add some material to ChangeLog 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-26 00:28:52 -05:00
David A. Wheeler 196943f223 Add release_process.md documentation and tweak makefile 
Document the release process, so we're more likely to
do it correctly.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-26 00:26:36 -05:00
David A. Wheeler 34a58911d3 Update version numbers 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-26 00:24:39 -05:00
David A. Wheeler cc84bdedfd Fix typo in README 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-26 00:07:36 -05:00
David A. Wheeler 2691ac6de5 Use https:, not http:, for cwe.mitre.org 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-25 23:52:35 -05:00
David A. Wheeler 6380038c34 Fix CWE hyperlinks with trailing ! or / 
This fixes SF bug #9.

Thanks to philipp for reporting it!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-25 23:48:05 -05:00
David A. Wheeler f91e3ea60b Note in man page that the extension .c++ is supported 
This fixes SF bug #10.

My thanks to philipp for reporting this.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-25 23:40:36 -05:00
David A. Wheeler 9d1378e110 Fix typo in gsignal|ssignal rule 
Fix a typo in the gsignal|ssignal rule.
This fixes SF bug #8.

My thanks to philipp for reporting this!

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2018-01-25 23:29:37 -05:00
David A. Wheeler 2c4e1d996b Update version# 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-11-16 21:08:27 -05:00
David A. Wheeler 6b350e7bdd Call make using $(MAKE) 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-11-16 21:01:23 -05:00
David A. Wheeler 5f1b87ab51 "make check" tests against both python2 AND python3 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-11-16 20:08:30 -05:00
David A. Wheeler 90269a2c75 Add documentation about #if, #ifdef, and #if 0 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-24 22:50:10 -04:00
David A. Wheeler 9299168b47 Update ChangeLog to show highlights 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-24 22:14:07 -04:00
David A. Wheeler 5aa1dec7f7 Update www.dwheeler.com URLs to use https 
The www.dwheeler.com site has long supported https, but I forgot
to change these URLs. Fix that, so that people will use https.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-23 20:45:03 -04:00
David A. Wheeler 4d589859dc Change array to tuple 
Change possible_levels to a tuple.  Arrays are mutable,
but we never want to mutate this value, so changing it
to a tuple reduces the risk of accidentally mutating it.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-23 20:41:45 -04:00
David A. Wheeler 6f513af900 Always report hit counts correctly, even if ignored using -m 
This commit means that the output provides useful summary data,
even if the lower-level hits are suppressed.

Note that this does use a little more memory when some hits
are supressed, since the hitlist is fully created even
if only parts are displayed.  However, modern systems have
lots of memory. Hopefully we'll never analyze software
with so many problems that this is a problem itself :-).
If someone ever has that problem, they can output everything
and filter it separately.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-23 20:36:50 -04:00
Jon Hood e06e2ba3df update CWE, risk, and discussion for C++14 STL functions 2017-09-14 13:16:22 -05:00
David A. Wheeler 22507eabdb Update tests to pass (new rules, so rule count changed) 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-09 20:47:08 -04:00
David A. Wheeler 05ad330a53 Merge /u/squinky86/flawfinder-2/ branch master into master 
https://sourceforge.net/p/flawfinder/code/merge-requests/2/
 2017-09-10 00:45:36 +00:00
Jon Hood 1b7199ea16 add detection of errant equal, mismatch, and is_permutation 2017-09-08 13:20:28 -05:00
Jon Hood e522ea7291 add detection of crypt_r function 2017-09-07 13:47:10 -05:00
David A. Wheeler 0c4dbe8cc0 Tweak makefile to prevent unnecessary failures 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 21:15:02 -04:00
David A. Wheeler 77121b15ed Update ChangeLog (we support pip installs) 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 21:09:41 -04:00
David A. Wheeler 9a55bdd175 In makefile, add warning in comment about using upload-pypi 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 21:04:18 -04:00
David A. Wheeler 3ecde32e8e Update INSTALL.txt and README to note pip install 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 21:03:02 -04:00
David A. Wheeler 24992c0f08 Update version to 2.0.4 
My upload intended for pypitest appears to have gone to pypi instead.
To eliminate confusion, I'm bumping the version number so that
any single version number always refers to exactly one program version.

This was done with:
sed -i.bak -e 's/2\.0\.3/2.0.4/g' \
  ChangeLog correct-results.* flawfinder makefile setup.py

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 20:46:45 -04:00
David A. Wheeler 1df337cb8b Add test - sanity check of setup.py 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 20:15:19 -04:00
David A. Wheeler ec31c822dd Mark version as 2.0.3 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 20:03:44 -04:00
David A. Wheeler 1c9eba3f47 In setup.py, switch from distutils to setuptools and declare Python 3 okay 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 19:56:58 -04:00
David A. Wheeler d4bc234667 Add simple .gitignore file 
This was suggested by:
http://python-packaging.readthedocs.io/en/latest/minimal.html

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 18:06:28 -04:00
David A. Wheeler 23e8cee364 Rename test-diff-0005 to follow other filename conventions 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-09-02 15:45:08 -04:00
David A. Wheeler d38535419f Update version number to 2.0.2 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-08-26 17:56:29 -04:00
David A. Wheeler cead0828ef Add documentation about encoding 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-08-26 17:51:27 -04:00
David A. Wheeler b1d1b2e74d Update ChangeLog 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-08-26 17:51:14 -04:00
David A. Wheeler 09c14ab42d Note Python versioning issues with pickle in flawfinder.1 man page. 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-08-26 16:51:17 -04:00
David A. Wheeler e97254a5f3 Document in README that we accept Python 3 as well as Python 2.7 
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-08-26 16:18:33 -04:00
David A. Wheeler 339763c644 Add test for saving/loading hitlist, add Python3 fixes for it 
Test the saving and loading of hitlists.
This detected a Python3 problem, which was easily corrected by
saving and loading in binary "b" format instead of text format.

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
 2017-08-26 16:15:17 -04:00