David A. Wheeler
7020a47a3e
flawfinder.1: Tweak output so 80-column version looks okay
2014-07-28 21:13:04 -04:00
David A. Wheeler
ec361412f3
Support GNU convention variables (prefix, bindir, man1dir) and DESTDIR
...
- Modify makefile to support GNU convention makefile variable names,
including prefix, bindir, datarootdir, mandir, and man1dir.
It is tweaked so that the older variable names (e.g., INSTALL_DIR)
will continue to work.
- DESTDIR support added.
- Predefined a useful INSTALL_PROGRAM makefile variable; that means
that users can redefine it if they want.
2014-07-28 13:09:44 -04:00
David A. Wheeler
71c34ea619
makefile: Clean up internal creating cwe program
2014-07-27 17:23:35 -04:00
David A. Wheeler
4e99642392
Switch version # to 1.31.
...
- Version number 1.30 might be confused with 1.3. This eliminates
the potential problem.
2014-07-27 17:19:24 -04:00
David A. Wheeler
1ebc5d5afb
Note that flawfinder is CWE-compatible.
2014-07-27 17:16:56 -04:00
David A. Wheeler
a33ae6c62e
Add more wide character rules and refine CWE mapping
2014-07-22 23:17:53 -04:00
David A. Wheeler
bbe7a28ada
flawfinder.1: Clean up man page, esp. option description
2014-07-21 00:00:12 -04:00
David A. Wheeler
5eb5e8411d
Change version number to 1.30.
...
- This is the upcoming version number. Change it now so that this
is distinct from the released version 1.29.
2014-07-19 20:46:15 -04:00
David A. Wheeler
564b78b98d
flawfinder.1: Document that hitlists should be trusted to be loaded or diffed
2014-07-19 20:42:37 -04:00
David A. Wheeler
f980d02e2d
ChangeLog: Document major changes
2014-07-19 19:26:39 -04:00
David A. Wheeler
8423c14116
Fix up "make show-cwes"
2014-07-19 19:21:23 -04:00
David A. Wheeler
60948e8368
Move CWE-119 report on char into warning instead of recommendation
2014-07-19 19:16:41 -04:00
David A. Wheeler
dcf40ef8fd
Modify test suite - also check generated HTML
2014-07-19 19:10:12 -04:00
David A. Wheeler
cfe1a062fe
Tweak mappings to CWE. strlen() better maps to CWE-126 (buffer over-read)
2014-07-19 19:05:49 -04:00
David A. Wheeler
e0c0b9bc8e
flawfinder.1: Minor documentation improvements, including removing blank lines
2014-07-19 18:38:24 -04:00
David A. Wheeler
4156a4199c
flawfinder.1: Refine man page (esp. CWE discussion)
2014-07-19 17:23:10 -04:00
David A. Wheeler
7112bf164c
Rewrite print_multi_line. It's now shorter, faster, and formats better
2014-07-19 16:42:14 -04:00
David A. Wheeler
f9a6fdd314
Add links to CWE entries when producing HTML, and tweak output report
2014-07-19 16:20:14 -04:00
David A. Wheeler
5c66efaf2b
Update version# and years
2014-07-19 13:00:58 -04:00
David A. Wheeler
a7a7bb349b
Modify documentation for listrules, and add CWE mapping info
2014-07-19 12:58:15 -04:00
David A. Wheeler
742cb6db13
flawfinder: Modify --listrules to also report default warning
2014-07-19 12:58:02 -04:00
David A. Wheeler
df397eaf46
makefile: Modify "make clean" so it erases junk cve[.exe]
2014-07-13 15:11:32 -04:00
David A. Wheeler
dcf7c7ff40
flawfinder.1: Expand CWE description and make other small improvements
2014-07-13 15:05:55 -04:00
David A. Wheeler
622add482e
flawfinder.1: Minor tweaks
2014-07-13 13:49:51 -04:00
David A. Wheeler
e97d0e6c18
flawfinder.1: Minor text cleanup about CWEs
2014-07-13 13:30:29 -04:00
David A. Wheeler
ba451aceb7
Update dates
2014-07-13 13:21:40 -04:00
David A. Wheeler
bd3bd7dae5
Add ability to search in warnings (e.g., for CWEs), and document that
2014-07-13 13:19:50 -04:00
David A. Wheeler
620a6df894
Document CWEs covered by flawfinder
2014-07-13 09:53:15 -04:00
David A. Wheeler
289f341f90
Add ability to list CWEs in source code
2014-07-13 09:44:34 -04:00
David A. Wheeler
c1211121bf
ChangeLog: Record the new capabilities.
2014-07-13 00:20:56 -04:00
David A. Wheeler
9de8db2e74
Add Common Weakness Enumeration (CWE) references
2014-07-13 00:06:04 -04:00
David A. Wheeler
62af9ec2d5
flawfinder.1: Various minor man page improvements
2014-07-12 23:07:38 -04:00
David A. Wheeler
af33f0e3e9
flawfinder.1: Clarify explanation of patchfile option
2014-07-12 22:35:12 -04:00
David A. Wheeler
5a56f2667d
flawfinder: Simplify string check
2014-07-12 22:24:02 -04:00
David A. Wheeler
1d9a870d77
Add support for git diff (as well as svn diff and GNU diff)
2014-07-12 21:36:54 -04:00
David A. Wheeler
7ebfb3bbb6
Mention "git diff"
2014-07-12 21:06:45 -04:00
David A. Wheeler
9dda4624dc
makefile: Allow "make dist" as synonym for "make distribute"
2014-07-12 20:58:32 -04:00
David A. Wheeler
923cf6042c
Rewrite documentation in man page and --help option for clarity
...
- Group options in --help, just like the man page, for clarity
- Create a new group, "Selecting Input Data", so that they are
clearly distinguished from selecting what hits to display.
- Other clarifications in the man page.
2014-07-12 20:43:04 -04:00
David A. Wheeler
23fe9f27c5
Document --listrules in man page
2014-07-12 19:24:32 -04:00
David A. Wheeler
16caee60e0
flawfinder.1: Add missing period.
2014-07-12 19:22:14 -04:00
David A. Wheeler
981d4203b1
makefile: Use MKDIR_P for portability
2014-07-12 12:28:58 -04:00
David A. Wheeler
202bf127dc
Handle unbalanced double-quotes in sprintf
...
- Handle unbalanced double-quotes. This is a compilation error, but
we can handle it more gracefully.
2014-07-12 12:25:59 -04:00
David A. Wheeler
40982f89ba
Warn that time info is approximate
...
- We can't give exact times, in particular, the start time
is measured only after Python finishes starting up.
So, warn about that.
2014-07-12 12:11:26 -04:00
David A. Wheeler
e95f94db75
Fix report on time executed (fix bug#7)
...
- The time reported was wrong in a misguided attempt to round.
2014-07-12 12:07:24 -04:00
David A. Wheeler
dca1931902
Change flawfinder.spec to comply with Fedora guidelines (fix bug#4)
...
- Thanks to Horst H. von Brand vonbrand,at,inf.utfsm.cl
2014-07-12 11:56:11 -04:00
David A. Wheeler
400b58817c
Allow "flawfinder ." (fix bug#3)
...
- Skipping dotdir also skipped ".", but it shouldn't.
- My thanks to Gerd, who provided the patch
2014-07-12 11:40:22 -04:00
David A. Wheeler
f372da2530
Fix ignore directive when filenames differ (fix bug#6)
...
- My thanks to Bernhard Herzog who provided the patch!
2014-07-12 11:31:45 -04:00
David A. Wheeler
1623be3119
Document -F option in help output
2014-07-12 11:25:11 -04:00
David A. Wheeler
f5e02e9ec2
Version number now 1.28, add test for filenames without trailing newline
2014-07-12 07:01:23 -04:00
David A. Wheeler
8674d33858
flawfinder: Fix patch so line number count is correct
2014-07-12 06:46:14 -04:00