Commit Graph

320 Commits

Author SHA1 Message Date
David A. Wheeler 7020a47a3e flawfinder.1: Tweak output so 80-column version looks okay 2014-07-28 21:13:04 -04:00
David A. Wheeler ec361412f3 Support GNU convention variables (prefix, bindir, man1dir) and DESTDIR
- Modify makefile to support GNU convention makefile variable names,
    including prefix, bindir, datarootdir, mandir, and man1dir.
    It is tweaked so that the older variable names (e.g., INSTALL_DIR)
    will continue to work.
  - DESTDIR support added.
  - Predefined a useful INSTALL_PROGRAM makefile variable; that means
    that users can redefine it if they want.
2014-07-28 13:09:44 -04:00
David A. Wheeler 71c34ea619 makefile: Clean up internal creating cwe program 2014-07-27 17:23:35 -04:00
David A. Wheeler 4e99642392 Switch version # to 1.31.
- Version number 1.30 might be confused with 1.3.  This eliminates
    the potential problem.
2014-07-27 17:19:24 -04:00
David A. Wheeler 1ebc5d5afb Note that flawfinder is CWE-compatible. 2014-07-27 17:16:56 -04:00
David A. Wheeler a33ae6c62e Add more wide character rules and refine CWE mapping 2014-07-22 23:17:53 -04:00
David A. Wheeler bbe7a28ada flawfinder.1: Clean up man page, esp. option description 2014-07-21 00:00:12 -04:00
David A. Wheeler 5eb5e8411d Change version number to 1.30.
- This is the upcoming version number.  Change it now so that this
    is distinct from the released version 1.29.
2014-07-19 20:46:15 -04:00
David A. Wheeler 564b78b98d flawfinder.1: Document that hitlists should be trusted to be loaded or diffed 2014-07-19 20:42:37 -04:00
David A. Wheeler f980d02e2d ChangeLog: Document major changes 2014-07-19 19:26:39 -04:00
David A. Wheeler 8423c14116 Fix up "make show-cwes" 2014-07-19 19:21:23 -04:00
David A. Wheeler 60948e8368 Move CWE-119 report on char into warning instead of recommendation 2014-07-19 19:16:41 -04:00
David A. Wheeler dcf40ef8fd Modify test suite - also check generated HTML 2014-07-19 19:10:12 -04:00
David A. Wheeler cfe1a062fe Tweak mappings to CWE. strlen() better maps to CWE-126 (buffer over-read) 2014-07-19 19:05:49 -04:00
David A. Wheeler e0c0b9bc8e flawfinder.1: Minor documentation improvements, including removing blank lines 2014-07-19 18:38:24 -04:00
David A. Wheeler 4156a4199c flawfinder.1: Refine man page (esp. CWE discussion) 2014-07-19 17:23:10 -04:00
David A. Wheeler 7112bf164c Rewrite print_multi_line. It's now shorter, faster, and formats better 2014-07-19 16:42:14 -04:00
David A. Wheeler f9a6fdd314 Add links to CWE entries when producing HTML, and tweak output report 2014-07-19 16:20:14 -04:00
David A. Wheeler 5c66efaf2b Update version# and years 2014-07-19 13:00:58 -04:00
David A. Wheeler a7a7bb349b Modify documentation for listrules, and add CWE mapping info 2014-07-19 12:58:15 -04:00
David A. Wheeler 742cb6db13 flawfinder: Modify --listrules to also report default warning 2014-07-19 12:58:02 -04:00
David A. Wheeler df397eaf46 makefile: Modify "make clean" so it erases junk cve[.exe] 2014-07-13 15:11:32 -04:00
David A. Wheeler dcf7c7ff40 flawfinder.1: Expand CWE description and make other small improvements 2014-07-13 15:05:55 -04:00
David A. Wheeler 622add482e flawfinder.1: Minor tweaks 2014-07-13 13:49:51 -04:00
David A. Wheeler e97d0e6c18 flawfinder.1: Minor text cleanup about CWEs 2014-07-13 13:30:29 -04:00
David A. Wheeler ba451aceb7 Update dates 2014-07-13 13:21:40 -04:00
David A. Wheeler bd3bd7dae5 Add ability to search in warnings (e.g., for CWEs), and document that 2014-07-13 13:19:50 -04:00
David A. Wheeler 620a6df894 Document CWEs covered by flawfinder 2014-07-13 09:53:15 -04:00
David A. Wheeler 289f341f90 Add ability to list CWEs in source code 2014-07-13 09:44:34 -04:00
David A. Wheeler c1211121bf ChangeLog: Record the new capabilities. 2014-07-13 00:20:56 -04:00
David A. Wheeler 9de8db2e74 Add Common Weakness Enumeration (CWE) references 2014-07-13 00:06:04 -04:00
David A. Wheeler 62af9ec2d5 flawfinder.1: Various minor man page improvements 2014-07-12 23:07:38 -04:00
David A. Wheeler af33f0e3e9 flawfinder.1: Clarify explanation of patchfile option 2014-07-12 22:35:12 -04:00
David A. Wheeler 5a56f2667d flawfinder: Simplify string check 2014-07-12 22:24:02 -04:00
David A. Wheeler 1d9a870d77 Add support for git diff (as well as svn diff and GNU diff) 2014-07-12 21:36:54 -04:00
David A. Wheeler 7ebfb3bbb6 Mention "git diff" 2014-07-12 21:06:45 -04:00
David A. Wheeler 9dda4624dc makefile: Allow "make dist" as synonym for "make distribute" 2014-07-12 20:58:32 -04:00
David A. Wheeler 923cf6042c Rewrite documentation in man page and --help option for clarity
- Group options in --help, just like the man page, for clarity
  - Create a new group, "Selecting Input Data", so that they are
    clearly distinguished from selecting what hits to display.
  - Other clarifications in the man page.
2014-07-12 20:43:04 -04:00
David A. Wheeler 23fe9f27c5 Document --listrules in man page 2014-07-12 19:24:32 -04:00
David A. Wheeler 16caee60e0 flawfinder.1: Add missing period. 2014-07-12 19:22:14 -04:00
David A. Wheeler 981d4203b1 makefile: Use MKDIR_P for portability 2014-07-12 12:28:58 -04:00
David A. Wheeler 202bf127dc Handle unbalanced double-quotes in sprintf
- Handle unbalanced double-quotes.  This is a compilation error, but
    we can handle it more gracefully.
2014-07-12 12:25:59 -04:00
David A. Wheeler 40982f89ba Warn that time info is approximate
- We can't give exact times, in particular, the start time
    is measured only after Python finishes starting up.
    So, warn about that.
2014-07-12 12:11:26 -04:00
David A. Wheeler e95f94db75 Fix report on time executed (fix bug#7)
- The time reported was wrong in a misguided attempt to round.
2014-07-12 12:07:24 -04:00
David A. Wheeler dca1931902 Change flawfinder.spec to comply with Fedora guidelines (fix bug#4)
- Thanks to Horst H. von Brand vonbrand,at,inf.utfsm.cl
2014-07-12 11:56:11 -04:00
David A. Wheeler 400b58817c Allow "flawfinder ." (fix bug#3)
- Skipping dotdir also skipped ".", but it shouldn't.
  - My thanks to Gerd, who provided the patch
2014-07-12 11:40:22 -04:00
David A. Wheeler f372da2530 Fix ignore directive when filenames differ (fix bug#6)
- My thanks to Bernhard Herzog who provided the patch!
2014-07-12 11:31:45 -04:00
David A. Wheeler 1623be3119 Document -F option in help output 2014-07-12 11:25:11 -04:00
David A. Wheeler f5e02e9ec2 Version number now 1.28, add test for filenames without trailing newline 2014-07-12 07:01:23 -04:00
David A. Wheeler 8674d33858 flawfinder: Fix patch so line number count is correct 2014-07-12 06:46:14 -04:00