25 lines
1.1 KiB
Plaintext
25 lines
1.1 KiB
Plaintext
This is "flawfinder" by David A. Wheeler, <dwheeler@dwheeler.com>.
|
|
|
|
Flawfinder is a simple program that scans C/C++ source code and reports
|
|
potential security problems. It can be a useful tool for examining
|
|
software, and it can also serve as a simple introduction to static source code
|
|
analysis tools more generally. It is designed to be easy to install and use.
|
|
|
|
More technically, flawfinder uses lexical scanning to find tokens
|
|
(such as function names) that suggest likely problems, estimates their
|
|
level of risk (e.g., by the text of function calls), and reports the results.
|
|
|
|
For more information, see:
|
|
http://www.dwheeler.com/flawfinder
|
|
|
|
On Unix/Linux/POSIX systems, you can typically install it by extracting
|
|
its files, using "cd" to enter its directory, and then run this:
|
|
sudo make prefix=/usr install
|
|
You can omit the "prefix=/usr"; it will then install under "/usr/local".
|
|
The file INSTALL.txt has more detailed installation instructions.
|
|
Flawfinder requires Python 2 (version 2.5 or later).
|
|
|
|
Flawfinder is released under the GNU GPL license version 2 or later (GPLv2+).
|
|
See the COPYING file for more license information.
|
|
|