Activity for Flawfinder
-
Marek Küthe created ticket #29
Potential false positive entry for C++ std::ranges::equal
-
Flash created ticket #28
False positive on "mismatch" enumeration
-
figaro_ posted a comment on ticket #27
Duplicate of https://sourceforge.net/p/flawfinder/patches/4/
-
Typos in flawfinder.py
-
Abnormal termination on valgrind
-
False positive: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20).
-
MJ Rutter created ticket #24
Unnecessary warning for strlen of constant string
-
GitHub committed [c099c2]
Add a closing tag (</li>) (#62)
-
GitHub committed [616888]
Fix typos in markdown docs (#64)
-
David A. Wheeler committed [614801]
Merge branch 'master' of https://github.com/david-a-wheeler/flawfinder
-
Dimitri Papadopoulos created ticket #4
Fix typos
-
Flawfinder released /flawfinder-2.0.19.tar.gz
-
-
README.md: Clarify version number note
-
Version 2.0.19
-
GitHub committed [b7e8eb]
entrypoint.sh: Make minor improvements (#54)
-
Rename GitHub Action Flawfinder -> flawfinder_scan
-
README.md: Tweak GitHub actions description
-
GitHub committed [d9ddc0]
print warning messages to stderr (#58)
-
GitHub committed [0810f7]
Update readme (#55)
-
entrypoint.sh: Don't require output filename to be escaped
-
Yong Yan committed [ce8369]
Grant shell script exeuction permission
-
Yong Yan committed [700141]
Update workflow
-
Yong Yan committed [ad8c4a]
Add Github Action required files and test workflow.
-
Yong Yan committed [c53794]
specify upload sarif file path
-
Yong Yan committed [fc471e]
update actions files and readme.
-
GitHub committed [45c084]
Merge pull request #51 from yongyan-gh/users/yongyan-gh/addGHAction
-
Yong Yan committed [c4f58c]
scan specific file so the workflow will not report any error
-
Yong Yan committed [f5025a]
update readme
-
Merge branch 'master' of https://github.com/david-a-wheeler/flawfinder
-
-
Release version 2.0.18
-
Yong Yan committed [62b9b5]
Fix Sarif output relationship target id format.
-
GitHub committed [974499]
Merge pull request #52 from yongyan-gh/users/yongyan-gh/fixSarifOutput
-
-
Update flawfinder.1 date
-
Update ChangeLog
-
New version 2.0.17
-
Code style improvement: use "VAR in (...)"
-
makefile: fix "distribute" target to keep flawfinder.py
-
-
ChangeLog: Improve and note new version number
-
Change version 2.0.15->2.0.16
-
Update test correct results (new version number)
-
flawfinder.1: Minor man page cleanup
-
Make --error-level more obvious in the man page
-
flawfinder.1: minor reformatting
-
Document SARIF defails in man page
-
Ensure SARIF includes flawfinder's current version
-
ChangeLog: Note major changes (with credits!!)
-
GitHub committed [7defaf]
Track curly brace level in extract_c_parameters
-
Fix makefile install/uninstall
-
GitHub committed [1a2256]
Merge pull request #44 from myersg86/master
-
Yong Yan committed [f9819b]
export sarif report
-
Move sariflogger.py into flawfinder.py
-
flawfinder.py should be executable
-
Merge branch 'sarifOutput'
-
Robin Geffroy committed [21307f]
Make Git patch works
-
GitHub committed [14bcae]
Merge pull request #40 from IntidSammers/master
-
Ben Spoor committed [09f34f]
Add main entry point
-
GitHub committed [9a181d]
Merge pull request #37 from ben-edna/feature/cross-platform-setup
-
Ben Spoor committed [e0655e]
Use entry_points instead of scripts
-
Ben Spoor committed [6b4b79]
Make proper python module (add .py extension)
-
Add .pc and .sc extensions
-
Yong Yan committed [88869d]
Add default rule level to csv
-
Yong Yan committed [fd4dc9]
Add Sarif rule id
-
Update tests for new .csv results
-
Daniel Paul Searles committed [29a287]
Fix encoding error message misspelling
-
GitHub committed [c13f65]
Merge pull request #31 from squaresurf/fix-msg
-
-
Charles Milette committed [bd3787]
Update test files
-
GitHub committed [29df9e]
Merge pull request #29 from sylveon/load-library-ex-enhancements
-
Move safe_search to globals and add LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR to the list of safe flags
-
Check for ps2pdf before using it
-
Update tests for new version#
-
Change version# to 2.0.15
-
Enhance detection and diagnostics of LoadLibrary(Ex)
-
Update ChangeLog for 2.0.15
-
-
Version 2.0.14
-
Fix makefile problem and version numbers
-
Tell users how to disable false positives
-
Remove InitialCriticalSection
-
Ignore LoadLibraryEx if LOAD_LIBRARY_SEARCH_SYSTEM32
-
Update ChangeLog
-
boost::system is interpreted as a shell execution
-
I've tweaked the master branch so "system::" is ignored. That was simple to do and I think resolves the false positive.
-
Ignore "system::" to reduce false positives
-
Add .hpp support for C++
-
UnicodeDecodeError: 'utf-8' codec can't decode byte
-
Duong Do Minh Chau committed [1bb1a6]
Add test
-
GitHub committed [40b540]
Merge pull request #21 from duongdominhchau/master
-
Duong Do Minh Chau committed [e856bc]
Treat ' as digit separator when file extension is .cpp, .cxx, .cc
-
-
Last-minute tweaks for release
-
Provide better error feedback on encoding problems
-
Flawfinder's quite clueless about namespaces. I suspect we could simply tweak it to ignore namespace statements, or at least boost::system. ignoring Mainstays declarations is probably ignoring namespace declarations is probably the way to go.
-
Andrey S. Danin posted a comment on ticket #23
-F parameter helps
-
boost::system is interpreted as a shell execution
-
Note character encoding in README, note cvt2utf
1 >
