You are not logged in.

#1 2003-12-14 11:44:11

secsaba
Member
From: Espoo, Finland
Registered: 2003-11-06
Posts: 19

flawfinder

I downloaded the flawfinder package to the incomming.

# Contributor: Simon Csaba Endre <secsaba@pagony.net>
                                                                               
pkgname=flawfinder
pkgver=1.24
pkgrel=1
pkgdesc="A program that examines source code and reports possible security weaknesses sorted by risk level"
url="http://www.dwheeler.com/flawfinder/"
depends=('coreutils' 'python')
source=(http://www.dwheeler.com/flawfinder/$pkgname-$pkgver.tar.gz)
md5sums=('85a291ae9bf5a6eec823169057f950df')
                                                                               
build() {
  cd $startdir/src/$pkgname-$pkgver
  mkdir -p $startdir/pkg/usr/bin
  mkdir -p $startdir/pkg/usr/man/man1
  make INSTALL_DIR=$startdir/pkg/usr install
}

It is very easy to use. Just flawfinder directory_with_source_code

Offline

#2 2003-12-15 08:25:48

secsaba
Member
From: Espoo, Finland
Registered: 2003-11-06
Posts: 19

Re: flawfinder

Let see flawfinder in action  smile

flawfinder /var/abs/local/pacman/src/pacman-2.7/src/

Flawfinder version 1.24, (C) 2001-2003 David A. Wheeler.
Number of dangerous functions in C/C++ ruleset: 128
Examining /var/abs/local/pacman/src/pacman-2.7/src/db.c
Examining /var/abs/local/pacman/src/pacman-2.7/src/db.h
Examining /var/abs/local/pacman/src/pacman-2.7/src/md5.c
Examining /var/abs/local/pacman/src/pacman-2.7/src/md5.h
Examining /var/abs/local/pacman/src/pacman-2.7/src/pacman.c
Examining /var/abs/local/pacman/src/pacman-2.7/src/pacman.h
.....
.....
.....
/var/abs/local/pacman/src/pacman-2.7/src/pacman.c:1479:  [5] (buffer) strncat:
  Easily used incorrectly; doesn't always -terminate or check for
  invalid pointers. Risk is high; the length parameter appears to be a
  constant, instead of computing the number of characters left.
/var/abs/local/pacman/src/pacman-2.7/src/convertdb.c:133:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely.
  try using a library call that implements the same functionality if
  available.
/var/abs/local/pacman/src/pacman-2.7/src/db.c:39:  [4] (buffer) sprintf:
  Does not check for buffer overflows. Use snprintf or vsnprintf.
/var/abs/local/pacman/src/pacman-2.7/src/md5driver.c:63:  [4] (buffer) sprintf:
  Does not check for buffer overflows. Use snprintf or vsnprintf.
/var/abs/local/pacman/src/pacman-2.7/src/pacman.c:123:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination.
  Consider using strncpy or strlcpy (warning, strncpy is easily misused).
....
....
.....
Number of hits = 288
Number of Lines Analyzed = 6048 in 1.89 seconds (4355 lines/second)
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!

Oh we got 288 hits. But don't worry not every hit is a security vulnerability. A good book about secure programing is at http://dwheeler.com/secure-programs/ from where I downloaded the flawfinder program also.

Offline

Board footer

Powered by FluxBB