OSDN -- Develop and Download Open Source Software

RSS
Download List

Project Description

Flawfinder searches through source code looking for potential security flaws. It will provide a list of potential security flaws, sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Flawfinder ignores text inside comments and strings.

System Requirements

System requirement is not defined
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.

2002-05-15 09:05
0.22

Clarified the report given about having %s in scanf when a limit for %s was provided.
Tags: Minor feature enhancements

2001-12-19 15:42
0.21

A minor bug in examining syslog() was fixed. Flawfinder's complaints about certain safe constructs were fixed.
Tags: Minor bugfixes

2001-12-11 10:23
0.20

The compressed man page is included when using DistUtils, and a --version option.
Tags: Minor bugfixes

2001-11-08 10:01
0.19

A minor bug involving multi-line strings passed to get text was fixed, a reminder that not all hits are necessarily security vulnerabilities was added, a "help" option, support for DistUtils, support for non-root builders of the RPM spec, and a "syslog" was added to the vulnerability database. A compressed man page was installed.
Tags: Minor feature enhancements

2001-10-30 15:20
0.17

Now, if a directory (instead of a file) is given as something to examine, C/C++ files in that directory and its subdirectories (recursively) are examined. An improved man page, support for RATS's "ignore" directive (for compatibility with RATS), minor improvements in the vulnerability database, and a new option for suppressing status information ("--quiet") have been added.
Tags: Minor feature enhancements

Project Resources

Project Page Download: Changelog Home Page Download: RPM Download: TGZ