-
## Encoding Error on Windows 10
```
git clone https://github.com/Kitware/CMake.git
git clone https://github.com/david-a-wheeler/flawfinder.git
python3 flawfinder\flawfinder.py CMake\Source\C…
-
[The answer “Flawfinder works by using a built-in database of C/C++ functions with well-known problems, …” was puplished](https://dwheeler.com/flawfinder/#how_work "How does Flawfinder work?").
Can…
-
GitHub workflow file:
```yaml
name: Flawfinder
on:
push:
branches: [master]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
…
-
Scenario:
1. Emit a large log file
2. Rewrite with the multitool to exclude all results except those that occur within a single file or files.
-
I've tried flawfinder on my `zt` library:
```
zt.c:35: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format …
-
Integer literals are allowed to contain `'` separators these days as per [[lex.icon]](https://eel.is/c++draft/lex.icon#nt:integer-literal). The implementation handles them correctly for decimal/octal …
-
Hi Expert,
I noticed that flawfinder will report security issue when using modern C++ std::istream::read().
https://en.cppreference.com/w/cpp/io/basic_istream/read
https://github.com/OpenAPIToo…
-
Unlike std:strcat, abseil's strcat function handles the buffer overflow case correctly by creating a right-sized buffer in memory. Is there a way to have flawfinder ignore absl::StrCat but still find …
-
## Background
We need to do not use deprecated or obsolescent functions when more secure equivalent functions are available. Deprecated functions are defined by the C Standard. Obsolescent functions …
-
"An svg icon file is required to show the flawfinder workflow in security tab." in GitHub actions per https://github.com/david-a-wheeler/flawfinder/issues/49 This isn't an .ico file.
Do we have act…