-
Hi,
This is a nice little project. However, as you might know, regexes are not that great for finding flaws. Would you consider rewriting this tool to use a data-flow analysis platform like [Joern]…
-
## Information
**VIM version**
VIM - Vi IMproved 9.0 (2022 Jun 28, compiled Nov 19 2023 18:05:09)
MS-Windows 64-bit GUI version
Operating System: Windows 10
## What went wrong
When…
-
Hi Expert,
Our security check tool codacy (FlawFinder) reported 4 security issues for the code of cpprestsdk.
They are all caused by std::istream::read() function usage .
https://github.com/Op…
-
Make sure to use this resource:
https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard
-
I can see that there's around 7-8 CWE available, can we modify the code?
Thank you.
-
Attached you should find an up to date report of the issues found by cppcheck. This is generated by running the script utils/create_cppcheck_report. Be aware that this takes a while to run.
It curren…
-
## Information
**VIM version**
```
VIM - Vi IMproved 8.2 (2019 Dec 12, compiled Jun 07 2022 00:51:41)
Included patches: 1-5046
```
Operating System: `Arch Linux x86_64 `
## What went wr…
-
We should improve the CI testing coverage by doing:
- [ ] switch to the official cmake action by github and add testing for multiple compile targets (Release, debug)
- [ ] DevSkim (code scanning)
-…
-
## Information
**VIM version**
VIM - Vi IMproved 8.2 (2019 Dec 12, compiled May 2 2021 18:02:30)
MS-Windows 32-bit console version
Operating System: Windows 11
## What went wrong
…
-
Given this source file:
```c
#include
#include
int main(char *arg)
{
sscanf(arg, PRIu32);
return 0;
}
```
Flawfinder `2.0.17` outputs:
```
FINAL RESULTS:
test.c:6: [4] (buffer)…