david-a-wheeler
commented
3 years ago I'm quite familiar with data-flow, control flow, etc. Doing that would be essentially a rewrite from scratch. If we were going to do data-flow, we'd also want control flow, type information, etc.
I don't see any advantage to modifying flawfinder to do this vs. starting a completely new project. In fact, it'd be easier to start from scratch.
Also, note that Flawfinder can work on partial code, including some code that won't compile and/or link. Flawfinder also doesn't require any dependencies (other than Python itself).
So I'd love to see such tools (there are already some!). But that seems like a separate project.
Hi,
This is a nice little project. However, as you might know, regexes are not that great for finding flaws. Would you consider rewriting this tool to use a data-flow analysis platform like Joern? Joern is also open-source. Below is a link to the query database which should give an idea.
https://queries.joern.io
Thanks in advance.