search

david-a-wheeler / flawfinder

a static analysis tool for finding vulnerabilities in C/C++ source code
GNU General Public License v2.0
478 stars 81 forks source link

Flawfinder does scan the directory with symlinks and exits quietly with error code #74

Open vijayeswari opened 2 years ago

vijayeswari commented 2 years ago

Flawfinder was integrated in our CI pipeline. It fails with the directories that have symlinks. "scp" directory is successful as it does not symlinks and "sdk" directory fails silently.

`$ mkdir flawfinder_report

38$ find /builds/scp/scpfirmware/scpos14ask/charter-scp-device/scp -type l

39$ flawfinder --minlevel=4 --html --context /builds/scp/scpfirmware/scpos14ask/charter-scp-device/scp > flawfinder_report/flawfinder_test_report_scp.html

40Warning: Skipping directory with initial dot /builds/scp/scpfirmware/scpos14ask/charter-scp-device/scp/.gitlab

[41](https://<gitlab>/scp/scpfirmware/scpos14ask/charter-scp-device/-/jobs/1868651#L41)$ find /builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk -type l

42/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/skales/boards/8996

43/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/skales/boards/7230

44/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/skales/boards/7x30

45/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/skales/boards/8x60

46/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/skales/boards/g1

47/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/skales/boards/7201a

48/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/package/network/config/netifd/files/sbin/ifdown

49/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/wireshark-github/.bzrignore

50/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/include/dt-bindings/input/linux-event-codes.h

51/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/vphn/vphn.c

52/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/vphn/vphn.h

53/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/primitives/asm/asm-compat.h

54/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/primitives/word-at-a-time.h

55/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/copyloops/copyuser_power7.S

56/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/copyloops/memcpy_power7.S

57/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/copyloops/memcpy_64.S

58/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/copyloops/copyuser_64.S

59/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/tools/testing/selftests/powerpc/stringloops/memcmp_64.S

60/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/mips/boot/dts/include/dt-bindings

61/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/metag/boot/dts/include/dt-bindings

62/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/arm64/boot/dts/include/dt-bindings

63/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/arm64/boot/dts/arm/vexpress-v2m-rs1.dtsi

64/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/cris/boot/dts/include/dt-bindings

65/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/powerpc/boot/dts/include/dt-bindings

66/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/arm/boot/dts/include/dt-bindings

67/builds/scp/scpfirmware/scpos14ask/charter-scp-device/sdk/qualcomm_sdk/qsdk/qca/src/linux-4.4/arch/arm/boot/dts/sun8i-a33-et-q8-v1.6.dts

68

Running after_script

00:01

84Running after script...

85$ echo "completed"

86completed

87

Cleaning up project directory and file based variables

00:01

88ERROR: Job failed: exit code 1`

vijayeswari commented 2 years ago

Successful job execution for a directory without symlinks

$ mkdir flawfinder_report $ flawfinder --minlevel=4 --html --context /builds/scp/scpfirmware/scpos14ask/charter-scp-device/scp > flawfinder_report/flawfinder_test_report.html Warning: Skipping directory with initial dot /builds/scp/scpfirmware/scpos14ask/charter-scp-device/scp/.gitlab Running after_script 00:00 Running after script... $ if [ $CI_JOB_STATUS == 'failed' ] && [ ! -f .build_complete ]; then tail -n 300 $LOGS_DIR/$LOG_FILENAME; fi Uploading artifacts for successful job 00:02 Uploading artifacts... flawfinder_report/: found 2 matching files and directories Uploading artifacts as "archive" to coordinator... ok id=1867340 responseStatus=201 Created token=jfjKdoTU Cleaning up project directory and file based variables 00:01 Job succeeded