12014-08-03 David A. Wheeler <dwheeler, at, dwheeler.com> 2 * Release version 1.31, a set of small improvements mostly CWE-related. 3 * Note that flawfinder is officially CWE-compatible. 4 * Support GNU make install conventions (prefix, bindir, DESTDIR, etc.). 5 The older program-specific conventions are still supported, but 6 the documentation emphasizes using the standard conventions instead. 7 * Simplified installation text. 8 * Added more wide character function rules. 9 * Add reference to info at "http://www.dwheeler.com/secure-programs". 10 * Document that hitlists should be trusted to be loaded or diffed. 11 These are implented using Python's pickle module, and that module 12 presumes the data is from a trustworthy source. In the expected 13 use case this is fine... but it needed to be documented. 14 * Tweak/improve mappings to CWE. E.G., strlen() 15 better maps to CWE-126 (buffer over-read). In a few cases the 16 CWE mappings weren't reported as such; that is now fixed. 17 CWEs are actually a hierarchy; expose a little of this so 18 people can more easily search on them. 19 * Improved error detection and reporting. In particular, error 20 messages are sent to standard errors, filenames listed but 21 non-existent trigger a separate warning, and there's a warning 22 about non-existent filenames listed on the command line that 23 begin with the UTF-8 long dash sequence (users might not notice 24 the difference between long dash and dash, and this can happen 25 in some cases when copying and pasting). 26 * Add "-H" option as synonym for "--html". 27 282014-07-19 David A. Wheeler <dwheeler, at, dwheeler.com> 29 * Release 1.29, primarily for CWE improvements. 30 * Multi-line formatting is faster and formats better. 31 * Documentation about CWEs has been improved. 32 * HTML format includes links from CWE identifiers to their definitions. 33 * Tweak CWE mappings, e.g., strlen maps to CWE-126 (buffer over-read). 34 * Option "--listrules" now gives default warning and is tab-delimited. 35 * Regression test suite now also tests the generated HTML. 36 372014-07-13 David A. Wheeler <dwheeler, at, dwheeler.com> 38 * Release 1.28 39 * Common Weakness Enumeration (CWE) references are 40 now included in most hits 41 * Handle files not ending in newline (thanks to Alexis Wilke) 42 * Documentation clarifications 43 * Added support for "git diff" in patchfile processing 44 * Handles unbalanced double-quotes in sprintf 45 * Fix incorrect time executed report 46 * Fix bug to allow "flawfinder ." (fix bug#3) 47 * Fix ignore directive when filenames differ (fix bug#6) 48 492007-01-16 David A. Wheeler <dwheeler, at, dwheeler.com> 50 * Release version 1.27 51 522007-01-16 Sebastien Tandel <sebastien, at, tandel (doht) be) 53 * Cleaned up code for patch handling, fix bug in subdir handling, 54 include patch info in help. 55 562007-01-15 Steve Kemp <steve at shellcode dot org> 57 * Fix Debian bug #268236. 58 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=268236 59 This complains that flawfinder crashes when presented with a 60 file it cannot read. The patch obviously can't prevent 61 the problem, since the tool can't review what it can't read, 62 but at least it halts with a cleaner error message. 63 642007-01-15 cmorgan <cmorgan47, at earthlink dooot net> 65 * Fixed Debian bug #271287 (flawfinder). See: 66 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=271287 67 Fixed skipping newlines when line ended with \, 68 which caused incorrect line number reporting. 69 Skip multiple whitespace at one time. 70 712007-01-15 David A. Wheeler <dwheeler, at, dwheeler.com> 72 * Modified Sebastien Tandel's code so that it also supports GNU diff 73 (his code worked only for svn diff) 74 * When using a patchfile, skip analysis of any file not 75 listed in the patchfile. 76 772007-01-15 Sebastien Tandel <sebastien, at, tandel (doht) be) 78 * Add support for using "svn diff" created patch files, based 79 on the approach described by David A. Wheeler on how it 80 could be done. 81 822007-01-15 David A. Wheeler <dwheeler, at, dwheeler.com> 83 * By default, now skips directories beginning with "." 84 (this makes it work nicely with many SCM systems). 85 Added "--followdotdir" option if you WANT it to enter 86 such directories. 87 * Fixed divide-by-zero when no code found (not exactly common 88 in normal use, but anyway!) 89 902004-06-15 David A. Wheeler <dwheeler, at, dwheeler.com> 91 * Released version 1.26. 92 * NOTE: Due to an error on my part, 93 the tar file for version 1.25 was for a short period 94 (after 2004-06-05) actually version 1.26, 95 incorrectly labelled as 1.25. 96 My sincere apologies!! Please upgrade to 1.26, since that 97 way you'll be SURE to get the right version. 98 992004-06-04 David A. Wheeler <dwheeler, at, dwheeler.com> 100 * Reviewed and modified Jared's code somewhat, and added 101 support for _TEXT() as well as _T(). 102 See http://www.rpi.edu/~pudeyo/articles/unicode.html for more info 103 on Microsoft's approach to internationalization involving TCHAR. 104 * Wrote ChangeLog entries for Jared's code. 105 1062004-06-04 Jared Robinson (jarrob, at, symantec.com) 107 * Added more support for Microsoft's approach to internationalization. 108 Thus, it accepts _T() just like gettext(), and adds many more 109 functions: _getts(), vswprintf(), _stprintf(), _vstprintf(), 110 vwprintf(), vfwprintf(), _vtprintf(), _ftprintf(), _vftprintf(), 111 _sntprintf(), _vsntprintf(), _ftscanf(), _gettc(). 112 In this approach, TCHAR and various macros are typically used. 113 In particular, _T() of tchar.h converts character strings 114 to long character strings, if _UNICODE is defined 115 (this makes TCHAR a long 16-bit character). Thus, T() is: 116 #ifdef _UNICODE 117 #define _T(x) L ## x 118 #else 119 #define _T(x) x 120 #endif 121 1222004-06-02 David A. Wheeler <dwheeler, at, dwheeler.com> 123 * Added two new rules for GLib functions, 124 "g_get_home_dir" and "g_get_tmp_dir", per a suggestion by 125 Steve Kemp, lead of the Debian Security Auditing Project. 126 This closes the wishlist item in Debian bug report #250432 127 (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=250432). 128 Contributors - please email wishlist items to me; 129 I can't monitor every distribution's local bug tracking system. 130 PLEASE tell upstream developers when there's a bug/wishlist 131 item, we can't fix it if we don't know. 132 * Added curl_getenv(). Kemp's suggestion reminded me to search 133 for other getenv()-like functions, and that one popped up. 134 * Added several rules for input functions (for -I) - 135 recv, recvfrom, recvmsg, fread, and readv. 136 * Tightened the false positive test slightly; if a name is 137 followed by = or - or + it's unlikely to be a function call, 138 so it'll be quietly discarded. 139 * Modified the summary report format slightly. 140 * Modified the getpass text to remove an extraneous character, 141 thanks to a bug report from Joerg Beyer (job, at, webde-ag.de) 142 * Modified installation instructions to clarify how to set 143 INSTALL_DIR at run-time so it installs elsewhere. 144 It uses the standard GNU conventions, but not everyone 145 knows about them. By default, it installs in /usr/local. 146 Just use normal make overrides to change that, e.g., 147 make INSTALL_DIR=/usr INSTALL_DIR_MAN=/usr/share/man install 148 I do NOT use the ?= macro-setting commands in the makefile, 149 because that's not standard (e.g., it's not in SUSv3), so 150 while that would work in GNU make, it wouldn't work in others. 151 1522004-05-31 David A. Wheeler <dwheeler, at, dwheeler.com> 153 * Released version 1.25. 154 155 1562004-05-30 David A. Wheeler <dwheeler, at, dwheeler.com> 157 * Added more rules for finding problems by examining the 158 Red Hat Linux 9 documentation (the man3 man pages), 159 looking for phrases like "do not use", "security", and "obsolete". 160 Thus, added rules for 161 cuserid, getlogin, getpass, mkstemp, getpw, memalign, as 162 well as the obsolete functions gsignal, ssignal, ulimit, usleep. 163 * Modified text for strncat to clarify it. 164 My thanks to Christian Biere, christianbiere, at, gmx.de, for 165 reporting the problem. 166 * Added lengthy text to the manual to explain exactly how to use 167 flawfinder with vim and emacs. This should also help 168 integrate flawfinder into other text editors/IDEs. 169 * Fixed error in --columns format, so that the output is simply 170 "filename:linenumber:columnnumber" when --columns (-C) is used. 171 * Eliminated "Number of" phrase in the footer report 172 (it was redundant anyway) 173 * Added more statistical information to the footer report. 174 * Changed makefile to simplify running tests. 175 * Tests now autogenerate html and txt versions. 176 * Added shortcut single-letter commands (-D for --dataonly, 177 -Q for --quiet, -C for --columns), so that invoking from 178 editors is easier. 179 * Tries to autoremove some false positives. In particular, a function 180 name followed immediately by "=" (ignoring whitespace) 181 is automatically considered to be a variable and NOT a function, 182 and thus doesn't register as a hit. There are exotic cases 183 where this won't be correct, but they're pretty unlikely in 184 real code. 185 * Added a "--falsepositive" (-F) option, which tries to remove 186 many more likely false positives. The current heuristic is: 187 if -F is enabled, any function name must be 188 followed by "(" (ignoring whitespace) to be considered a 189 possible hit; otherwise, it's thrown away. 190 Thus, if you often use variable names that are 191 also the names of risky functions, like "access", you 192 might consider using this option. Note that flawfinder 193 uses simple lexical analysis; eliminating many more false positives 194 would require deeper code analysis 195 (to examine type information, buffer size declarations, etc.). 196 This option also disables reporting of static character 197 buffer arrays. 198 This -F option and the autoremoving of false positives above is 199 in response to a problem report from 200 Mike Ruscher (Mike.Ruscher, at, cse-cst.gc.ca), 201 though the approach and code is my own. This may not completely 202 solve Mr. Ruscher's problem, but it's a start. 203 * Documented that flawfinder output can be misunderstood if 204 there are source filenames whose names contain newline, linefeed, or 205 colon. Source filenames shouldn't have such characters anyway; 206 while flawfinder can handle them, many other tools can't. 207 * Modified the documentation to make it clear in the synopsis 208 which one-letter flags are short for which long names. 209 * Modified "make install" script slightly so that it creates 210 directories that don't yet exist when installing. 211 My thanks to Joerg Beyer (job, at webde-ag.de) for reporting 212 the problem and suggesting a solution. 213 This solution requires that "mkdir" support the "-p" option, 214 which shouldn't be a problem for nearly all users. 215 2162003-10-29 David A. Wheeler <dwheeler, at, dwheeler.com> 217 * Released version 1.24. 218 * Fixed an incredibly obscure parsing error that caused some 219 false positives. If a constant C string, after the closing 220 double-quote, is followed by a \ and newline (instead of a comma), 221 the string might not be recognized as a constant string 222 (thus triggering warnings about non-constant values in some cases). 223 This kind of formatting is quite ugly and rare. 224 My thanks to Sascha Nitsch (sascha, at spsn.ath.cx) for pointing 225 this bug out and giving me a test case to work with. 226 * Added a warning for readlink. The implementation and warning 227 are mine, but the idea of warning about readlink came from 228 Stefan Kost (kost, at imn.htwk-leipzig.de). Thanks!! 229 2302003-09-27 David A. Wheeler <dwheeler, at, dwheeler.com> 231 * Released version 1.23. Minor bugfixes. 232 2332003-09-27 David A. Wheeler <dwheeler, at, dwheeler.com> 234 * Fixed subtle bug - in some circumstances single character constants 235 wouldn't be parsed correctly. My thanks to Scott Renfro 236 (scottdonotspam, at, renfro.org) for notifying me about this bug. 237 Scott Renfro also sent me a patch; I didn't use it 238 (the patch didn't handle other cases), but I'm grateful since it 239 illustrated the problem. 240 * Fixed documentation bug in man page. 241 The option "--minlevel=X" must be preceded by two dashes, 242 as are all GNU-style long options. The man page accidentally only 243 had one dash in the summary (it was correct elsewhere); it now 244 correctly shows both dashes. 245 * Modified man page to list filename extensions that are 246 interpreted as C/C++. 247 * Removed index.html from distribution - it's really only for the 248 website. 249 2502003-03-08 David A. Wheeler <dwheeler, at, dwheeler.com> 251 * Released version 1.22. Output format slightly changed (colon added), 252 so that it's compatible with tools that expect compiler warnings 253 in the typical format "filename:line-number: warning". 254 To get the fully expected format (all in one line), use "-S". 255 Also, improved RPM packaging. 256 2572003-03-08 David A. Wheeler <dwheeler, at, dwheeler.com> 258 * Changed makefile to be consistent with new RPM packaging approach. 259 * Changed makefile: now for testing, will automatically uninstall 260 old sloccount when creating rpm. Also (for me), make my_install 261 works (well, it helps me anyway). 262 2632003-02-01 Jose Pedro Oliveira 264 * Improved RPM packaging. 265 2662003-09-22 Jukka A. Ukkonen 267 * Recommended an extra colon in the output format, so that the 268 output format would like like typical compiler output (and thus 269 more compatible with existing tools that report warnings). 270 2712002-09-07 David A. Wheeler <dwheeler, at, dwheeler.com> 272 * Released version 1.21, with the following changes: 273 * Improved the default output so it creates multiple formatted lines 274 instead of single very long lines for each hit. 275 Use the new "--singleline" (-S) option to get the original 276 "long line" format. 277 * Removed duplicate "getpass" entry in the ruleset; 278 this didn't hurt anything, but was unnecessary. 279 Thanks to the user who gave me that feedback, wish I'd kept your 280 email address so I could credit you properly :-). 281 * Added a short tutorial to man page. 282 * Fixed initial upper/lower case on many entries in the ruleset. 283 * Allow "--input" as a synonym for "--inputs". 284 2852002-07-07 David A. Wheeler <dwheeler, at, dwheeler.com> 286 * Released version 1.20, with many more changes: 287 * Entries have been added to the database to detect file openings and 288 static character array definitions. 289 * The HTML format has been significantly improved. 290 * Joerg Beyer provided several nice improvements to flawfinder, 291 including a timing report. 292 * Now Flawfinder by default skips symbolic links, 293 and always skips special files, to counter attackers who 294 insert malicious files in their source code directories. 295 * The documentation has been improved in various ways. 296 2972002-07-05 David A. Wheeler <dwheeler, at, dwheeler.com> 298 * Completely rewrote the functions handling opening the 299 files/directories named on the command line and when 300 walking down the directory tree. This was in part 301 to handle a new security requirement for source code web 302 hosting services, which may analyze code written by someone else 303 AND then send reports to someone else who doesn't have the 304 same rights to view files as the analysis program. 305 It's the last part that's different - the attacker may control 306 the code being analyzed and insert non-regular files or 307 symbolic links to "bad" files like /etc/passwd (to expose its 308 contents) or /dev/zero (to stall analysis). These are 309 annoying but not really a problem when the analyst is running on 310 his OWN machine. 311 To deal with this, now flawfinder NEVER opens a file type that isn't 312 a file or directory, and it skips symbolic 313 links by default (though this can be changed), 314 no matter if they're listed at the top or inside 315 a directory descendent. This is actually reasonable behavior 316 for everyone, since others may be analyzing programs 317 that they don't trust either. 318 * Added open() and fopen() as entries, now it has 127 entries 319 in the database. Modified test code to test it. 320 * Warning messages about skipping symlinks and 321 files that aren't regular files are now controlled by --quiet 322 instead of --dataonly; since --quiet controls printing 323 status messages this seems more reasonable. 324 * Changed the format of the HTML output - now it creates a list. 325 The ending is now in regular type, instead of <pre>...</pre>. 326 This seemed too look nicer. 327 * Reworked Beyer's patch that prints speed somewhat, e.g., to print 328 floating point time (on small programs or fast machines 329 the time would be reported as "0") and to avoid 330 divide-by-zero on systems where time really is reported 331 as zero. 332 * Added "--omittime", so that the regression test 333 results won't vary depending on the time the analysis takes. 334 * Fixed minor bug: now the filename "-" works to mean 335 standard input. This is rarely used, since usually files 336 are analyzed instead. 337 * Modified documentation to make clear that in many circumstances 338 you need to copy the source code to a separate area. 339 I removed the reference to "--nolink", since this is now 340 the default. 341 * Modified makefile to generate correct-results.html and 342 correct-results.txt, so that (1) there will be a standard 343 to compare with and (2) the web page has a demo. 344 3452002-07-05 Joerg Beyer <job, at, webde-ag.de> 346 * Tiny patch to report the number of lines analyzed and 347 the analysis speed in lines/second. 348 3492002-07-04 David A. Wheeler <dwheeler, at, dwheeler.com> 350 * Changed Joerg Beyer's patch that gives a nicer error 351 message if an invalid option flag is given. Now the patch 352 also works in Python 1.5. This involved using getopt.error 353 instead of getopt.GetoptError. 354 * Added a comment explicitly documenting that flawfinder 355 is written to run under both Python 1.5 and Python 2. 356 Lots of systems only include Python 1.5, or use Python 1.5 357 as the default Python (e.g., Red Hat 7.2). 358 Someday that won't be a concern, but there's no reason it 359 can't easily port between the two for a while. 360 * Ran PyChecker and modified code to eliminate the errors it reports. 361 3622002-07-03 David A. Wheeler <dwheeler, at, dwheeler.com> 363 * Changed the default to IGNORE symbolic links, and added the 364 --allowlink option to use symbolic links. This is a safer default, 365 and few people will really want to follow symbolic links anyway. 366 * Added option --dataonly to suppress headers and footers; 367 use this along with --quiet to get "just the facts" 368 (e.g., when processing the output with other tools). 369 This was inspired by a comment from A.T. Hofkamp. 370 3712002-07-03 Joerg Beyer <job, at, webde-ag.de> 372 * Various small patches - thanks!! There were as follows: 373 * If you call flawfinder without input, 374 state that there was no input, not state that there's no hit. 375 * If interrupted with Control-C, flawfinder now prints cleanly 376 that it was interrupted. 377 * Print a nicer error message if an invalid option flag 378 is given. 379 * Just for completeness' sake, I'm including two of the patches: 380 --- flawfinder_orig Wed Jul 3 09:56:34 2002 381 +++ flawfinder Wed Jul 3 10:25:49 2002 382 @@ -1216,10 +1216,15 @@ 383 if loadhitlist: 384 f = open(loadhitlist) 385 hitlist = pickle.load(f) 386 else: 387 - for f in sys.argv[1:]: 388 + files = sys.argv[1:] 389 + if not files: 390 + print "*** no input files" 391 + return None 392 + for f in files: 393 process_dir_or_file(f) 394 + return 1 395 396 def show_final_results(): 397 global hitlist 398 count = 0 399 @@ -1275,11 +1280,14 @@ 400 def flawfind(): 401 process_options() 402 display_header() 403 initialize_ruleset() 404 - process_files() 405 - show_final_results() 406 - save_if_desired() 407 + if process_files(): 408 + show_final_results() 409 + save_if_desired() 410 411 412 Detect control-C: 413 414 --- flawfinder_orig Wed Jul 3 09:56:34 2002 415 +++ flawfinder Wed Jul 3 09:58:37 2002 416 @@ -1281,5 +1281,8 @@ 417 save_if_desired() 418 419 if __name__ == '__main__': 420 - flawfind() 421 + try: 422 + flawfind() 423 + except KeyboardInterrupt: 424 + print "*** Flawfinder interrupted" 425 426 --- flawfinder_orig Wed Jul 3 09:56:34 2002 427 +++ flawfinder Wed Jul 3 09:58:37 2002 428 @@ -1280,6 +1280,9 @@ 429 show_final_results() 430 save_if_desired() 431 432 if __name__ == '__main__': 433 - flawfind() 434 + try: 435 + flawfind() 436 + except KeyboardInterrupt: 437 + print "*** Flawfinder interrupted" 438 439 4402002-07-02 David A. Wheeler <dwheeler, at, dwheeler.com> 441 * Added detection of static arrays of char, wchar_t, and TCHAR. 442 * Fixed typo in makefile uninstall script. My thanks to 443 Andrew Dalgleish for pointing this out. 444 * Modified installation to be friendlier to Cygwin. My thanks to 445 Andrew Dalgleish for pointing this out, too. 446 One step involved creating PYTHONEXT in the makefile 447 and documenting it, which was no problem. 448 A more surprising problem was that the INSTALL file needed to 449 be renamed to "INSTALL.txt", because otherwise "make install" 450 thinks that everything is already installed. 451 This is a nasty problem caused by Windows' type insensitivity 452 conflicting with normal Unix standards... this should really 453 be noted somewhere in various standard documents!! 454 I eventually added a ".PHONY:" target to the makefile, 455 which also solves the problem when using GNU make. 456 * Fixed ChangeLog - the 2002 dates were accidentally 2001. 457 4582002-07-02 David A. Wheeler <dwheeler, at, dwheeler.com> 459 * Changed correct-results so that the version numbers are right. 460 * Created "make test-is-correct" which moves the test results 461 into the "correct-results" file. 462 4632002-07-02 David A. Wheeler <dwheeler, at, dwheeler.com> 464 * Released version 1.01. 465 * Bugfix: Programs with getopt() or getopt_long() could trigger 466 a problem with flawfinder itself. Now fixed. 467 * Added the --nolink option, and a detailed description in the 468 man page. Basically, this foils attacks where malicious 469 programmers insert into their source tree symbolic links 470 to files like /etc/passwd or /dev/zero. 471 You still need to copy source code files into a separate area 472 if you are worried about malicious programmers; see the 473 new man page discussion about this. 474 4752002-07-01 David A. Wheeler <dwheeler, at, dwheeler.com> 476 * Released version 1.00, a major step forward. 477 * I have significantly enlarged the database, from 55 rules 478 to 122 rules. Making the database this large is such a 479 major improvement in its usefulness that I've bumped the 480 version number up to 1.00. A number are from my book, 481 while others are suggested by "Writing Secure Code" by 482 Howard and LeBlanc (for the Windows-specific issues). 483 * Added HTML generation support. 484 * Significantly enlarged the test suite. 485 4862002-5-6 David A. Wheeler <dwheeler, at, dwheeler.com> 487 * Released version 0.22, a very minor improvement. 488 * Modified the report about %s in scanf when a limit for %s 489 was provided; some found the error report very 490 confusing. My thanks to Agustin.Lopez, who asked a question 491 that led me to this understanding. 492 4932001-12-18 David A. Wheeler <dwheeler, at, dwheeler.com> 494 * Released version 0.21. 495 * Fixed an error in the database entry for syslog(3), which 496 would cause incorrect hits. This resolves the Debian bug 497 "Bug#124009: flawfinder: wrong reports of format 498 fulnerabilities for syslog". 499 * Added simple "INSTALL" file. 500 * Fixed documentation, documenting --version and fixing a 501 format problem with "--neverignore". 502 * I accidentally wrote over version 0.20 with version 0.21's 503 contents. Sigh. 504 5052001-12-11 David A. Wheeler <dwheeler, at, dwheeler.com> 506 * Released version 0.20. 507 * Added --version, which prints JUST the version number without 508 actually analyzing any programs. 509 5102001-11-08 David A. Wheeler <dwheeler, at, dwheeler.com> 511 * Fixed MANIFEST.in to include "flawfinder.1*"; that way the 512 compressed man page is included when using MANIFEST.in. 513 Thanks to Jon Nelson for noting this. 514 The effect of this is quite tiny - 515 my tar file & rpm files already included the compressed 516 man page, so this error affects very few people. 517 Note also that this just meant that only the uncompressed 518 man page was in the MANIFEST, so I don't expect that this 519 error had any user-visible effects other than a few more K of man 520 page space (and with multi-Gigabyte drives, that's hard to notice). 521 5222001-11-04 David A. Wheeler <dwheeler, at, dwheeler.com> 523 * Released version 0.19 524 * Fixed a minor bug - flawfinder didn't realize that multiline strings 525 passed to gettext() are still constant strings. 526 My thanks to "Arthur", who reported this bug, and 527 Adam Lazur (Debian) who passed it on to me. 528 This closes Debian Bug#118025. 529 * Minor change - precomputed internationalization pattern for 530 a minor performance improvement. 531 * Output a reminder that not all hits are actually security 532 vulnerabilities, as well as that there may be other vulnerabilities. 533 The documentation mentioned this too, but including that in 534 the output of the program makes it clearer (apparantly some 535 expect flawfinder to perform amazing magic far beyond the 536 possible). I think ALL programs like this should include this 537 reminder; otherwise sane software developers somehow expect 538 programs like this to work miracles, instead of simply reporting 539 likely spots based on heuristics. 540 5412001-11-03 David A. Wheeler <dwheeler, at, dwheeler.com> 542 * Added a "help" option and support for DistUtils, as well as 543 modification of the RPM spec file so it can be built by non-root. 544 My thanks to Jon Nelson for the patches to do this. 545 * Added "syslog" to the vulnerability database. 546 My thanks to Dave Aitel for this contribution. 547 * Generate and install compressed man page, rather than uncompressed. 548 My thanks to Marius Tomaschewski for this suggestion. 549 5502001-10-29 David A. Wheeler <dwheeler, at, dwheeler.com> 551 * Released version 0.17. 552 * Created an RPM package, to simplify installation. 553 * Accepts RATS' "ignore" directive, as well as ITS4's, for 554 compatibility's sake with RATS. 555 * Trivial change: shortened processing status phrase to 556 "Processing" so long filenames are more likely to fit on one line. 557 * Modified the man page, in the hopes that the new one is even 558 easier to understand. 559 5602001-10-28 David A. Wheeler <dwheeler, at, dwheeler.com> 561 * Released version 0.16. 562 * Added support for directories. If a directory (instead of a 563 file) is given on the command line as something to examine, 564 C/C++ files in that directory and its subdirectories (recursively) 565 are examined. This should make it easy to analyze entire projects, 566 and to make it easy to integrate flawfinder into project websites. 567 * Added to the vulnerability database: randomizing functions & getenv. 568 * Reports the number of hits at the end. 569 * Minor cleanup of text output. 570 * Print "processing" status every time a file is opened; this is 571 flushed, so that monitoring the status with "less" works well. 572 * Added the "--quiet" option, so that status information can be 573 suppressed. 574 5752001-06-06 David A. Wheeler <dwheeler, at, dwheeler.com> 576 * Added support for file globbing on Windows/NT/DOS 577 (it's not needed for Cygwin - it's only needed when 578 run natively). File globbing characters are 579 correctly ignored in Unix-like ("posix") systems, since 580 the Unix shell does this for us. 581 5822001-05-29 David A. Wheeler <dwheeler, at, dwheeler.com> 583 * Fixed manual page to close the "/*" comment with "*/". 584 5852001-05-29 David A. Wheeler <dwheeler, at, dwheeler.com> 586 * Fixed a bug in directive handling, now directives work properly. 587 I only noticed this AFTER release of 0.14, sigh. 588 * Fixed the ChangeLog, to note the addition of --neverignore. 589 * Released version 0.15. 590 5912001-05-29 David A. Wheeler <dwheeler, at, dwheeler.com> 592 * Fixed a minor problem in string handling; a string containing 593 \\ followed immediately by the double-quote mark (end of the string) 594 wasn't correctly handled. Now it is. 595 * Added information in the documentation describing how to ignore 596 hits on a specific line (a comment directive). Flawfinder has 597 always had this ability (since 0.12), but now it's documented. 598 Before, you had to read the test file test.c or the actual 599 flawfinder code to learn about this ability. 600 * Added the "--neverignore" / "-n" option. 601 * Having a number of conversations with John Viega comparing 602 RATS and flawfinder, with the goal of finding a way to 603 coordinate and have a "best of breed" scanner. This hasn't 604 produced a concrete result, but Viega will soon post a comparison 605 paper that I've had input on. 606 * Released version 0.14. 607 6082001-05-25 David A. Wheeler <dwheeler, at, dwheeler.com> 609 * Fixed a minor error in that parameter parser; previously it 610 might have trouble with embedded preprocessor commands in 611 the middle of parameter lists. 612 * Added this ChangeLog. 613 * Released version 0.13. 614 6152001-05-21 David A. Wheeler <dwheeler, at, dwheeler.com> 616 * Initial release of flawfinder version 0.12. 617 618 619