Request 862538: Submit flawfinder - openSUSE Build Service

Overview

Request 862538 accepted

- Update to 2.0.15:
* Fixed some release problems in 2.0.14. (#30)
* Improved handling of LoadLibraryEx; flawfinderr no longer complains
about certain constructs that are known to be safe (eliminating
some false positives).

- Update to 2.0.14:
* If there are >0 hits, tell users how to ignore them as part of the
tool output.
* Various Windows improvments.
Ignore LoadLibraryEx if its third parameter is
LOAD_LIBRARY_SEARCH_SYSTEM32, as this is safe, and
remove the rule for InitialCriticalSection
(this is no longer a vulnerability on current widely-used versions
of Windows)
* Various C++ improvements. Add .hpp support for C++,
ignore "system::" to reduce false positives,
treat ' as digit separator when file extension is a C++ file
(for C++14).
* I had some release problems; this is identified as 2.0.14
(skipping a few minor numbers) to ensure that the version
number uniquely identifies a specific release.

Created by jubalh almost 4 years ago
In state accepted

Submit flawfinder

Comments for request 862538 0

Login required, please login in order to comment

Request History

jubalh created request almost 4 years ago

- Update to 2.0.15:
* Fixed some release problems in 2.0.14. (#30)
* Improved handling of LoadLibraryEx; flawfinderr no longer complains
about certain constructs that are known to be safe (eliminating
some false positives).

- Update to 2.0.14:
* If there are >0 hits, tell users how to ignore them as part of the
tool output.
* Various Windows improvments.
Ignore LoadLibraryEx if its third parameter is
LOAD_LIBRARY_SEARCH_SYSTEM32, as this is safe, and
remove the rule for InitialCriticalSection
(this is no longer a vulnerability on current widely-used versions
of Windows)
* Various C++ improvements. Add .hpp support for C++,
ignore "system::" to reduce false positives,
treat ' as digit separator when file extension is a C++ file
(for C++14).
* I had some release problems; this is identified as 2.0.14
(skipping a few minor numbers) to ensure that the version
number uniquely identifies a specific release.

factory-auto added opensuse-review-team as a reviewer almost 4 years ago

Please review sources

factory-auto accepted review almost 4 years ago

Check script succeeded

licensedigger accepted review almost 4 years ago

ok

dimstar_suse added as a reviewer almost 4 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:46"

dimstar_suse accepted review almost 4 years ago

Picked "openSUSE:Factory:Staging:adi:46"

dimstar accepted review almost 4 years ago

dimstar_suse accepted review almost 4 years ago

Staging Project openSUSE:Factory:Staging:adi:46 got accepted.

dimstar_suse approved review almost 4 years ago

Staging Project openSUSE:Factory:Staging:adi:46 got accepted.

dimstar_suse accepted request almost 4 years ago

Staging Project openSUSE:Factory:Staging:adi:46 got accepted.

openSUSE Build Service is sponsored by