From 2cfb29d0a4bffd674ebab1b0d7139e8e3908ce7b Mon Sep 17 00:00:00 2001 From: LCD 47 Date: Tue, 25 Apr 2017 20:35:58 +0300 Subject: [PATCH] New checker flawfinder for C/C++. --- doc/syntastic-checkers.txt | 94 +++++++++++++++++++++++------- plugin/syntastic.vim | 2 +- syntax_checkers/c/flawfinder.vim | 61 +++++++++++++++++++ syntax_checkers/cpp/flawfinder.vim | 26 +++++++++ 4 files changed, 162 insertions(+), 21 deletions(-) create mode 100644 syntax_checkers/c/flawfinder.vim create mode 100644 syntax_checkers/cpp/flawfinder.vim diff --git a/doc/syntastic-checkers.txt b/doc/syntastic-checkers.txt index 68603c84..41287c60 100644 --- a/doc/syntastic-checkers.txt +++ b/doc/syntastic-checkers.txt @@ -532,12 +532,13 @@ The following checkers are available for C (filetype "c"): 4. Clang-Tidy...............|syntastic-c-clang_tidy| 5. Cppcheck.................|syntastic-c-cppcheck| 6. cppclean.................|syntastic-c-cppclean| - 7. GCC......................|syntastic-c-gcc| - 8. make.....................|syntastic-c-make| - 9. OClint...................|syntastic-c-oclint| - 10. PC-Lint.................|syntastic-c-pc_lint| - 11. Sparse..................|syntastic-c-sparse| - 12. Splint..................|syntastic-c-splint| + 7. Flawfinder...............|syntastic-c-flawfinder| + 8. GCC......................|syntastic-c-gcc| + 9. make.....................|syntastic-c-make| + 10. OClint..................|syntastic-c-oclint| + 11. PC-Lint.................|syntastic-c-pc_lint| + 12. Sparse..................|syntastic-c-sparse| + 13. Splint..................|syntastic-c-splint| ------------------------------------------------------------------------------ 1. AVR-GCC *syntastic-c-avrgcc* @@ -719,7 +720,33 @@ accepts the standard options described at |syntastic-config-makeprg|. See also: |syntastic-cpp-cppclean|. ------------------------------------------------------------------------------ -7. GCC *syntastic-c-gcc* +7. Flawfinder *syntastic-c-flawfinder* + +Name: flawfinder +Maintainer: LCD 47 + +"Flawfinder" scans C/C++ source code for possible security weaknesses. See the +project's page for more information: + + https://www.dwheeler.com/flawfinder + +Checker options~ + +This checker is initialised using the "makeprgBuild()" function and thus it +accepts the standard options described at |syntastic-config-makeprg|. + +Additionally: + + *'g:syntastic_c_flawfinder_thres'* +Type: integer +Default: 3 +Error threshold. Policy violations with a severity above this value are +highlighted as errors, the others are considered warnings by syntastic. + +See also: |syntastic-cpp-flawfinder|. + +------------------------------------------------------------------------------ +8. GCC *syntastic-c-gcc* Name: gcc Maintainer: Gregor Uhlenheuer @@ -816,7 +843,7 @@ executable. See also: |syntastic-cpp-gcc|. ------------------------------------------------------------------------------ -8. make *syntastic-c-make* +9. make *syntastic-c-make* Name: make Maintainer: Gregor Uhlenheuer @@ -827,7 +854,7 @@ This checker is initialised using the "makeprgBuild()" function and thus it accepts the standard options described at |syntastic-config-makeprg|. ------------------------------------------------------------------------------ -9. OClint *syntastic-c-oclint* +10. OClint *syntastic-c-oclint* Name: oclint Maintainer: "UnCO" Lin @@ -866,7 +893,7 @@ Config files pointed to by 'g:syntastic_oclint_config_file' are then ignored. See also: |syntastic-cpp-oclint|. ------------------------------------------------------------------------------ -10. PC-Lint *syntastic-c-pc_lint* +11. PC-Lint *syntastic-c-pc_lint* Name: pc_lint Maintainer: Steve Bragg @@ -893,7 +920,7 @@ current directory and in parent directories; first such file found is used. See also: |syntastic-cpp-pc_lint|. ------------------------------------------------------------------------------ -11. Sparse *syntastic-c-sparse* +12. Sparse *syntastic-c-sparse* Name: sparse Maintainer: Daniel Walker @@ -925,7 +952,7 @@ your vimrc: > This allows "Sparse" to read "GCC"'s private include files. ------------------------------------------------------------------------------ -12. Splint *syntastic-c-splint* +13. Splint *syntastic-c-splint* Name: splint Maintainer: LCD 47 @@ -983,10 +1010,11 @@ The following checkers are available for C++ (filetype "cpp"): 4. Cppcheck.................|syntastic-cpp-cppcheck| 5. cppclean.................|syntastic-cpp-cppclean| 6. Cpplint..................|syntastic-cpp-cpplint| - 7. GCC......................|syntastic-cpp-gcc| - 8. OClint...................|syntastic-cpp-oclint| - 9. PC-Lint..................|syntastic-cpp-pc_lint| - 10. Vera++..................|syntastic-cpp-verapp| + 7. Flawfinder...............|syntastic-cpp-flawfinder| + 8. GCC......................|syntastic-cpp-gcc| + 9. OClint...................|syntastic-cpp-oclint| + 10. PC-Lint.................|syntastic-cpp-pc_lint| + 11. Vera++..................|syntastic-cpp-verapp| ------------------------------------------------------------------------------ 1. AVR-GCC *syntastic-cpp-avrgcc* @@ -1190,7 +1218,33 @@ However, if your "cpplint" was installed with "pip", the script's name is let g:syntastic_cpp_cpplint_exec = "cpplint" < ------------------------------------------------------------------------------ -7. GCC *syntastic-cpp-gcc* +7. Flawfinder *syntastic-cpp-flawfinder* + +Name: flawfinder +Maintainer: LCD 47 + +"Flawfinder" scans C/C++ source code for possible security weaknesses. See the +project's page for more information: + + https://www.dwheeler.com/flawfinder + +Checker options~ + +This checker is initialised using the "makeprgBuild()" function and thus it +accepts the standard options described at |syntastic-config-makeprg|. + +Additionally: + + *'g:syntastic_cpp_flawfinder_thres'* +Type: integer +Default: 3 +Error threshold. Policy violations with a severity above this value are +highlighted as errors, the others are considered warnings by syntastic. + +See also: |syntastic-c-flawfinder|. + +------------------------------------------------------------------------------ +8. GCC *syntastic-cpp-gcc* Name: gcc Maintainer: Gregor Uhlenheuer @@ -1287,7 +1341,7 @@ executable. See also: |syntastic-c-gcc|. ------------------------------------------------------------------------------ -8. OClint *syntastic-cpp-oclint* +9. OClint *syntastic-cpp-oclint* Name: oclint Maintainer: "UnCO" Lin @@ -1327,7 +1381,7 @@ Config files pointed to by 'g:syntastic_oclint_config_file' are then ignored. See also: |syntastic-c-oclint|. ------------------------------------------------------------------------------ -9. PC-Lint *syntastic-cpp-pc_lint* +10. PC-Lint *syntastic-cpp-pc_lint* Name: pc_lint Maintainer: Steve Bragg @@ -1354,7 +1408,7 @@ current directory and in parent directories; first such file found is used. See also: |syntastic-c-pc_lint|. ------------------------------------------------------------------------------ -10. Vera++ *syntastic-cpp-verapp* +11. Vera++ *syntastic-cpp-verapp* Name: verapp Maintainer: Lucas Verney diff --git a/plugin/syntastic.vim b/plugin/syntastic.vim index 48d9564a..53aa8678 100644 --- a/plugin/syntastic.vim +++ b/plugin/syntastic.vim @@ -19,7 +19,7 @@ if has('reltime') lockvar! g:_SYNTASTIC_START endif -let g:_SYNTASTIC_VERSION = '3.8.0-49' +let g:_SYNTASTIC_VERSION = '3.8.0-50' lockvar g:_SYNTASTIC_VERSION " Sanity checks {{{1 diff --git a/syntax_checkers/c/flawfinder.vim b/syntax_checkers/c/flawfinder.vim new file mode 100644 index 00000000..f47912ca --- /dev/null +++ b/syntax_checkers/c/flawfinder.vim @@ -0,0 +1,61 @@ +"============================================================================ +"File: flawfinder.vim +"Description: Syntax checking plugin for syntastic +"Maintainer: LCD 47 +"License: This program is free software. It comes without any warranty, +" to the extent permitted by applicable law. You can redistribute +" it and/or modify it under the terms of the Do What The Fuck You +" Want To Public License, Version 2, as published by Sam Hocevar. +" See http://sam.zoy.org/wtfpl/COPYING for more details. +" +"============================================================================ + +if exists('g:loaded_syntastic_c_flawfinder_checker') + finish +endif +let g:loaded_syntastic_c_flawfinder_checker = 1 + +if !exists('g:syntastic_c_flawfinder_sort') + let g:syntastic_c_flawfinder_sort = 1 +endif + +if !exists('g:syntastic_c_flawfinder_thres') + let g:syntastic_c_flawfinder_thres = 3 +endif + +let s:save_cpo = &cpo +set cpo&vim + +function! SyntaxCheckers_c_flawfinder_GetHighlightRegex(item) + let term = matchstr(a:item['text'], '\m^(\S\+)\s\+\zs\S\+\ze:') + return term !=# '' ? '\V\<' . escape(term, '\') . '\>' : '' +endfunction + +function! SyntaxCheckers_c_flawfinder_GetLocList() dict + let makeprg = self.makeprgBuild({ + \ 'args_after': '--columns --dataonly --singleline --quiet' }) + + let errorformat = '%f:%l:%c: [%n] %m' + + let loclist = SyntasticMake({ + \ 'makeprg': makeprg, + \ 'errorformat': errorformat, + \ 'subtype': 'Style', + \ 'returns': [0] }) + + for e in loclist + let e['type'] = e['nr'] < g:syntastic_{self.getFiletype()}_flawfinder_thres ? 'W' : 'E' + let e['nr'] = 0 + endfor + + return loclist +endfunction + +call g:SyntasticRegistry.CreateAndRegisterChecker({ + \ 'filetype': 'c', + \ 'name': 'flawfinder' }) + +let &cpo = s:save_cpo +unlet s:save_cpo + +" vim: set sw=4 sts=4 et fdm=marker: diff --git a/syntax_checkers/cpp/flawfinder.vim b/syntax_checkers/cpp/flawfinder.vim new file mode 100644 index 00000000..a003982a --- /dev/null +++ b/syntax_checkers/cpp/flawfinder.vim @@ -0,0 +1,26 @@ +"============================================================================ +"File: flawfinder.vim +"Description: Syntax checking plugin for syntastic +"Maintainer: Benjamin Bannier +"License: This program is free software. It comes without any warranty, +" to the extent permitted by applicable law. You can redistribute +" it and/or modify it under the terms of the Do What The Fuck You +" Want To Public License, Version 2, as published by Sam Hocevar. +" See http://sam.zoy.org/wtfpl/COPYING for more details. +"============================================================================ + +if exists('g:loaded_syntastic_cpp_flawfinder_checker') + finish +endif +let g:loaded_syntastic_cpp_flawfinder_checker = 1 + +if !exists('g:syntastic_cpp_flawfinder_thres') + let g:syntastic_cpp_flawfinder_thres = 3 +endif + +call g:SyntasticRegistry.CreateAndRegisterChecker({ + \ 'filetype': 'cpp', + \ 'name': 'flawfinder', + \ 'redirect': 'c/flawfinder'}) + +" vim: set sw=4 sts=4 et fdm=marker: