[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-dev] Re: Suggestion: add automated support for "flawfinder".
From: |
Loic Dachary |
Subject: |
[Savannah-dev] Re: Suggestion: add automated support for "flawfinder". |
Date: |
Wed, 3 Jul 2002 06:24:59 +0200 |
David Wheeler writes:
> I have a feature suggestion - adding automated support for
> "flawfinder". Flawfinder is a lint-like program that
> searches for common security flaws in C/C++ programs and
> reports them. It's GPLed.
>
> It'd be nice if a lead developer could press a button
> and then receive (via the web or email) a flawfinder report
> listing all the potential vulnerabilities found in a current project.
>
> Flawfinder is available at:
> http://www.dwheeler.com/flawfinder.
>
> I'm willing to help integrate it.
I apt-get installed flawfinder 0.21-1 on Savannah. Could you
provide a patch to Savannah that would allow to use it ? Also we would
ask you to provide documentation and support for flawfinder for the
next 12 months.
Is this agreeable to you ?
--
Loic Dachary http://www.dachary.org/ address@hidden
12 bd Magenta http://www.senga.org/ address@hidden
75010 Paris T: 33 1 42 45 07 97 address@hidden
GPG Public Key: http://www.dachary.org/loic/gpg.txt