Giters

david-a-wheeler / flawfinder

a static analysis tool for finding vulnerabilities in C/C++ source code

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Grouping issues by vulnerability title

thesp0nge opened this issue · comments

commented

It will be great having a command line flag telling flawfinder to group findings by security title and not by file and location.

i.e. from this:
./src/file_a.c:89: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
./src/file_b.c:104: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.

to this:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Found in:
* ./src/file_b.c:104: [2] (buffer) char
* ./src/file_b.c:104: [2] (buffer) char