https://github.com/david-a-wheeler/flawfinder
Flawfinder is a tool that scans C and C++ source code to find potential security vulnerabilities. It can be useful for examining software for security issues and also serves as a simple introduction to static code analysis. Flawfinder supports the Common Weakness Enumeration (CWE) and is officially CWE-Compatible.
Flawfinder is designed for Unix/Linux/POSIX systems (including Cygwin, Linux-based systems, macOS, and various BSDs) as a command line tool. It requires Python 2.7 or Python 3.
Flawfinder needs to correctly interpret your source code's character encoding. In most cases, this is not an issue, especially if the source code is properly encoded using UTF-8 and your system is configured for UTF-8 (the most common case).
However, if there's a character encoding problem while running Python 3, you may encounter errors like the following:
Error: encoding error in FILENAME 'ENCODING' codec can't decode byte ... in position ...: invalid start byte
Unfortunately, Python3 fails to provide useful built-ins to deal with this. Thus, it's non-trivial to deal with this problem without depending on external libraries (which we're trying to avoid).
Unfortunately, Python 3 does not provide convenient built-in solutions for this issue, making it non-trivial to resolve without external libraries. One of the simplest solutions is to convert the source code and system configuration to UTF-8. You can use tools like iconv or the Python tool cvt2utf to convert to UTF-8. To install cvt2utf, you can run:
pip install cvt2utf
Technically, Flawfinder uses lexical scanning to identify tokens (such as function names) that suggest potential vulnerabilities. It estimates their risk level (e.g., based on the text of function calls) and reports the results. Flawfinder does not analyze control flow, data flow, or data types, which means it may generate false positives and miss certain vulnerabilities.
On the other hand, Flawfinder can find vulnerabilities in code that cannot be compiled or linked. Additionally, it handles macro definitions and other unusual constructs more gracefully than some more sophisticated tools.
Flawfinder is released under the GNU GPL license version 2 or later (GPL-2.0+). See the COPYING file for license information.
https://github.com/david-a-wheeler/flawfinder/blob/master/COPYING