VimPlug/ale
1
0
Fork 0
mirror of https://github.com/dense-analysis/ale.git synced 2026-02-28 04:22:27 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
bfc412a77ba108b1529f48548def8b0ab56e95a1
ale/autoload/ale/handlers/flawfinder.vim
w0rp 3e11cbd18d Update syntax checking 
* Line continuation characters should be on the same lines.
* .vim file line indentation should be a multiple of 4.
2019-02-06 18:05:13 +00:00

49 lines
2.1 KiB
VimL
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
scriptencoding utf-8
" Author: Christian Gibbons <cgibbons@gmu.edu>
" Description: This file defines a handler function that should work for the
" flawfinder format with the -CDQS flags.
" Swiped this function from the GCC handler. Not sure if needed, but doesn't
" hurt to have it.
function! s:RemoveUnicodeQuotes(text) abort
let l:text = a:text
let l:text = substitute(l:text, '[`´]', '''', 'g')
let l:text = substitute(l:text, '\v\\u2018([^\\]+)\\u2019', '''\1''', 'g')
let l:text = substitute(l:text, '[“”]', '"', 'g')
return l:text
endfunction
function! ale#handlers#flawfinder#HandleFlawfinderFormat(buffer, lines) abort
" Look for lines like the following.
"
" <stdin>:12:4: [2] (buffer) char:Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length.
" <stdin>:31:4: [1] (buffer) strncpy:Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120).
let l:pattern = '\v^([a-zA-Z]?:?[^:]+):(\d+):(\d+)?:? ( \[[0-5]\] [^:]+):(.+)$'
let l:output = []
for l:match in ale#util#GetMatches(a:lines, l:pattern)
" Use severity level to determine if it should be considered a warning
" or error.
let l:severity = str2nr(matchstr(split(l:match[4])[0], '[0-5]'))
let l:item = {
\ 'lnum': str2nr(l:match[2]),
\ 'col': str2nr(l:match[3]),
\ 'type': (l:severity < ale#Var(a:buffer, 'c_flawfinder_error_severity'))
\ ? 'W' : 'E',
\ 'text': s:RemoveUnicodeQuotes(join(split(l:match[4])[1:]) . ': ' . l:match[5]),
\}
" If the filename is something like <stdin>, <nofile> or -, then
" this is an error for the file we checked.
if l:match[1] isnot# '-' && l:match[1][0] isnot# '<'
let l:item['filename'] = l:match[1]
endif
call add(l:output, l:item)
endfor
return l:output
endfunction
Reference in New Issue View Git Blame Copy Permalink