diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 521d1730..42bf356f 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -34,6 +34,20 @@ jobs: make clean make cppcheck + flawfinder: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - name: Create Build Environment + run: | + sudo apt-get update -qq + sudo apt-get install -qq flawfinder + - name: cppcheck + run: | + flawfinder --version + make clean + make flawfinder + codespell: runs-on: ubuntu-latest steps: diff --git a/Makefile b/Makefile index 4d836e45..3844094f 100644 --- a/Makefile +++ b/Makefile @@ -222,10 +222,16 @@ lint: CPPCHECK_OPTIONS = --enable=warning,portability CPPCHECK_OPTIONS += --template=gcc CPPCHECK_OPTIONS += --suppress=selfAssignment +CPPCHECK_OPTIONS += --suppress=integerOverflow +CPPCHECK_OPTIONS += --error-exitcode=1 .PHONY: cppcheck cppcheck: cppcheck $(CPPCHECK_OPTIONS) --quiet --force ./src/ +.PHONY: flawfinder +flawfinder: + flawfinder --minlevel 5 --error-level=5 ./src/ + IGNORE_WORDS = ba CODESPELL_OPTIONS = --write-changes --interactive 3 --enable-colors CODESPELL_OPTIONS += --ignore-words-list $(IGNORE_WORDS) diff --git a/src/bacnet/basic/object/av.c b/src/bacnet/basic/object/av.c index c4aa9b6d..39f11a62 100644 --- a/src/bacnet/basic/object/av.c +++ b/src/bacnet/basic/object/av.c @@ -946,8 +946,9 @@ void Analog_Value_Intrinsic_Reporting(uint32_t object_instance) ToState = CurrentAV->Ack_notify_data.EventState; #if PRINT_ENABLED - fprintf(stderr, "Send Acknotification for (%s,%d).\n", - bactext_object_type_name(OBJECT_ANALOG_VALUE), object_instance); + fprintf(stderr, "Send Acknotification for (%s,%u).\n", + bactext_object_type_name(OBJECT_ANALOG_VALUE), + (unsigned)object_instance); #endif /* PRINT_ENABLED */ characterstring_init_ansi(&msgText, "AckNotification"); @@ -1094,8 +1095,9 @@ void Analog_Value_Intrinsic_Reporting(uint32_t object_instance) } /* switch (ToState) */ #if PRINT_ENABLED - fprintf(stderr, "Event_State for (%s,%d) goes from %s to %s.\n", - bactext_object_type_name(OBJECT_ANALOG_VALUE), object_instance, + fprintf(stderr, "Event_State for (%s,%u) goes from %s to %s.\n", + bactext_object_type_name(OBJECT_ANALOG_VALUE), + (unsigned)object_instance, bactext_event_state_name(FromState), bactext_event_state_name(ToState)); #endif /* PRINT_ENABLED */ diff --git a/src/bacnet/basic/object/bacfile.c b/src/bacnet/basic/object/bacfile.c index 2689ee89..e34da9dc 100644 --- a/src/bacnet/basic/object/bacfile.c +++ b/src/bacnet/basic/object/bacfile.c @@ -544,7 +544,7 @@ bool bacfile_read_ack_stream_data( pFilename = bacfile_name(instance); if (pFilename) { found = true; - pFile = fopen(pFilename, "rb"); + pFile = fopen(pFilename, "rb+"); if (pFile) { (void)fseek(pFile, data->type.stream.fileStartPosition, SEEK_SET); if (fwrite(octetstring_value(&data->fileData[0]), @@ -574,7 +574,7 @@ bool bacfile_read_ack_record_data( pFilename = bacfile_name(instance); if (pFilename) { found = true; - pFile = fopen(pFilename, "rb"); + pFile = fopen(pFilename, "rb+"); if (pFile) { if (data->type.record.fileStartRecord > 0) { for (i = 0; i < (uint32_t)data->type.record.fileStartRecord; diff --git a/src/bacnet/basic/service/h_arf.c b/src/bacnet/basic/service/h_arf.c index a5fa6d26..1287ffbc 100644 --- a/src/bacnet/basic/service/h_arf.c +++ b/src/bacnet/basic/service/h_arf.c @@ -173,7 +173,7 @@ void handler_atomic_read_file(uint8_t *service_request, #if PRINT_ENABLED fprintf(stderr, "ARF: fileStartRecord %d, %u RecordCount.\n", (int)data.type.record.fileStartRecord, - (int)data.type.record.RecordCount); + (unsigned)data.type.record.RecordCount); #endif len = arf_ack_encode_apdu(&Handler_Transmit_Buffer[pdu_len], service_data->invoke_id, &data); diff --git a/src/bacnet/basic/service/h_getevent.c b/src/bacnet/basic/service/h_getevent.c index 5d682c74..1e0aadf8 100644 --- a/src/bacnet/basic/service/h_getevent.c +++ b/src/bacnet/basic/service/h_getevent.c @@ -55,7 +55,7 @@ void ge_ack_print_data( const char *state_strs[] = { "NO", "FA", "ON", "HL", "LL" }; printf("DeviceID\tType\tInstance\teventState\n"); printf("--------------- ------- --------------- ---------------\n"); - int count = 0; + unsigned int count = 0; while (act_data) { printf("%u\t\t%u\t%u\t\t%s\n", device_id, act_data->objectIdentifier.type, diff --git a/src/bacnet/property.c b/src/bacnet/property.c index 60bff28c..a0bb0fbd 100644 --- a/src/bacnet/property.c +++ b/src/bacnet/property.c @@ -1509,7 +1509,7 @@ BACNET_PROPERTY_ID property_list_special_property( { int property = -1; /* return value */ unsigned required, optional, proprietary; - struct special_property_list_t PropertyList = { { 0 } }; + struct special_property_list_t PropertyList = { 0 }; property_list_special(object_type, &PropertyList); required = PropertyList.Required.count; @@ -1552,7 +1552,7 @@ unsigned property_list_special_count( BACNET_OBJECT_TYPE object_type, BACNET_PROPERTY_ID special_property) { unsigned count = 0; /* return value */ - struct special_property_list_t PropertyList = { { 0 } }; + struct special_property_list_t PropertyList = { 0 }; property_list_special(object_type, &PropertyList); if (special_property == PROP_ALL) {