picuscan 1.0.0rc1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (93) hide show
  1. picuscan-1.0.0rc1/PKG-INFO +90 -0
  2. picuscan-1.0.0rc1/README.md +60 -0
  3. picuscan-1.0.0rc1/pyproject.toml +85 -0
  4. picuscan-1.0.0rc1/src/picuscan/__init__.py +57 -0
  5. picuscan-1.0.0rc1/src/picuscan/__main__.py +7 -0
  6. picuscan-1.0.0rc1/src/picuscan/analyzer/__init__.py +3 -0
  7. picuscan-1.0.0rc1/src/picuscan/analyzer/cwe.py +261 -0
  8. picuscan-1.0.0rc1/src/picuscan/analyzer/options.py +224 -0
  9. picuscan-1.0.0rc1/src/picuscan/analyzer/tool.py +109 -0
  10. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/__init__.py +32 -0
  11. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/codechecker.py +229 -0
  12. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/cppcheck.py +166 -0
  13. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/__init__.py +36 -0
  14. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/rules/CodeChecker.json +3341 -0
  15. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/rules/Cppcheck.json +101 -0
  16. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/rules/Flawfinder.json +10 -0
  17. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/rules/GCC.json +16 -0
  18. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/rules/IKOS.json +290 -0
  19. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/rules/Infer.json +114 -0
  20. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/data/rules/RATS.json +10 -0
  21. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/flawfinder.py +40 -0
  22. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/gcc.py +137 -0
  23. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/ikos.py +145 -0
  24. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/infer.py +142 -0
  25. picuscan-1.0.0rc1/src/picuscan/analyzer/tools/rats.py +120 -0
  26. picuscan-1.0.0rc1/src/picuscan/analyzer/transforms/__init__.py +255 -0
  27. picuscan-1.0.0rc1/src/picuscan/analyzer/transforms/_mark_open.py +22 -0
  28. picuscan-1.0.0rc1/src/picuscan/analyzer/transforms/_rank.py +26 -0
  29. picuscan-1.0.0rc1/src/picuscan/analyzer/transforms/_results.py +76 -0
  30. picuscan-1.0.0rc1/src/picuscan/analyzer/transforms/_split_informational.py +35 -0
  31. picuscan-1.0.0rc1/src/picuscan/commands/__init__.py +28 -0
  32. picuscan-1.0.0rc1/src/picuscan/commands/analyze.py +164 -0
  33. picuscan-1.0.0rc1/src/picuscan/commands/compat/__init__.py +131 -0
  34. picuscan-1.0.0rc1/src/picuscan/commands/compat/project.py +78 -0
  35. picuscan-1.0.0rc1/src/picuscan/commands/compile_commands.py +408 -0
  36. picuscan-1.0.0rc1/src/picuscan/commands/cpg.py +152 -0
  37. picuscan-1.0.0rc1/src/picuscan/commands/misc.py +81 -0
  38. picuscan-1.0.0rc1/src/picuscan/commands/preprocess.py +205 -0
  39. picuscan-1.0.0rc1/src/picuscan/commands/preprocess2.py +276 -0
  40. picuscan-1.0.0rc1/src/picuscan/commands/sarif.py +540 -0
  41. picuscan-1.0.0rc1/src/picuscan/commands/unity.py +86 -0
  42. picuscan-1.0.0rc1/src/picuscan/common/__init__.py +3 -0
  43. picuscan-1.0.0rc1/src/picuscan/common/cattrs/__init__.py +17 -0
  44. picuscan-1.0.0rc1/src/picuscan/common/cattrs/_configure.py +87 -0
  45. picuscan-1.0.0rc1/src/picuscan/common/cattrs/_override.py +56 -0
  46. picuscan-1.0.0rc1/src/picuscan/common/cattrs/metadata.py +42 -0
  47. picuscan-1.0.0rc1/src/picuscan/common/cpg/__init__.py +91 -0
  48. picuscan-1.0.0rc1/src/picuscan/common/file/__init__.py +241 -0
  49. picuscan-1.0.0rc1/src/picuscan/common/tqdm_support.py +9 -0
  50. picuscan-1.0.0rc1/src/picuscan/compdb/__init__.py +8 -0
  51. picuscan-1.0.0rc1/src/picuscan/compdb/_converter.py +50 -0
  52. picuscan-1.0.0rc1/src/picuscan/compdb/_types.py +87 -0
  53. picuscan-1.0.0rc1/src/picuscan/compdb/_utils.py +47 -0
  54. picuscan-1.0.0rc1/src/picuscan/config.py +49 -0
  55. picuscan-1.0.0rc1/src/picuscan/constants.py +32 -0
  56. picuscan-1.0.0rc1/src/picuscan/fs/__init__.py +8 -0
  57. picuscan-1.0.0rc1/src/picuscan/fs/_lazyfile.py +91 -0
  58. picuscan-1.0.0rc1/src/picuscan/fs/_tempfile.py +110 -0
  59. picuscan-1.0.0rc1/src/picuscan/gcc/__init__.py +122 -0
  60. picuscan-1.0.0rc1/src/picuscan/gcc/diagnostics.py +55 -0
  61. picuscan-1.0.0rc1/src/picuscan/io.py +21 -0
  62. picuscan-1.0.0rc1/src/picuscan/llvm/__init__.py +3 -0
  63. picuscan-1.0.0rc1/src/picuscan/llvm/callgraph.py +88 -0
  64. picuscan-1.0.0rc1/src/picuscan/llvm/config.py +95 -0
  65. picuscan-1.0.0rc1/src/picuscan/llvm/unity.py +263 -0
  66. picuscan-1.0.0rc1/src/picuscan/logging/__init__.py +80 -0
  67. picuscan-1.0.0rc1/src/picuscan/logging/_ansi.py +33 -0
  68. picuscan-1.0.0rc1/src/picuscan/logging/_tqdm.py +30 -0
  69. picuscan-1.0.0rc1/src/picuscan/misc/__init__.py +3 -0
  70. picuscan-1.0.0rc1/src/picuscan/misc/asyncutils.py +73 -0
  71. picuscan-1.0.0rc1/src/picuscan/misc/collections/__init__.py +7 -0
  72. picuscan-1.0.0rc1/src/picuscan/misc/collections/_globset.py +34 -0
  73. picuscan-1.0.0rc1/src/picuscan/misc/cppcheck/__init__.py +157 -0
  74. picuscan-1.0.0rc1/src/picuscan/misc/cppcheck/_stdlib.py +149 -0
  75. picuscan-1.0.0rc1/src/picuscan/misc/cppcheck/error.py +7 -0
  76. picuscan-1.0.0rc1/src/picuscan/misc/cppcheck/event.py +31 -0
  77. picuscan-1.0.0rc1/src/picuscan/misc/cppcheck/output.py +55 -0
  78. picuscan-1.0.0rc1/src/picuscan/misc/cppcheck/tqdm.py +32 -0
  79. picuscan-1.0.0rc1/src/picuscan/misc/decorators.py +57 -0
  80. picuscan-1.0.0rc1/src/picuscan/misc/git/__init__.py +92 -0
  81. picuscan-1.0.0rc1/src/picuscan/misc/git/status.py +144 -0
  82. picuscan-1.0.0rc1/src/picuscan/misc/iterutils.py +23 -0
  83. picuscan-1.0.0rc1/src/picuscan/misc/math.py +15 -0
  84. picuscan-1.0.0rc1/src/picuscan/misc/paramtypes.py +156 -0
  85. picuscan-1.0.0rc1/src/picuscan/misc/strutils.py +101 -0
  86. picuscan-1.0.0rc1/src/picuscan/misc/sysutils.py +19 -0
  87. picuscan-1.0.0rc1/src/picuscan/process.py +194 -0
  88. picuscan-1.0.0rc1/src/picuscan/sarif/__init__.py +39 -0
  89. picuscan-1.0.0rc1/src/picuscan/sarif/converter.py +37 -0
  90. picuscan-1.0.0rc1/src/picuscan/sarif/models.py +252 -0
  91. picuscan-1.0.0rc1/src/picuscan/sarif/version.py +9 -0
  92. picuscan-1.0.0rc1/src/picuscan/sarif/visitor.py +95 -0
  93. picuscan-1.0.0rc1/src/picuscan/typing.py +50 -0
@@ -0,0 +1,90 @@
1
+ Metadata-Version: 2.4
2
+ Name: picuscan
3
+ Version: 1.0.0rc1
4
+ Summary: A unified orchestration and enrichment layer for C/C++ static analysis tools
5
+ Author: AISEC Code Audit Team
6
+ License-Expression: Apache-2.0
7
+ Classifier: Development Status :: 4 - Beta
8
+ Classifier: Topic :: Security
9
+ Classifier: Operating System :: POSIX :: Linux
10
+ Classifier: Programming Language :: Python :: 3.11
11
+ Classifier: Programming Language :: Python :: 3.12
12
+ Classifier: Programming Language :: Python :: 3.13
13
+ Classifier: Programming Language :: Python :: 3.14
14
+ Requires-Dist: attrs>=25.2.0
15
+ Requires-Dist: cattrs>=25.1.0
16
+ Requires-Dist: click>=8.0.3
17
+ Requires-Dist: neo4j>=6.0.1
18
+ Requires-Dist: networkx>=3.0
19
+ Requires-Dist: tqdm>=4.68.4
20
+ Requires-Dist: xmltodict>=1.0.0
21
+ Requires-Dist: pandas>=2.0.3
22
+ Requires-Dist: tabulate>=0.9.0
23
+ Maintainer: Tobias Specht, Hannah Schmid
24
+ Maintainer-email: Tobias Specht <tobias.specht@aisec.fraunhofer.de>, Hannah Schmid <hannah.schmid@aisec.fraunhofer.de>
25
+ Requires-Python: >=3.11, <3.15
26
+ Project-URL: Documentation, https://github.com/Fraunhofer-AISEC/picuscan
27
+ Project-URL: Repository, https://github.com/Fraunhofer-AISEC/picuscan
28
+ Project-URL: Bug Tracker, https://github.com/Fraunhofer-AISEC/picuscan/issues
29
+ Description-Content-Type: text/markdown
30
+
31
+ <!--
32
+ SPDX-FileCopyrightText: 2026 AISEC Code Audit Team
33
+
34
+ SPDX-License-Identifier: CC0-1.0
35
+ -->
36
+
37
+ # Picuscan
38
+
39
+ Picuscan (Picus: Latin for woodpecker; a scanner hunting for bugs in source code) is an orchestration and utility tool for C/C++ security code audits. It provides a unified interface for running multiple external static analysis (SAST) tools, aggregates and normalizes their findings, and enriches the results with security metadata such as CWE categories.
40
+
41
+ Picuscan does not perform static analysis itself; instead, it collects tool outputs and turns them into a single, audit-focused view. It also ranks findings using a heuristic that combines tool feedback with practical experience to help auditors prioritize likely true positives. Additional utilities support audit preparation, including generating compilation databases, preparing source code, and working with SARIF files.
42
+
43
+ ## Quick Start
44
+
45
+ ### Docker (Recommended)
46
+
47
+ ```bash
48
+ $ docker pull ghcr.io/fraunhofer-aisec/picuscan:main
49
+ $ docker run --rm -it -v $PWD:$PWD:z -w $PWD --entrypoint bash ghcr.io/fraunhofer-aisec/picuscan:main
50
+ $ picuscan --help
51
+ ```
52
+
53
+ See [Installation → Docker](docs/installation.md#docker) for more details.
54
+
55
+ ### From PyPI
56
+
57
+ ```bash
58
+ $ pipx install picuscan
59
+ $ picuscan --help
60
+ ```
61
+
62
+ **Note:** When installing via pip, you must install the analysis tools separately. See [Installation → Dependencies](docs/installation.md#dependencies) for a list of supported tools.
63
+
64
+ ## Usage
65
+
66
+ You need a [compilation database][compdb] for the analysis to work.
67
+ Run analysis and generate a SARIF report:
68
+
69
+ ```bash
70
+ $ picuscan analyze
71
+ ```
72
+
73
+ See [Usage](docs/usage.md) for comprehensive documentation.
74
+
75
+ ## Documentation
76
+
77
+ - [Installation](docs/installation.md) - Docker and pip installation
78
+ - [Usage](docs/usage.md) - Analysis, compilation databases, preprocessing
79
+ - [Analyzers](docs/analyzers.md) - Tool-specific options and configurations
80
+
81
+ ## License
82
+
83
+ [Apache-2.0](LICENSE)
84
+
85
+ ## Acknowledgments
86
+
87
+ This work was partly funded by the German Federal Ministry of Economic Affairs and Energy (BMWE) as part of the ATLAS-L4 project (grant no. 19A21048D).
88
+ This work was partly funded by the German Federal Ministry of Education and Research (BMBF) as part of the SHIQ project (grant no. 16KIS1955).
89
+
90
+ [compdb]: https://clang.llvm.org/docs/JSONCompilationDatabase.html
@@ -0,0 +1,60 @@
1
+ <!--
2
+ SPDX-FileCopyrightText: 2026 AISEC Code Audit Team
3
+
4
+ SPDX-License-Identifier: CC0-1.0
5
+ -->
6
+
7
+ # Picuscan
8
+
9
+ Picuscan (Picus: Latin for woodpecker; a scanner hunting for bugs in source code) is an orchestration and utility tool for C/C++ security code audits. It provides a unified interface for running multiple external static analysis (SAST) tools, aggregates and normalizes their findings, and enriches the results with security metadata such as CWE categories.
10
+
11
+ Picuscan does not perform static analysis itself; instead, it collects tool outputs and turns them into a single, audit-focused view. It also ranks findings using a heuristic that combines tool feedback with practical experience to help auditors prioritize likely true positives. Additional utilities support audit preparation, including generating compilation databases, preparing source code, and working with SARIF files.
12
+
13
+ ## Quick Start
14
+
15
+ ### Docker (Recommended)
16
+
17
+ ```bash
18
+ $ docker pull ghcr.io/fraunhofer-aisec/picuscan:main
19
+ $ docker run --rm -it -v $PWD:$PWD:z -w $PWD --entrypoint bash ghcr.io/fraunhofer-aisec/picuscan:main
20
+ $ picuscan --help
21
+ ```
22
+
23
+ See [Installation → Docker](docs/installation.md#docker) for more details.
24
+
25
+ ### From PyPI
26
+
27
+ ```bash
28
+ $ pipx install picuscan
29
+ $ picuscan --help
30
+ ```
31
+
32
+ **Note:** When installing via pip, you must install the analysis tools separately. See [Installation → Dependencies](docs/installation.md#dependencies) for a list of supported tools.
33
+
34
+ ## Usage
35
+
36
+ You need a [compilation database][compdb] for the analysis to work.
37
+ Run analysis and generate a SARIF report:
38
+
39
+ ```bash
40
+ $ picuscan analyze
41
+ ```
42
+
43
+ See [Usage](docs/usage.md) for comprehensive documentation.
44
+
45
+ ## Documentation
46
+
47
+ - [Installation](docs/installation.md) - Docker and pip installation
48
+ - [Usage](docs/usage.md) - Analysis, compilation databases, preprocessing
49
+ - [Analyzers](docs/analyzers.md) - Tool-specific options and configurations
50
+
51
+ ## License
52
+
53
+ [Apache-2.0](LICENSE)
54
+
55
+ ## Acknowledgments
56
+
57
+ This work was partly funded by the German Federal Ministry of Economic Affairs and Energy (BMWE) as part of the ATLAS-L4 project (grant no. 19A21048D).
58
+ This work was partly funded by the German Federal Ministry of Education and Research (BMBF) as part of the SHIQ project (grant no. 16KIS1955).
59
+
60
+ [compdb]: https://clang.llvm.org/docs/JSONCompilationDatabase.html
@@ -0,0 +1,85 @@
1
+ # SPDX-FileCopyrightText: 2026 AISEC Code Audit Team
2
+ #
3
+ # SPDX-License-Identifier: CC0-1.0
4
+
5
+ [build-system]
6
+ requires = ["uv_build>=0.11.28,<0.12.0"]
7
+ build-backend = "uv_build"
8
+
9
+ [project]
10
+ name = "picuscan"
11
+ version = "1.0.0rc1"
12
+ description = "A unified orchestration and enrichment layer for C/C++ static analysis tools"
13
+ readme = "README.md"
14
+ license = "Apache-2.0"
15
+ authors = [{name = "AISEC Code Audit Team"}]
16
+ maintainers = [
17
+ { name = "Tobias Specht", email = "tobias.specht@aisec.fraunhofer.de" },
18
+ { name = "Hannah Schmid", email = "hannah.schmid@aisec.fraunhofer.de" }
19
+ ]
20
+ classifiers = [
21
+ "Development Status :: 4 - Beta",
22
+ "Topic :: Security",
23
+ "Operating System :: POSIX :: Linux",
24
+ "Programming Language :: Python :: 3.11",
25
+ "Programming Language :: Python :: 3.12",
26
+ "Programming Language :: Python :: 3.13",
27
+ "Programming Language :: Python :: 3.14",
28
+ ]
29
+ requires-python = ">=3.11,<3.15"
30
+ dependencies = [
31
+ "attrs>=25.2.0",
32
+ "cattrs>=25.1.0",
33
+ "click>=8.0.3",
34
+ "neo4j>=6.0.1",
35
+ "networkx>=3.0",
36
+ "tqdm>=4.68.4",
37
+ "xmltodict>=1.0.0",
38
+ "pandas>=2.0.3",
39
+ "tabulate>=0.9.0",
40
+ ]
41
+
42
+ [dependency-groups]
43
+ dev = [
44
+ "ruff>=0.15.21",
45
+ "pytest>=9.0.1",
46
+ "pytest-asyncio>=1.3.0",
47
+ "pytest-mock>=3.15.1",
48
+ "pandas-stubs>=2.3.2.250926",
49
+ "mypy>=2.3.0",
50
+ "types-tqdm>=4.68.0.20260608",
51
+ "types-xmltodict>=1.0.1.20260518",
52
+ "types-networkx>=3.6.1.20260624",
53
+ "typing-extensions>=4.0.1",
54
+ "reuse>=6.2.0",
55
+ ]
56
+
57
+ [project.scripts]
58
+ picuscan = "picuscan:main"
59
+
60
+ [project.urls]
61
+ Documentation = "https://github.com/Fraunhofer-AISEC/picuscan"
62
+ Repository = "https://github.com/Fraunhofer-AISEC/picuscan"
63
+ "Bug Tracker" = "https://github.com/Fraunhofer-AISEC/picuscan/issues"
64
+
65
+ [tool.uv]
66
+ package = true
67
+ build-constraint-dependencies = ["setuptools<81"]
68
+
69
+ [tool.ruff]
70
+ line-length = 120
71
+ target-version = "py311"
72
+ [tool.ruff.lint]
73
+ select = ["E", "F", "W"]
74
+ ignore = ["E501"]
75
+
76
+ [tool.pytest.ini_options]
77
+ asyncio_mode = "auto"
78
+ asyncio_default_fixture_loop_scope = "function"
79
+
80
+ [tool.mypy]
81
+ strict = true
82
+ native_parser = true
83
+ num_workers = 4
84
+
85
+
@@ -0,0 +1,57 @@
1
+ # SPDX-FileCopyrightText: 2026 AISEC Code Audit Team
2
+ #
3
+ # SPDX-License-Identifier: Apache-2.0
4
+
5
+ from __future__ import annotations
6
+
7
+ import importlib
8
+ import pkgutil
9
+ from asyncio import Semaphore
10
+ from typing import Any
11
+
12
+ import click
13
+
14
+ from . import commands, logging
15
+ from .config import Config
16
+ from .misc import sysutils
17
+
18
+ logging.install()
19
+ logger = logging.get_logger(__name__)
20
+
21
+
22
+ class Loader(click.Group):
23
+ def list_commands(self, ctx: click.Context) -> list[str]:
24
+ return [name.replace("_", "-") for _, name, _ in pkgutil.iter_modules(commands.__path__)]
25
+
26
+ def get_command(self, ctx: click.Context, cmd_name: str) -> click.Command | None:
27
+ cmd_name = cmd_name.replace("-", "_")
28
+ try:
29
+ # When a user runs 'picuscan some-command', look for the
30
+ # command definition in 'picuscan.commands.some_command'
31
+ module = importlib.import_module(f"{commands.__name__}.{cmd_name}")
32
+ cmd = getattr(module, "cli")
33
+ if isinstance(cmd, click.Command):
34
+ return cmd
35
+ except (ModuleNotFoundError, AttributeError):
36
+ pass
37
+ return None
38
+
39
+
40
+ LEVELS = ("CRITICAL", "ERROR", "WARNING", "INFO", "DEBUG")
41
+
42
+
43
+ @click.command(cls=Loader, help="Picuscan")
44
+ @click.option(
45
+ "--log", type=click.Choice(LEVELS, case_sensitive=False), default="INFO", show_default=True, help="Log level."
46
+ )
47
+ @click.option(
48
+ "--max-jobs", "-j", type=click.IntRange(1), default=sysutils.cpu_count(), help="Maximum number of processes."
49
+ )
50
+ @click.option("--keep-tmps", is_flag=True, help="Don't delete temporary files.")
51
+ @click.version_option()
52
+ @click.pass_context
53
+ def main(ctx: click.Context, /, log: str, max_jobs: int, **kwds: Any) -> None:
54
+ logger.setLevel(log)
55
+ semaphore = Semaphore(max_jobs)
56
+ # Make the configuration available in all subcommand contexts
57
+ ctx.obj = Config(job_semaphore=semaphore, **kwds)
@@ -0,0 +1,7 @@
1
+ # SPDX-FileCopyrightText: 2026 AISEC Code Audit Team
2
+ #
3
+ # SPDX-License-Identifier: Apache-2.0
4
+
5
+ from picuscan import main
6
+
7
+ main()
@@ -0,0 +1,3 @@
1
+ # SPDX-FileCopyrightText: 2026 AISEC Code Audit Team
2
+ #
3
+ # SPDX-License-Identifier: Apache-2.0
@@ -0,0 +1,261 @@
1
+ # SPDX-FileCopyrightText: 2026 AISEC Code Audit Team
2
+ #
3
+ # SPDX-License-Identifier: Apache-2.0
4
+
5
+ """Map tool rules to CWE categories."""
6
+
7
+ mapping = {
8
+ "clangsa": {
9
+ "core.CallAndMessage": "CWE-628",
10
+ "core.DivideZero": "CWE-369",
11
+ "core.NonNullParamChecker": "CWE-233",
12
+ "unix.cstring.NullArg": "CWE-233",
13
+ "core.NullDereference": "CWE-476",
14
+ "core.uninitialized.ArraySubscript": "CWE-129",
15
+ "core.uninitialized.Assign": "CWE-457",
16
+ "core.uninitialized.Branch": "CWE-665",
17
+ "core.uninitialized.UndefReturn": "CWE-457",
18
+ "cplusplus.NewDeleteLeaks": "CWE-401",
19
+ "deadcode.DeadStores": "CWE-563",
20
+ "security.FloatLoopCounter": "CWE-1077",
21
+ "unix.API": "CWE-242",
22
+ "unix.Malloc": "CWE-770",
23
+ "unix.MallocSizeof": "CWE-704",
24
+ "unix.BlockInCriticalSection": "CWE-667",
25
+ "unix.Stream": "CWE-775",
26
+ "unix.StdCLibraryFunctions": "CWE-233",
27
+ "valist.Unterminated": "CWE-401",
28
+ "security.insecureAPI.DeprecatedOrUnsafeBufferHandling": "CWE-120",
29
+ "security.insecureAPI.strcpy": "CWE-120",
30
+ "security.insecureAPI.vfork": "CWE-676",
31
+ "cplusplus.StringChecker": "CWE-476",
32
+ "cplusplus.PlacementNew": "CWE-119",
33
+ "core.UndefinedBinaryOperatorResult": "CWE-457",
34
+ "cplusplus.PureVirtualCall": "CWE-758",
35
+ "core.StackAddressEscape": "CWE-562",
36
+ "core.BitwiseShift": "CWE-190",
37
+ "optin.core.EnumCastOutOfRange": "CWE-704",
38
+ "alpha.core.CastSize": "CWE-704",
39
+ "alpha.core.SizeofPtr": "CWE-467",
40
+ "alpha.clone.CloneChecker": "CWE-1041",
41
+ "alpha.security.ArrayBound": "CWE-119",
42
+ "alpha.security.ArrayBoundV2": "CWE-119",
43
+ "alpha.cplusplus.EnumCastOutOfRange": "CWE-704",
44
+ "alpha.cplusplus.IteratorRange": "CWE-118",
45
+ "alpha.deadcode.UnreachableCode": "CWE-561",
46
+ "alpha.unix.cstring.OutOfBounds": "CWE-119",
47
+ "alpha.unix.cstring.BufferOverlap": "CWE-119",
48
+ "alpha.security.ReturnPtrRange": "CWE-119",
49
+ "alpha.unix.cstring.UninitializedRead": "CWE-457",
50
+ "alpha.core.Conversion": "CWE-681",
51
+ "alpha.core.PointerArithm": "CWE-465",
52
+ "alpha.security.MallocOverflow": "CWE-190",
53
+ "alpha.cplusplus.InvalidatedIterator": "CWE-118",
54
+ "alpha.cplusplus.MismatchedIterator": "CWE-118",
55
+ "alpha.unix.PthreadLock": "CWE-667",
56
+ "alpha.core.CastToStruct": "CWE-704",
57
+ "alpha.core.FixedAddr": "CWE-587",
58
+ },
59
+ "clang-tidy": {
60
+ "bugprone-integer-division": "CWE-682",
61
+ "clang-diagnostic-constant-conversion": "CWE-704",
62
+ "clang-diagnostic-incompatible-pointer-types": "CWE-843",
63
+ "clang-diagnostic-missing-field-initializers": "CWE-665",
64
+ "clang-diagnostic-unused-const-variable": "CWE-563",
65
+ "misc-incorrect-roundings": "CWE-682",
66
+ "misc-misplaced-const": "CWE-843",
67
+ "misc-misplaced-widening-cast": "CWE-704",
68
+ "misc-redundant-expression": "CWE-1041",
69
+ "misc-sizeof-expression": "CWE-467",
70
+ "misc-*": "CWE-1006",
71
+ "modernize-*": "CWE-1006",
72
+ "performance-*": "CWE-1006",
73
+ "altera-*": "CWE-1006",
74
+ "boost-use-*": "CWE-1006",
75
+ "bugprone-narrowing-conversions": "CWE-681",
76
+ "bugprone-exception-escape": "CWE-248",
77
+ "concurrency-mt-unsafe": "CWE-362",
78
+ "misc-no-recursion": "CWE-674",
79
+ "bugprone-implicit-widening-of-multiplication-result": "CWE-681",
80
+ "bugprone-signed-char-misuse": "CWE-681",
81
+ "bugprone-move-forwarding-reference": "CWE-676",
82
+ "bugprone-misplaced-widening-cast": "CWE-681",
83
+ "bugprone-macro-parentheses": "CWE-1006",
84
+ "bugprone-unchecked-optional-access": "CWE-457",
85
+ "clang-diagnostic-uninitialized": "CWE-457",
86
+ "clang-diagnostic-format": "CWE-1006",
87
+ "clang-diagnostic-format-nonliteral": "CWE-134",
88
+ "clang-diagnostic-deprecated-declarations": "CWE-477",
89
+ "clang-diagnostic-sometimes-uninitialized": "CWE-457",
90
+ "clang-diagnostic-conditional-uninitialized": "CWE-457",
91
+ "clang-diagnostic-return-stack-address": "CWE-562",
92
+ "clang-diagnostic-dangling-gsl": "CWE-826",
93
+ "clang-diagnostic-unsafe-buffer-usage": "CWE-119",
94
+ "clang-diagnostic-fortify-source": "CWE-119",
95
+ "clang-diagnostic-*": "CWE-1006",
96
+ "bugprone-*": "CWE-1006",
97
+ "readability-*": "CWE-1006",
98
+ "cert-msc32-c": "CWE-335",
99
+ "cert-msc30-c": "CWE-330",
100
+ "cert-str34-c": "CWE-681",
101
+ "cert-dcl59-cpp": "CWE-1006",
102
+ "cert-err58-cpp": "CWE-248",
103
+ "cert-msc51-cpp": "CWE-335",
104
+ "cert-int09-c": "CWE-1006",
105
+ "cert-dcl37-c": "CWE-1006",
106
+ "cert-dcl51-cpp": "CWE-1006",
107
+ "cert-oop54-cpp": "CWE-416",
108
+ "cert-err33-c": "CWE-252",
109
+ "cert-err34-c": "CWE-704",
110
+ "cert-ctr56-cpp": "CWE-465",
111
+ "google-build-namespaces": "CWE-1006",
112
+ "clang-diagnostic-division-by-zero": "CWE-369",
113
+ "clang-diagnostic-unused-result": "CWE-252",
114
+ "clang-diagnostic-switch-enum": "CWE-1023",
115
+ "clang-diagnostic-implicit*": "CWE-704",
116
+ "clang-diagnostic-return-type": "CWE-1006",
117
+ "clang-diagnostic-misleading-indentation": "CWE-1006",
118
+ "clang-diagnostic-dangling-else": "CWE-1006",
119
+ "clang-diagnostic-unused-value": "CWE-252",
120
+ "clang-diagnostic-implicit-int-conversion": "CWE-681",
121
+ },
122
+ "infer": {
123
+ "BUFFER_OVERRUN_*": "CWE-119",
124
+ "DEAD_STORE": "CWE-563",
125
+ "INFERBO_ALLOC_IS_NEGATIVE": "CWE-119",
126
+ "INFERBO_ALLOC_IS_ZERO": "CWE-131",
127
+ "NULL_DEREFERENCE*": "CWE-476",
128
+ "NULLPTR_DEREFERENCE*": "CWE-476",
129
+ "COMPARED_TO_NULL_AND_DEREFERENCED": "CWE-476",
130
+ "*RESOURCE_LEAK": "CWE-404",
131
+ "SHELL_INJECTION": "CWE-807",
132
+ "*UNINITIALIZED_VALUE*": "CWE-457",
133
+ "USE_AFTER_FREE*": "CWE-416",
134
+ "USE_AFTER_DELETE*": "CWE-416",
135
+ "USE_AFTER_LIFETIME*": "CWE-826",
136
+ "LOCK_CONSISTENCY_VIOLATION": "CWE-362",
137
+ "INTEGER_OVERFLOW_*": "CWE-190",
138
+ "OPTIONAL_EMPTY_ACCESS*": "CWE-457",
139
+ "PULSE_READONLY_SHARED_PTR_PARAM": "CWE-1006",
140
+ "DANGLING_POINTER_DEREFERENCE": "CWE-416",
141
+ "DIVIDE_BY_ZERO": "CWE-369",
142
+ "MEMORY_LEAK*": "CWE-401",
143
+ "*UNNECESSARY_COPY*": "CWE-1006",
144
+ "STACK_VARIABLE_ADDRESS_ESCAPE": "CWE-562",
145
+ "CONSTANT_ADDRESS_DEREFERENCE*": "CWE-587",
146
+ "PULSE_CONST_REFABLE": "CWE-398",
147
+ "MUTUAL_RECURSION_CYCLE": "CWE-674",
148
+ },
149
+ "rats": {
150
+ "memcpy": "CWE-120",
151
+ "read": "CWE-120",
152
+ "system": "CWE-78",
153
+ "fixed size local buffer": "CWE-119",
154
+ "strncpy": "CWE-120",
155
+ "fgets": "CWE-120",
156
+ "realpath": "CWE-120",
157
+ "fgetc": "CWE-120",
158
+ "fork": "CWE-662",
159
+ "rmdir": "CWE-362",
160
+ "strlen": "CWE-126",
161
+ "*scanf": "CWE-134",
162
+ "unlink": "CWE-362",
163
+ "open": "CWE-362",
164
+ "opendir": "CWE-362",
165
+ "remove": "CWE-362",
166
+ "execv": "CWE-362",
167
+ "vfork": "CWE-676",
168
+ "stat": "CWE-362",
169
+ "dirname": "CWE-362",
170
+ "fopen": "CWE-362",
171
+ "basename": "CWE-362",
172
+ "lstat": "CWE-362",
173
+ "mkdir": "CWE-362",
174
+ "rename": "CWE-362",
175
+ "ERR_error_string": "CWE-676",
176
+ "Static Global Buffer": "CWE-119",
177
+ "getenv": "CWE-20",
178
+ "*printf": "CWE-134",
179
+ "chmod": "CWE-362",
180
+ "chown": "CWE-362",
181
+ "srand": "CWE-330",
182
+ "random": "CWE-330",
183
+ "realloc": "CWE-226",
184
+ "OPENSSL_free": "CWE-212",
185
+ "X509_NAME_oneline": "CWE-120",
186
+ },
187
+ "flawfinder": {"FF1048": "CWE-330"},
188
+ "ikos": {
189
+ "unreachable": "CWE-561",
190
+ "uninitialized-variable": "CWE-457",
191
+ "assert": "CWE-617",
192
+ "division-by-zero": "CWE-369",
193
+ "shift-count": "CWE-1335",
194
+ "signed-int-underflow": "CWE-191",
195
+ "signed-int-overflow": "CWE-190",
196
+ "unsigned-int-underflow": "CWE-191",
197
+ "unsigned-int-overflow": "CWE-190",
198
+ "null-pointer-deref": "CWE-476",
199
+ "null-pointer-comparison": "CWE-465",
200
+ "invalid-pointer-comparison": "CWE-465",
201
+ "pointer-comparison": "CWE-465",
202
+ "pointer-overflow": "CWE-465",
203
+ "invalid-pointer-deref": "CWE-971",
204
+ "unknown-memory-access": "CWE-890",
205
+ "unaligned-pointer": "CWE-970",
206
+ "buffer-overflow-gets": "CWE-676",
207
+ "buffer-overflow": "CWE-119",
208
+ "ignored-store": "CWE-980",
209
+ "ignored-memory-copy": "CWE-120",
210
+ "ignored-free": "CWE-415",
211
+ "free": "CWE-415",
212
+ },
213
+ "cppcheck": {
214
+ "subtractPointers": "CWE-469",
215
+ "overlappingWriteFunction": "CWE-970",
216
+ "uninitMemberVar": "CWE-457",
217
+ "pointerOutOfBounds": "CWE-465",
218
+ "knownEmptyContainer": "CWE-476",
219
+ "cppcheck-arrayIndexOutOfBounds*": "CWE-129",
220
+ "cppcheck-AssignmentAddressToInteger": "CWE-465",
221
+ "cppcheck-badBitmaskCheck": "CWE-682",
222
+ "cppcheck-constStatement": "",
223
+ "cppcheck-identicalInnerCondition": "CWE-691",
224
+ "cppcheck-missingInclude": "CWE-1006",
225
+ "cppcheck-missingIncludeSystem": "CWE-1006",
226
+ "cppcheck-negativeIndex": "CWE-129",
227
+ "cppcheck-nullPointer": "CWE-476",
228
+ "cppcheck-oppositeInnerCondition": "CWE-691",
229
+ "cppcheck-uninitMemberVar": "CWE-457",
230
+ "cppcheck-uninitvar": "CWE-457",
231
+ "cppcheck-unknownMacro": "CWE-1006",
232
+ "cppcheck-useInitializationList": "CWE-1006",
233
+ "cppcheck-duplInheritedMember": "CWE-1006",
234
+ "cppcheck-invalidPrintfArgType_uint": "CWE-681",
235
+ "cppcheck-nullPointerRedundantCheck": "CWE-476",
236
+ "cppcheck-passedByValue": "CWE-1006",
237
+ "cppcheck-returnByReference": "CWE-1006",
238
+ "cppcheck-stlcstrParam": "CWE-133",
239
+ "cppcheck-uninitDerivedMemberVar": "CWE-457",
240
+ "cppcheck-uninitMemberVarPrivate": "CWE-457",
241
+ "cppcheck-uninitStructMember": "CWE-457",
242
+ "cppcheck-preprocessorErrorDirective": "CWE-670",
243
+ },
244
+ "gcc": {
245
+ "-Wstringop-overflow=": "CWE-119",
246
+ "-Warray-bounds=": "CWE-129",
247
+ "-Wmaybe-uninitialized": "CWE-457",
248
+ "-Wreturn-type": "CWE-1006",
249
+ "warning": "CWE-1006",
250
+ "-Wanalyzer-va-list-use-after-va-end": "CWE-1341",
251
+ "-Wanalyzer-use-of-pointer-in-stale-stack-frame": "CWE-562",
252
+ "gcc-double-free": "CWE-415",
253
+ "gcc-infinite-loop": "CWE-835",
254
+ "gcc-malloc-leak": "CWE-401",
255
+ "gcc-null-argument": "CWE-476",
256
+ "gcc-possible-null-dereference": "CWE-476",
257
+ "gcc-use-of-uninitialized-value": "CWE-457",
258
+ "-Werror=shift-count-overflow": "CWE-190",
259
+ "-Wswitch": "CWE-1006",
260
+ },
261
+ }