ports/120743: security/flawfinder has an occasional bug on some sourcecode

[Pedro F. Giffuni]

>Number:         120743
>Category:       ports
>Synopsis:       security/flawfinder has an occasional bug on some sourcecode
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Feb 16 21:50:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Pedro F. Giffuni
>Release:        6.2-Release
>Organization:
>Environment:
FreeBSD kakumen.cable.net.co 6.3-RELEASE FreeBSD 6.3-RELEASE #10: Sat Jan 19 01:13:55 COT 2008     root at kakumen.cable.net.co:/usr/src/sys/amd64/compile/SMP  amd64

>Description:
The bug (IndexError: string index out of range) is not critical but rather an inconvenience on some codebases.

Full details are here:

https://sourceforge.net/tracker/?func=detail&atid=919499&aid=1834743&group_id=186989
>How-To-Repeat:
Found running flawfinder over Salome and some other big code bases.
>Fix:
diff -ruN flawfinder.orig/files/patch-flawfinder flawfinder/files/patch-flawfinder
--- flawfinder.orig/files/patch-flawfinder	1969-12-31 19:00:00.000000000 -0500
+++ flawfinder/files/patch-flawfinder	2008-02-16 16:22:26.000000000 -0500
@@ -0,0 +1,11 @@
+--- flawfinder.orig	2008-02-16 16:19:59.000000000 -0500
++++ flawfinder	2008-02-16 16:21:43.000000000 -0500
+@@ -1299,6 +1299,8 @@
+     m = p_whitespace.match(text,i)
+     if m:
+       i = m.end(0)
++      if i == len(text):
++      	continue
+ 
+     c = text[i]
+     if linebegin:  # If at beginning of line, see if #include is there.


>Release-Note:
>Audit-Trail:
>Unformatted: