From Free Software Directory
This is the approved revision of this page; it is not the most recent. View the most recent revision.
Jump to: navigation, search



Analyzes code for security risks

'Flawfinder' looks through source code for potential security flaws in source code by using a built-in database of C/C++ functions with well-known problems, and providing a list of potential security flaws, sorted by risk, with the most potentially dangerous flaws shown first. Risk level depends on both the function and the values of the parameters of the function. It ignores text inside comments and strings.


User manual available in PDF format from http://www.dwheeler.com/flawfinder/flawfinder.pdf; User manual available in PostScript format from http://www.dwheeler.com/flawfinder/flawfinder.ps

Related Projects


LicenseVerified byVerified onNotes
License:GPLv2Janet Casey9 September 2002

Leaders and contributors

David A. Wheeler Maintainer

Resources and communication

AudienceResource typeURI
Debian (Ref)https://tracker.debian.org/pkg/flawfinder
Savannah (Ref)https://savannah.nongnu.org/projects/flawfinder
Python (Ref)https://pypi.org/project/flawfinder
Bug Tracking,Developer,SupportE-mailmailto:dwheeler@dwheeler.com

Software prerequisites

Required to usePython 1.5 or later

This entry (in part or in whole) was last reviewed on 13 April 2018.


Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.