New linter: Flawfinder (#1361)

* Flawfinder support added for C and C++

A minor modification to gcc handler was made to support flawfinder's
single-line output format that does not have a space following the
colon denoting the warning level.  gcc handler still passes its
Vader tests after this modification.

* Documentation fixes

* Revert documentation regression

* Added Flawfinder to table of contents

* Removed trailing whitespace

* Follow ALE conventions better

Added additional documentation and Vader tests

README.md

@@ -79,8 +79,8 @@ formatting.
 | Awk | [gawk](https://www.gnu.org/software/gawk/)|
 | Bash | shell [-n flag](https://www.gnu.org/software/bash/manual/bash.html#index-set), [shellcheck](https://www.shellcheck.net/), [shfmt](https://github.com/mvdan/sh) |
 | Bourne Shell | shell [-n flag](http://linux.die.net/man/1/sh), [shellcheck](https://www.shellcheck.net/), [shfmt](https://github.com/mvdan/sh) |
-| C | [cppcheck](http://cppcheck.sourceforge.net), [cpplint](https://github.com/google/styleguide/tree/gh-pages/cpplint), [gcc](https://gcc.gnu.org/), [clang](http://clang.llvm.org/), [clangtidy](http://clang.llvm.org/extra/clang-tidy/) !!, [clang-format](https://clang.llvm.org/docs/ClangFormat.html)|
+| C | [cppcheck](http://cppcheck.sourceforge.net), [cpplint](https://github.com/google/styleguide/tree/gh-pages/cpplint), [clang](http://clang.llvm.org/), [clangtidy](http://clang.llvm.org/extra/clang-tidy/) !!, [clang-format](https://clang.llvm.org/docs/ClangFormat.html), [flawfinder](https://www.dwheeler.com/flawfinder/), [gcc](https://gcc.gnu.org/) |
-| C++ (filetype cpp) | [clang](http://clang.llvm.org/), [clangcheck](http://clang.llvm.org/docs/ClangCheck.html) !!, [clangtidy](http://clang.llvm.org/extra/clang-tidy/) !!, [clang-format](https://clang.llvm.org/docs/ClangFormat.html), [cppcheck](http://cppcheck.sourceforge.net), [cpplint](https://github.com/google/styleguide/tree/gh-pages/cpplint) !!, [gcc](https://gcc.gnu.org/) |
+| C++ (filetype cpp) | [clang](http://clang.llvm.org/), [clangcheck](http://clang.llvm.org/docs/ClangCheck.html) !!, [clangtidy](http://clang.llvm.org/extra/clang-tidy/) !!, [clang-format](https://clang.llvm.org/docs/ClangFormat.html), [cppcheck](http://cppcheck.sourceforge.net), [cpplint](https://github.com/google/styleguide/tree/gh-pages/cpplint) !!, [flawfinder](https://www.dwheeler.com/flawfinder/), [gcc](https://gcc.gnu.org/) |
 | CUDA | [nvcc](http://docs.nvidia.com/cuda/cuda-compiler-driver-nvcc/index.html) |
 | C# | [mcs](http://www.mono-project.com/docs/about-mono/languages/csharp/) see:`help ale-cs-mcs` for details, [mcsc](http://www.mono-project.com/docs/about-mono/languages/csharp/) !! see:`help ale-cs-mcsc` for details and configuration|
 | Chef | [foodcritic](http://www.foodcritic.io/) |

ale_linters/c/flawfinder.vim

@@ -0,0 +1,30 @@
+" Author: Christian Gibbons <cgibbons@gmu.edu>
+" Description: flawfinder linter for c files
+
+call ale#Set('c_flawfinder_executable', 'flawfinder')
+call ale#Set('c_flawfinder_options', '')
+call ale#Set('c_flawfinder_minlevel', 1)
+
+function! ale_linters#c#flawfinder#GetExecutable(buffer) abort
+   return ale#Var(a:buffer, 'c_flawfinder_executable')
+endfunction
+
+function! ale_linters#c#flawfinder#GetCommand(buffer) abort
+
+   " Set the minimum vulnerability level for flawfinder to bother with
+   let l:minlevel = ' --minlevel=' . ale#Var(a:buffer, 'c_flawfinder_minlevel')
+
+   return ale#Escape(ale_linters#c#flawfinder#GetExecutable(a:buffer))
+   \  . ' -CDQS'
+   \  . ale#Var(a:buffer, 'c_flawfinder_options')
+   \  . l:minlevel
+   \  . ' %t'
+endfunction
+
+call ale#linter#Define('c', {
+\  'name': 'flawfinder',
+\  'output_stream': 'stdout',
+\  'executable_callback': 'ale_linters#c#flawfinder#GetExecutable',
+\  'command_callback': 'ale_linters#c#flawfinder#GetCommand',
+\  'callback': 'ale#handlers#gcc#HandleGCCFormat',
+\})

ale_linters/cpp/flawfinder.vim

@@ -0,0 +1,30 @@
+" Author: Christian Gibbons <cgibbons@gmu.edu>
+" Description: flawfinder linter for c++ files
+
+call ale#Set('cpp_flawfinder_executable', 'flawfinder')
+call ale#Set('cpp_flawfinder_options', '')
+call ale#Set('cpp_flawfinder_minlevel', 1)
+
+function! ale_linters#cpp#flawfinder#GetExecutable(buffer) abort
+   return ale#Var(a:buffer, 'cpp_flawfinder_executable')
+endfunction
+
+function! ale_linters#cpp#flawfinder#GetCommand(buffer) abort
+
+   " Set the minimum vulnerability level for flawfinder to bother with
+   let l:minlevel = ' --minlevel=' . ale#Var(a:buffer, 'cpp_flawfinder_minlevel')
+
+   return ale#Escape(ale_linters#cpp#flawfinder#GetExecutable(a:buffer))
+   \  . ' -CDQS'
+   \  . ale#Var(a:buffer, 'cpp_flawfinder_options')
+   \  . l:minlevel
+   \  . ' %t'
+endfunction
+
+call ale#linter#Define('cpp', {
+\  'name': 'flawfinder',
+\  'output_stream': 'stdout',
+\  'executable_callback': 'ale_linters#cpp#flawfinder#GetExecutable',
+\  'command_callback': 'ale_linters#cpp#flawfinder#GetCommand',
+\  'callback': 'ale#handlers#gcc#HandleGCCFormat',
+\})

autoload/ale/handlers/gcc.vim

@@ -24,7 +24,7 @@ function! ale#handlers#gcc#HandleGCCFormat(buffer, lines) abort
     " <stdin>:8:5: warning: conversion lacks type at end of format [-Wformat=]
     " <stdin>:10:27: error: invalid operands to binary - (have ‘int’ and ‘char *’)
     " -:189:7: note: $/${} is unnecessary on arithmetic variables. [SC2004]
-    let l:pattern = '\v^([a-zA-Z]?:?[^:]+):(\d+):(\d+)?:? ([^:]+): (.+)$'
+    let l:pattern = '\v^([a-zA-Z]?:?[^:]+):(\d+):(\d+)?:? ([^:]+): ?(.+)$'
     let l:output = []
 
     for l:match in ale#util#GetMatches(a:lines, l:pattern)

doc/ale-c.txt

@@ -143,6 +143,33 @@ g:ale_c_cppcheck_options                             *g:ale_c_cppcheck_options*
   This variable can be changed to modify flags given to cppcheck.
 
 
+===============================================================================
+flawfinder                                                   *ale-c-flawfinder*
+
+g:ale_c_flawfinder_executable                   *g:ale_c_flawfinder_executable*
+                                                *g:ale_c_flawfinder_executable*
+  Type: |String|
+  Default: `'flawfinder'`
+
+  This variable can be changed to use a different executable for flawfinder.
+
+
+g:ale_c_flawfinder_minlevel                       *g:ale_c_flawfinder_minlevel*
+                                                  *b:ale_c_flawfinder_minlevel*
+  Type: |Number|
+  Default: `1`
+
+  This variable can be changed to ignore risks under the given risk threshold.
+
+
+g:ale_c_flawfinder_options                                 *g:ale-c-flawfinder*
+                                                           *b:ale-c-flawfinder*
+  Type: |String|
+  Default: `''`
+
+  This variable can be used to pass extra options into the flawfinder command.
+
+
 ===============================================================================
 gcc                                                                 *ale-c-gcc*
 

doc/ale-cpp.txt

@@ -153,6 +153,33 @@ g:ale_cpp_cpplint_options                           *g:ale_cpp_cpplint_options*
   This variable can be changed to modify flags given to cpplint.
 
 
+===============================================================================
+flawfinder                                                 *ale-cpp-flawfinder*
+
+g:ale_cpp_flawfinder_executable               *g:ale_cpp_flawfinder_executable*
+                                              *g:ale_cpp_flawfinder_executable*
+  Type: |String|
+  Default: `'flawfinder'`
+
+  This variable can be changed to use a different executable for flawfinder.
+
+
+g:ale_cpp_flawfinder_minlevel                   *g:ale_cpp_flawfinder_minlevel*
+                                                *b:ale_cpp_flawfinder_minlevel*
+  Type: |Number|
+  Default: `1`
+
+  This variable can be changed to ignore risks under the given risk threshold.
+
+
+g:ale_cpp_flawfinder_options                             *g:ale-cpp-flawfinder*
+                                                         *b:ale-cpp-flawfinder*
+  Type: |String|
+  Default: `''`
+
+  This variable can be used to pass extra options into the flawfinder command.
+
+
 ===============================================================================
 gcc                                                               *ale-cpp-gcc*
 

doc/ale.txt

@@ -28,6 +28,7 @@ CONTENTS                                                         *ale-contents*
       clang-format........................|ale-c-clangformat|
       clangtidy...........................|ale-c-clangtidy|
       cppcheck............................|ale-c-cppcheck|
+      flawfinder..........................|ale-c-flawfinder|
       gcc.................................|ale-c-gcc|
     chef..................................|ale-chef-options|
       foodcritic..........................|ale-chef-foodcritic|
@@ -42,6 +43,7 @@ CONTENTS                                                         *ale-contents*
       clangtidy...........................|ale-cpp-clangtidy|
       cppcheck............................|ale-cpp-cppcheck|
       cpplint.............................|ale-cpp-cpplint|
+      flawfinder..........................|ale-cpp-flawfinder|
       gcc.................................|ale-cpp-gcc|
     c#....................................|ale-cs-options|
       mcs.................................|ale-cs-mcs|
@@ -298,8 +300,8 @@ Notes:
 * Awk: `gawk`
 * Bash: `shell` (-n flag), `shellcheck`, `shfmt`
 * Bourne Shell: `shell` (-n flag), `shellcheck`, `shfmt`
-* C: `cppcheck`, `cpplint`!!, `gcc`, `clang`, `clangtidy`!!, `clang-format`
+* C: `cppcheck`, `cpplint`!!, `clang`, `clangtidy`!!, `clang-format`, `flawfinder`, `gcc`
-* C++ (filetype cpp): `clang`, `clangcheck`!!, `clangtidy`!!, `clang-format`, `cppcheck`, `cpplint`!!, `gcc`
+* C++ (filetype cpp): `clang`, `clangcheck`!!, `clangtidy`!!, `clang-format`, `cppcheck`, `cpplint`!!, `flawfinder`, `gcc`
 * CUDA: `nvcc`!!
 * C#: `mcs`, `mcsc`!!
 * Chef: `foodcritic`

test/command_callback/test_c_flawfinder_command_callbacks.vader

@@ -0,0 +1,51 @@
+Before:
+  Save g:ale_c_flawfinder_executable
+  Save g:ale_c_flawfinder_options
+  Save g:ale_c_flawfinder_minlevel
+
+  unlet! g:ale_c_flawfinder_executable
+  unlet! b:ale_c_flawfinder_executable
+  unlet! g:ale_c_flawfinder_options
+  unlet! b:ale_c_flawfinder_options
+  unlet! g:ale_c_flawfinder_minlevel
+  unlet! b:ale_c_flawfinder_minlevel
+
+  runtime ale_linters/c/flawfinder.vim
+
+After:
+  unlet! b:ale_c_flawfinder_executable
+  unlet! b:ale_c_flawfinder_options
+  unlet! b:ale_c_flawfinder_minlevel
+
+  Restore
+  call ale#linter#Reset()
+
+Execute(The flawfinder command should be correct):
+  AssertEqual
+  \ ale#Escape('flawfinder')
+  \   . ' -CDQS --minlevel=1 %t',
+  \ ale_linters#c#flawfinder#GetCommand(bufnr(''))
+
+Execute(The minlevel of flawfinder should be configurable):
+  let b:ale_c_flawfinder_minlevel = 8
+
+  AssertEqual
+  \ ale#Escape('flawfinder')
+  \   . ' -CDQS --minlevel=8 %t',
+  \ ale_linters#c#flawfinder#GetCommand(bufnr(''))
+
+Execute(Additional flawfinder options should be configurable):
+  let b:ale_c_flawfinder_options = ' --foobar'
+
+  AssertEqual
+  \ ale#Escape('flawfinder')
+  \   . ' -CDQS --foobar --minlevel=1 %t',
+  \ ale_linters#c#flawfinder#GetCommand(bufnr(''))
+
+Execute(The flawfinder exectable should be configurable):
+  let b:ale_c_flawfinder_executable = 'foo/bar'
+
+  AssertEqual
+  \ ale#Escape('foo/bar')
+  \   . ' -CDQS --minlevel=1 %t',
+  \ ale_linters#c#flawfinder#GetCommand(bufnr(''))

test/command_callback/test_cpp_flawfinder_command_callbacks.vader

@@ -0,0 +1,51 @@
+Before:
+  Save g:ale_cpp_flawfinder_executable
+  Save g:ale_cpp_flawfinder_options
+  Save g:ale_cpp_flawfinder_minlevel
+
+  unlet! g:ale_cpp_flawfinder_executable
+  unlet! b:ale_cpp_flawfinder_executable
+  unlet! g:ale_cpp_flawfinder_options
+  unlet! b:ale_cpp_flawfinder_options
+  unlet! g:ale_cpp_flawfinder_minlevel
+  unlet! b:ale_cpp_flawfinder_minlevel
+
+  runtime ale_linters/cpp/flawfinder.vim
+
+After:
+  unlet! b:ale_cpp_flawfinder_executable
+  unlet! b:ale_cpp_flawfinder_options
+  unlet! b:ale_cpp_flawfinder_minlevel
+
+  Restore
+  call ale#linter#Reset()
+
+Execute(The flawfinder command should be correct):
+  AssertEqual
+  \ ale#Escape('flawfinder')
+  \   . ' -CDQS --minlevel=1 %t',
+  \ ale_linters#cpp#flawfinder#GetCommand(bufnr(''))
+
+Execute(The minlevel of flawfinder should be configurable):
+  let b:ale_cpp_flawfinder_minlevel = 8
+
+  AssertEqual
+  \ ale#Escape('flawfinder')
+  \   . ' -CDQS --minlevel=8 %t',
+  \ ale_linters#cpp#flawfinder#GetCommand(bufnr(''))
+
+Execute(Additional flawfinder options should be configurable):
+  let b:ale_cpp_flawfinder_options = ' --foobar'
+
+  AssertEqual
+  \ ale#Escape('flawfinder')
+  \   . ' -CDQS --foobar --minlevel=1 %t',
+  \ ale_linters#cpp#flawfinder#GetCommand(bufnr(''))
+
+Execute(The flawfinder exectable should be configurable):
+  let b:ale_cpp_flawfinder_executable = 'foo/bar'
+
+  AssertEqual
+  \ ale#Escape('foo/bar')
+  \   . ' -CDQS --minlevel=1 %t',
+  \ ale_linters#cpp#flawfinder#GetCommand(bufnr(''))