Pambuyo pazaka zitatu zachitukuko, chida cha GNU cflow 1.7 chatulutsidwa, chopangidwa kuti chipange graph yowonekera pamapulogalamu a C, omwe angagwiritsidwe ntchito kuti muchepetse kuphunzira kwamalingaliro ogwiritsira ntchito. Ma grafu amapangidwa potengera kusanthula kwa zolemba zamasamba, popanda kufunikira kwa pulogalamuyo. M'badwo wa ma graph oyenda kutsogolo ndi kumbuyo umathandizidwa, komanso kupanga mndandanda wazomwe zimalozera pamafayilo a code.
Kutulutsako ndikodziwika pakukhazikitsa kuthandizira kwa mtundu wa "dontho" ('βformat=dot') popanga zotsatira mu chilankhulo cha DOT kuti muwonekere motsatira mu phukusi la Graphviz. Kuwonjeza kuthekera kofotokozera ntchito zingapo zoyambira pobwereza zosankha za '-main'; chithunzi chapadera chidzapangidwa pa chilichonse mwa izi. Chowonjezeranso ndi njira ya "--target=FUNCTION", yomwe imakupatsani mwayi wochepetsera chithunzicho ku nthambi yokhayo yomwe imaphatikizapo ntchito zina (njira ya "--target" ikhoza kufotokozedwa kangapo). Malamulo atsopano a graph navigation awonjezedwa ku cflow-mode: "c" - pitani ku ntchito yoyimba, "n" - pitani kuntchito yotsatira pamlingo womwe wapatsidwa ndi "p" - pitani ku ntchito yapitayi ndi zomwezo. Nesting level.
Mtundu watsopanowu umachotsanso ziwopsezo ziwiri zomwe zidadziwika kale mu 2019 ndikuyambitsa katangale wamakumbukiro pokonza zolemba zolembedwa mwapadera mu cflow. Chiwopsezo choyamba (CVE-2019-16165) chimayamba chifukwa chogwiritsa ntchito kukumbukira kwaulere mu code yodziyimira (reference function mu parser.c). Chiwopsezo chachiwiri (CVE-2019-16166) chikugwirizana ndi kusefukira kwa buffer mu nexttoken() ntchito. Malinga ndi omwe akupanga, mavutowa sakhala pachiwopsezo chachitetezo, chifukwa amangotsala pang'ono kuthetseratu ntchitoyo.
Source: opennet.ru