Deploy flawfinder in CI (SAST)
There's flawfinder tool that supposedly is useful for C/C++ code audit. We should:
-
try it and see if the results produced are useful -
fix the problems it reported -
deploy it on CI
Each step depends on the previous one. If at any step we decide the whole thing doesn't make sense, the ticket should be closed.
It may be integrated with gitlab. Go to Security & Compliance -> Configuration, then Static Application Security Testing (SAST).