Add pscan package. Closes pr #17806.

2002-08-05 08:09:26 +00:00 · 2002-08-05 08:09:26 +00:00 · bdc91e8c0b
commit bdc91e8c0b
parent 7978d8d155
5 changed files with 59 additions and 0 deletions
--- a/net/pscan/DESCR
+++ b/net/pscan/DESCR
@ -0,0 +1,12 @@
+PScan is a C source code security scanner, which looks for misuse of
+libc functions which use varargs and printf-style formatting
+operators. In many situations these can cause security vulnerabilities
+in the application if it runs with privileges (setugid, or listening
+to a network socket, etc).
+
+An example of the kind of situation pscan looks for is the following:
+
+  variable = "%s";                   /* or malicious user input */
+  sprintf(buffer, variable);         /* BAD! */
+
+WWW: http://www.striker.ottawa.on.ca/~aland/pscan/
--- a/net/pscan/Makefile
+++ b/net/pscan/Makefile
@ -0,0 +1,19 @@
+# $NetBSD: Makefile,v 1.1 2002/08/05 08:09:27 cjs Exp $
+# FreeBSD Id: ports/security/pscan/Makefile,v 1.4 2001/08/23 09:07:29 kris Exp
+
+DISTNAME=	pscan
+PKGNAME=	pscan-1.3
+CATEGORIES=	security devel
+MASTER_SITES=	http://www.striker.ottawa.on.ca/~aland/pscan/
+
+MAINTAINER=	packages@netbsd.org
+HOMEPAGE=	http://www.striker.ottawa.on.ca/~aland/pscan/
+COMMENT=	Security C code scanner for misuse of format strings
+
+ALL_TARGET=	pscan
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/pscan ${PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/find_formats.sh ${PREFIX}/bin/find_formats
+
+.include "../../mk/bsd.pkg.mk"
--- a/net/pscan/PLIST
+++ b/net/pscan/PLIST
@ -0,0 +1,3 @@
+@comment $NetBSD: PLIST,v 1.1 2002/08/05 08:09:27 cjs Exp $
+bin/pscan
+bin/find_formats
--- a/net/pscan/distinfo
+++ b/net/pscan/distinfo
@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.1 2002/08/05 08:09:27 cjs Exp $
+
+SHA1 (pscan.tar.gz) = 7844cabcc1fa014d5d2d192d94565133d60cd51b
+Size (pscan.tar.gz) = 14555 bytes
+SHA1 (patch-aa) = f9b62f12372392bbe65dd97e441037eceb02c622
--- a/net/pscan/patches/patch-aa
+++ b/net/pscan/patches/patch-aa
@ -0,0 +1,20 @@
+$NetBSD: patch-aa,v 1.1 2002/08/05 08:09:27 cjs Exp $
+
+--- Makefile.orig	Sat Sep  2 17:47:37 2000
+++ Makefile	Sat Sep  2 17:48:38 2000
+@@ -13,11 +13,14 @@
+ #CC=gcc -Wall -g
+ #LEX=flex
+ 
+CC ?= gcc
+CFLAGS ?= -O
+
+ pscan: scanner.yy.o pscan.o
+ 	$(CC) scanner.yy.o pscan.o -o pscan
+ 
+ scanner.yy.o: scanner.yy.c
+-	$(CC) -c scanner.yy.c -o scanner.yy.o
+	$(CC) $(CFLAGS) -c scanner.yy.c -o scanner.yy.o
+ 
+ scanner.yy.c: scanner.l
+ 	$(LEX) -t scanner.l > scanner.yy.c