kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/security/pscan/PLIST
cjs 2bc3282372 PScan is a C source code security scanner, which looks for misuse of 
libc functions which use varargs and printf-style formatting
operators. In many situations these can cause security vulnerabilities
in the application if it runs with privileges (setugid, or listening
to a network socket, etc).

An example of the kind of situation pscan looks for is the following:

  variable = "%s";                   /* or malicious user input */
  sprintf(buffer, variable);         /* BAD! */

WWW: http://www.striker.ottawa.on.ca/~aland/pscan/
2002-08-06 01:36:59 +00:00

3 lines
91 B
Text
Raw Blame History

@comment $NetBSD: PLIST,v 1.1.1.1 2002/08/06 01:36:59 cjs Exp $
bin/pscan
bin/find_formats
Reference in a new issue View git blame Copy permalink