diff options
| author | cjs <cjs@pkgsrc.org> | 2002-08-06 01:36:59 +0000 |
|---|---|---|
| committer | cjs <cjs@pkgsrc.org> | 2002-08-06 01:36:59 +0000 |
| commit | 2bc32823729fe9ad72d589803d948e6c540b2d78 (patch) | |
| tree | 3303cfac5d1a0033bf64487e35e61656faefb58b | |
| parent | a5a3ead2a0e387633c4f2f95c1017e04fcedb1f1 (diff) | |
| download | pkgsrc-2bc32823729fe9ad72d589803d948e6c540b2d78.tar.gz | |
PScan is a C source code security scanner, which looks for misuse of
libc functions which use varargs and printf-style formatting
operators. In many situations these can cause security vulnerabilities
in the application if it runs with privileges (setugid, or listening
to a network socket, etc).
An example of the kind of situation pscan looks for is the following:
variable = "%s"; /* or malicious user input */
sprintf(buffer, variable); /* BAD! */
WWW: http://www.striker.ottawa.on.ca/~aland/pscan/
| -rw-r--r-- | security/pscan/DESCR | 12 | ||||
| -rw-r--r-- | security/pscan/Makefile | 19 | ||||
| -rw-r--r-- | security/pscan/PLIST | 3 | ||||
| -rw-r--r-- | security/pscan/distinfo | 5 | ||||
| -rw-r--r-- | security/pscan/patches/patch-aa | 20 |
5 files changed, 59 insertions, 0 deletions
diff --git a/security/pscan/DESCR b/security/pscan/DESCR new file mode 100644 index 00000000000..3b180bc5d44 --- /dev/null +++ b/security/pscan/DESCR @@ -0,0 +1,12 @@ +PScan is a C source code security scanner, which looks for misuse of +libc functions which use varargs and printf-style formatting +operators. In many situations these can cause security vulnerabilities +in the application if it runs with privileges (setugid, or listening +to a network socket, etc). + +An example of the kind of situation pscan looks for is the following: + + variable = "%s"; /* or malicious user input */ + sprintf(buffer, variable); /* BAD! */ + +WWW: http://www.striker.ottawa.on.ca/~aland/pscan/ diff --git a/security/pscan/Makefile b/security/pscan/Makefile new file mode 100644 index 00000000000..63705547f6e --- /dev/null +++ b/security/pscan/Makefile @@ -0,0 +1,19 @@ +# $NetBSD: Makefile,v 1.1.1.1 2002/08/06 01:36:59 cjs Exp $ +# FreeBSD Id: ports/security/pscan/Makefile,v 1.4 2001/08/23 09:07:29 kris Exp + +DISTNAME= pscan +PKGNAME= pscan-1.3 +CATEGORIES= security devel +MASTER_SITES= http://www.striker.ottawa.on.ca/~aland/pscan/ + +MAINTAINER= packages@netbsd.org +HOMEPAGE= http://www.striker.ottawa.on.ca/~aland/pscan/ +COMMENT= Security C code scanner for misuse of format strings + +ALL_TARGET= pscan + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/pscan ${PREFIX}/bin + ${INSTALL_SCRIPT} ${WRKSRC}/find_formats.sh ${PREFIX}/bin/find_formats + +.include "../../mk/bsd.pkg.mk" diff --git a/security/pscan/PLIST b/security/pscan/PLIST new file mode 100644 index 00000000000..12f13e253ea --- /dev/null +++ b/security/pscan/PLIST @@ -0,0 +1,3 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2002/08/06 01:36:59 cjs Exp $ +bin/pscan +bin/find_formats diff --git a/security/pscan/distinfo b/security/pscan/distinfo new file mode 100644 index 00000000000..28c66ef5086 --- /dev/null +++ b/security/pscan/distinfo @@ -0,0 +1,5 @@ +$NetBSD: distinfo,v 1.1.1.1 2002/08/06 01:36:59 cjs Exp $ + +SHA1 (pscan.tar.gz) = 7844cabcc1fa014d5d2d192d94565133d60cd51b +Size (pscan.tar.gz) = 14555 bytes +SHA1 (patch-aa) = f9b62f12372392bbe65dd97e441037eceb02c622 diff --git a/security/pscan/patches/patch-aa b/security/pscan/patches/patch-aa new file mode 100644 index 00000000000..7d8e9f7a01c --- /dev/null +++ b/security/pscan/patches/patch-aa @@ -0,0 +1,20 @@ +$NetBSD: patch-aa,v 1.1.1.1 2002/08/06 01:36:59 cjs Exp $ + +--- Makefile.orig Sat Sep 2 17:47:37 2000 ++++ Makefile Sat Sep 2 17:48:38 2000 +@@ -13,11 +13,14 @@ + #CC=gcc -Wall -g + #LEX=flex + ++CC ?= gcc ++CFLAGS ?= -O ++ + pscan: scanner.yy.o pscan.o + $(CC) scanner.yy.o pscan.o -o pscan + + scanner.yy.o: scanner.yy.c +- $(CC) -c scanner.yy.c -o scanner.yy.o ++ $(CC) $(CFLAGS) -c scanner.yy.c -o scanner.yy.o + + scanner.yy.c: scanner.l + $(LEX) -t scanner.l > scanner.yy.c |