diff options
author | cjs <cjs@pkgsrc.org> | 2002-08-06 01:36:59 +0000 |
---|---|---|
committer | cjs <cjs@pkgsrc.org> | 2002-08-06 01:36:59 +0000 |
commit | 2bc32823729fe9ad72d589803d948e6c540b2d78 (patch) | |
tree | 3303cfac5d1a0033bf64487e35e61656faefb58b /net | |
parent | a5a3ead2a0e387633c4f2f95c1017e04fcedb1f1 (diff) | |
download | pkgsrc-2bc32823729fe9ad72d589803d948e6c540b2d78.tar.gz |
PScan is a C source code security scanner, which looks for misuse of
libc functions which use varargs and printf-style formatting
operators. In many situations these can cause security vulnerabilities
in the application if it runs with privileges (setugid, or listening
to a network socket, etc).
An example of the kind of situation pscan looks for is the following:
variable = "%s"; /* or malicious user input */
sprintf(buffer, variable); /* BAD! */
WWW: http://www.striker.ottawa.on.ca/~aland/pscan/
Diffstat (limited to 'net')
0 files changed, 0 insertions, 0 deletions