PScan is a C source code security scanner, which looks for misuse of

libc functions which use varargs and printf-style formatting operators. In many situations these can cause security vulnerabilities in the application if it runs with privileges (setugid, or listening to a network socket, etc). An example of the kind of situation pscan looks for is the following: variable = "%s"; /* or malicious user input */ sprintf(buffer, variable); /* BAD! */ WWW: http://www.striker.ottawa.on.ca/~aland/pscan/
author: cjs <cjs@pkgsrc.org> 2002-08-06 01:36:59 +0000
committer: cjs <cjs@pkgsrc.org> 2002-08-06 01:36:59 +0000
commit: 2bc32823729fe9ad72d589803d948e6c540b2d78 (patch)
tree: 3303cfac5d1a0033bf64487e35e61656faefb58b /security/pscan/distinfo
parent: a5a3ead2a0e387633c4f2f95c1017e04fcedb1f1 (diff)
download: pkgsrc-2bc32823729fe9ad72d589803d948e6c540b2d78.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/security/pscan/distinfo b/security/pscan/distinfo
new file mode 100644
index 00000000000..28c66ef5086
--- /dev/null
+++ b/security/pscan/distinfo
@@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.1.1.1 2002/08/06 01:36:59 cjs Exp $
+
+SHA1 (pscan.tar.gz) = 7844cabcc1fa014d5d2d192d94565133d60cd51b
+Size (pscan.tar.gz) = 14555 bytes
+SHA1 (patch-aa) = f9b62f12372392bbe65dd97e441037eceb02c622
author	cjs <cjs@pkgsrc.org>	2002-08-06 01:36:59 +0000
committer	cjs <cjs@pkgsrc.org>	2002-08-06 01:36:59 +0000
commit	2bc32823729fe9ad72d589803d948e6c540b2d78 (patch)
tree	3303cfac5d1a0033bf64487e35e61656faefb58b /security/pscan/distinfo
parent	a5a3ead2a0e387633c4f2f95c1017e04fcedb1f1 (diff)
download	pkgsrc-2bc32823729fe9ad72d589803d948e6c540b2d78.tar.gz