PScan is a C source code security scanner, which looks for misuse of

libc functions which use varargs and printf-style formatting operators. In many situations these can cause security vulnerabilities in the application if it runs with privileges (setugid, or listening to a network socket, etc). An example of the kind of situation pscan looks for is the following: variable = "%s"; /* or malicious user input */ sprintf(buffer, variable); /* BAD! */ WWW: http://www.striker.ottawa.on.ca/~aland/pscan/
author: cjs <cjs> 2002-08-06 01:36:59 +0000
committer: cjs <cjs> 2002-08-06 01:36:59 +0000
commit: 31529121d2d40a1a7b41c0e7899c72e45db240c2 (patch)
tree: 3303cfac5d1a0033bf64487e35e61656faefb58b /security/pscan/distinfo
parent: ad7f4786d752b73357ac53fc1abc0f392c1325da (diff)
download: pkgsrc-31529121d2d40a1a7b41c0e7899c72e45db240c2.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/security/pscan/distinfo b/security/pscan/distinfo
new file mode 100644
index 00000000000..28c66ef5086
--- /dev/null
+++ b/security/pscan/distinfo
@@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.1.1.1 2002/08/06 01:36:59 cjs Exp $
+
+SHA1 (pscan.tar.gz) = 7844cabcc1fa014d5d2d192d94565133d60cd51b
+Size (pscan.tar.gz) = 14555 bytes
+SHA1 (patch-aa) = f9b62f12372392bbe65dd97e441037eceb02c622
author	cjs <cjs>	2002-08-06 01:36:59 +0000
committer	cjs <cjs>	2002-08-06 01:36:59 +0000
commit	31529121d2d40a1a7b41c0e7899c72e45db240c2 (patch)
tree	3303cfac5d1a0033bf64487e35e61656faefb58b /security/pscan/distinfo
parent	ad7f4786d752b73357ac53fc1abc0f392c1325da (diff)
download	pkgsrc-31529121d2d40a1a7b41c0e7899c72e45db240c2.tar.gz