./security/pscan, Security C code scanner for misuse of format strings

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

---

Branch: pkgsrc-2009Q3, Version: 1.3, Package name: pscan-1.3, Maintainer: pkgsrc-users

PScan is a C source code security scanner, which looks for misuse of
libc functions which use varargs and printf-style formatting
operators. In many situations these can cause security vulnerabilities
in the application if it runs with privileges (setugid, or listening
to a network socket, etc).

An example of the kind of situation pscan looks for is the following:

variable = "%s"; /* or malicious user input */
sprintf(buffer, variable); /* BAD! */

---

Master sites:

• http://www.striker.ottawa.on.ca/~aland/pscan/ (Download)

SHA1: 7844cabcc1fa014d5d2d192d94565133d60cd51b
RMD160: 7c92b2b8c8e2f65dc4a37da37de47170ae24809c
Filesize: 14.214 KB

---

Version history: (Expand)

• (2009-10-17) Package added to pkgsrc.se, version pscan-1.3 (created)

---

---

This site is operated by pkgsrc.pub, Contact