/pscan, Security C code scanner for misuse of format strings
1.3, Package name:
pscan-1.3, Maintainer: pkgsrc-users
PScan is a C source code security scanner, which looks for misuse of
libc functions which use varargs and printf-style formatting
operators. In many situations these can cause security vulnerabilities
in the application if it runs with privileges (setugid, or listening
to a network socket, etc).
An example of the kind of situation pscan looks for is the following:
variable = "%s"; /* or malicious user input */
sprintf(buffer, variable); /* BAD! */
Master sites: SHA1:
Version history: (Expand)
- (2005-10-05) Package added to pkgsrc.se, version pscan-1.3 (created)
CVS history: (Expand)
| 2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
| 2012-10-23 20:17:02 by Aleksej Saushev | Files touched by this commit (368) |
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
| 2011-03-18 21:29:11 by Zafer Aydogan | Files touched by this commit (1) |
service suspended. prevent timeout. fetch from backup.
| 2008-06-12 04:14:58 by Joerg Sonnenberger | Files touched by this commit (1134) |
Add DESTDIR support.
| 2007-12-02 09:32:25 by Roland Illig | Files touched by this commit (13) |
Some more packages need lex and yacc. Patch by Aleksey Cheusov on
| 2006-03-04 22:31:14 by Johnny C. Lam | Files touched by this commit (2257) |
Point MAINTAINER to pkgsrc-users@NetBSD.org in the case where no
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to \
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
| 2005-06-17 05:50:45 by Johnny C. Lam | Files touched by this commit (387) |
Create directories before installing files into them.
| 2005-03-24 22:13:04 by Thomas Klausner | Files touched by this commit (241) |
Remove FreeBSD RCS Ids. pkgsrc has diverged too much for syncing to be