Subject: CVS commit: pkgsrc/security/pscan
To: None <pkgsrc-changes@netbsd.org>
From: Curt Sampson <cjs@netbsd.org>
List: pkgsrc-changes
Date: 08/06/2002 04:37:00
Module Name: pkgsrc
Committed By: cjs
Date: Tue Aug 6 01:37:00 UTC 2002
Update of /cvsroot/pkgsrc/security/pscan
In directory minbar.netbsd.org:/tmp/cvs-serv16891
Log Message:
PScan is a C source code security scanner, which looks for misuse of
libc functions which use varargs and printf-style formatting
operators. In many situations these can cause security vulnerabilities
in the application if it runs with privileges (setugid, or listening
to a network socket, etc).
An example of the kind of situation pscan looks for is the following:
variable = "%s"; /* or malicious user input */
sprintf(buffer, variable); /* BAD! */
WWW: http://www.striker.ottawa.on.ca/~aland/pscan/
Vendor Tag: TNF
Release Tags: pkgsrc-base
N pkgsrc/security/pscan/Makefile
N pkgsrc/security/pscan/DESCR
N pkgsrc/security/pscan/PLIST
N pkgsrc/security/pscan/distinfo
N pkgsrc/security/pscan/patches/patch-aa
No conflicts created by this import