diff options
Diffstat (limited to 'security/pscan/pkg-descr')
| -rw-r--r-- | security/pscan/pkg-descr | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/security/pscan/pkg-descr b/security/pscan/pkg-descr new file mode 100644 index 000000000000..3b180bc5d44f --- /dev/null +++ b/security/pscan/pkg-descr @@ -0,0 +1,12 @@ +PScan is a C source code security scanner, which looks for misuse of +libc functions which use varargs and printf-style formatting +operators. In many situations these can cause security vulnerabilities +in the application if it runs with privileges (setugid, or listening +to a network socket, etc). + +An example of the kind of situation pscan looks for is the following: + + variable = "%s"; /* or malicious user input */ + sprintf(buffer, variable); /* BAD! */ + +WWW: http://www.striker.ottawa.on.ca/~aland/pscan/ |