mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-26 00:55:14 +00:00
578991f425
- Move pkg-plist to Makefile. - Use patch name as appropriate. - Pass maintainership to submitter. PR: ports/139441 Submitted by: Sylvio Cesar <scjamorim@bsd.com.br>
13 lines
524 B
Plaintext
13 lines
524 B
Plaintext
PScan is a C source code security scanner, which looks for misuse of
|
|
libc functions which use varargs and printf-style formatting
|
|
operators. In many situations these can cause security vulnerabilities
|
|
in the application if it runs with privileges (setugid, or listening
|
|
to a network socket, etc).
|
|
|
|
An example of the kind of situation pscan looks for is the following:
|
|
|
|
variable = "%s"; /* or malicious user input */
|
|
sprintf(buffer, variable); /* BAD! */
|
|
|
|
WWW: http://deployingradius.com/pscan/
|