diff options
| author | Kris Kennaway <kris@FreeBSD.org> | 2000-09-03 00:57:53 +0000 |
|---|---|---|
| committer | Kris Kennaway <kris@FreeBSD.org> | 2000-09-03 00:57:53 +0000 |
| commit | cd725dae6a103543a0ec65bd694c0f62e47a2ef0 (patch) | |
| tree | 4f1634fbbfc70e53c4d6811c977a9b4410edd956 /security/pscan | |
| parent | Respect CC and CFLAGS (diff) | |
pscan-1.2 is a security scanner for misuse of format strings in sprintf-like
functions
Notes
Notes:
svn path=/head/; revision=32217
Diffstat (limited to 'security/pscan')
| -rw-r--r-- | security/pscan/Makefile | 22 | ||||
| -rw-r--r-- | security/pscan/distinfo | 1 | ||||
| -rw-r--r-- | security/pscan/files/patch-aa | 18 | ||||
| -rw-r--r-- | security/pscan/pkg-comment | 1 | ||||
| -rw-r--r-- | security/pscan/pkg-descr | 12 | ||||
| -rw-r--r-- | security/pscan/pkg-plist | 1 |
6 files changed, 55 insertions, 0 deletions
diff --git a/security/pscan/Makefile b/security/pscan/Makefile new file mode 100644 index 000000000000..1a7285472a01 --- /dev/null +++ b/security/pscan/Makefile @@ -0,0 +1,22 @@ +# New ports collection makefile for: pscan +# Date created: 02 September 2000 +# Whom: Kris Kennaway <kris@FreeBSD.org> +# +# $FreeBSD$ +# + +PORTNAME= pscan +PORTVERSION= 1.2 +CATEGORIES= security +MASTER_SITES= http://www.striker.ottawa.on.ca/~aland/pscan/ +DISTNAME= ${PORTNAME} + +MAINTAINER= kris@FreeBSD.org + +WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} +ALL_TARGET= #empty + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/pscan ${PREFIX}/bin + +.include <bsd.port.mk> diff --git a/security/pscan/distinfo b/security/pscan/distinfo new file mode 100644 index 000000000000..2fc599de7241 --- /dev/null +++ b/security/pscan/distinfo @@ -0,0 +1 @@ +MD5 (pscan.tar.gz) = 61b0395da5a3e9de952c896465f19f8b diff --git a/security/pscan/files/patch-aa b/security/pscan/files/patch-aa new file mode 100644 index 000000000000..2dbd480bcd9b --- /dev/null +++ b/security/pscan/files/patch-aa @@ -0,0 +1,18 @@ +--- Makefile.orig Sat Sep 2 17:47:37 2000 ++++ Makefile Sat Sep 2 17:48:38 2000 +@@ -13,11 +13,14 @@ + #CC=gcc -Wall -g + #LEX=flex + ++CC ?= gcc ++CFLAGS ?= -O -pipe ++ + pscan: scanner.yy.o pscan.o + $(CC) scanner.yy.o pscan.o -o pscan + + scanner.yy.o: scanner.yy.c +- $(CC) -c scanner.yy.c -o scanner.yy.o ++ $(CC) $(CFLAGS) -c scanner.yy.c -o scanner.yy.o + + scanner.yy.c: scanner.l + $(LEX) -t scanner.l > scanner.yy.c diff --git a/security/pscan/pkg-comment b/security/pscan/pkg-comment new file mode 100644 index 000000000000..6ba9b2d69ebf --- /dev/null +++ b/security/pscan/pkg-comment @@ -0,0 +1 @@ +Security C code scanner for misuse of format strings diff --git a/security/pscan/pkg-descr b/security/pscan/pkg-descr new file mode 100644 index 000000000000..3b180bc5d44f --- /dev/null +++ b/security/pscan/pkg-descr @@ -0,0 +1,12 @@ +PScan is a C source code security scanner, which looks for misuse of +libc functions which use varargs and printf-style formatting +operators. In many situations these can cause security vulnerabilities +in the application if it runs with privileges (setugid, or listening +to a network socket, etc). + +An example of the kind of situation pscan looks for is the following: + + variable = "%s"; /* or malicious user input */ + sprintf(buffer, variable); /* BAD! */ + +WWW: http://www.striker.ottawa.on.ca/~aland/pscan/ diff --git a/security/pscan/pkg-plist b/security/pscan/pkg-plist new file mode 100644 index 000000000000..70a8f0a60ba8 --- /dev/null +++ b/security/pscan/pkg-plist @@ -0,0 +1 @@ +bin/pscan |