发信人: liukang (Rain), 信区: BBSDev
标  题: pscan挺好用的
发信站: 南京大学小百合站 (Tue Jun 11 02:44:43 2002), 站内信件

刚才用这个东西检查了一下代码,发现了不少隐患.赫赫...


PScan is a C source code security scanner, which looks for misuse of
libc functions which use varargs and printf-style formatting
operators. In many situations these can cause security vulnerabilities
in the application if it runs with privileges (setugid, or listening
to a network socket, etc).
An example of the kind of situation pscan looks for is the following:
  variable = "%s";                   /* or malicious user input */
  sprintf(buffer, variable);         /* BAD! */
WWW: http://www.striker.ottawa.on.ca/~aland/pscan/

比如对NJUwww0.9处了以前报过的那些隐患，还有：
bbsccc.c:52 SECURITY: sprintf call should have "%s" as argument 1
bbsplan.c:24 SECURITY: printf call should have "%s" as argument 0
--
FROM 166.111.4.19