---
name: pscan
version: 1.3
origin: security/pscan
comment: Security C code scanner for misuse of format strings
arch: freebsd:9:x86:64
www: http://deployingradius.com/pscan/
maintainer: sylvio@FreeBSD.org
prefix: /usr/local
licenselogic: single
flatsize: 21448
desc: |
  PScan is a C source code security scanner, which looks for misuse of
  libc functions which use varargs and printf-style formatting
  operators. In many situations these can cause security vulnerabilities
  in the application if it runs with privileges (setugid, or listening
  to a network socket, etc).

  An example of the kind of situation pscan looks for is the following:

    variable = "%25s";                   /* or malicious user input */
    sprintf(buffer, variable);         /* BAD! */

  WWW: http://deployingradius.com/pscan/
categories: [security, devel]
files:
  /usr/local/bin/find_formats: 12ab59f02001cbe5b11864c4875a0a7ed8624afde76d52f2ce1ad6050e73623a
  /usr/local/bin/pscan: 91e19621f1622b7c8f6fae6858004718b6c44af952dec5bba836977df70c718b
scripts: {}
