Query: pscan
OS: debian
Section: 1
Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar
PSCAN(1) General Commands Manual PSCAN(1)NAMEpscan - Format string security checker for C source codeSYNOPSISpscan [options]DESCRIPTIONpscan is a source code analysis tool which is designed to highlight potentially dangerous uses of variadic functions such as "printf", "syslog", etc. The scan works by looking for a one of a list of problem functions, and applying the following rule: IF the last parameter of the function is the format string, AND the format string is NOT a static string, THEN complain.LIMITATIONSThe code will not report on some potention buffer overflows, because that is not its goal. For example the following code is potential dan- gerous: sprintf(static_buffer, %s/.foorc", getenv("HOME"));" This code could cause an issue as there is no immediately obvious bounds checking. However this is a safe usages with regards to format strings.RETURN VALUESIf there are any errors found, pscan exits with status 1.AUTHORAlan DeKok <aland@ox.org> PSCAN(1)
| Related Man Pages |
|---|
| rats(1) - debian |
| curl_maprintf(3) - debian |
| curl_msprintf(3) - debian |
| curl_mvsprintf(3) - debian |
| curl_mprintf(3) - centos |
| Similar Topics in the Unix Linux Community |
|---|
| ifconfig ge0 plumb |
| Utilizing the Make Command |
| Move a line to top of the file |
| scp Commands not executing via cgi script |
| Makefile helps |