[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nano-devel] RATS and flawfinder reports on Nano
From: |
Rocco Corsi |
Subject: |
[Nano-devel] RATS and flawfinder reports on Nano |
Date: |
Fri, 01 Oct 2004 20:36:15 -0400 |
Attached are reports produced by RATS and flawfinder from the Nano
source code. These are tools to look for potential security flaws.
This is more a starting point to check your code. Have a look.
I seem to remember some posts from a long time ago where it was said
that certain functions should be avoided. Also it was better to use
functions that indicate the buffer size instead of functions that could
copy data unbounded.
I realize that most of these potential flaws are not flaws, just the
software being simpleminded about the code. Then again it may have hit
on a few good ones.
Regards,
Rocco
nano.rats.txt
Description: Text document
nano.flawfinder.txt
Description: Text document
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Nano-devel] RATS and flawfinder reports on Nano,
Rocco Corsi <=