[Nano-devel] RATS and flawfinder reports on Nano

nano-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Nano-devel] RATS and flawfinder reports on Nano

From:	Rocco Corsi
Subject:	[Nano-devel] RATS and flawfinder reports on Nano
Date:	Fri, 01 Oct 2004 20:36:15 -0400

Attached are reports produced by RATS and flawfinder from the Nano
source code.  These are tools to look for potential security flaws. 
This is more a starting point to check your code.  Have a look.

I seem to remember some posts from a long time ago where it was said
that certain functions should be avoided.  Also it was better to use
functions that indicate the buffer size instead of functions that could
copy data unbounded.

I realize that most of these potential flaws are not flaws, just the
software being simpleminded about the code.  Then again it may have hit
on a few good ones.

Regards,
Rocco

nano.rats.txt
Description: Text document

nano.flawfinder.txt
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

[Nano-devel] RATS and flawfinder reports on Nano, Rocco Corsi <=

Prev by Date: Re: [Nano-devel] DOS/Mac text conversion
Next by Date: Re: [Nano-devel] DOS/Mac text conversion
Previous by thread: [Nano-devel] Spell check marked text
Next by thread: [Nano-devel] (no subject)
Index(es):
- Date
- Thread