This is the command pscan that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
pscan - Format string security checker for C source code
SYNOPSIS
pscan [options]
DESCRIPTION
pscan is a source code analysis tool which is designed to highlight potentially dangerous
uses of variadic functions such as "printf", "syslog", etc. The scan works by looking for
a one of a list of problem functions, and applying the following rule:
IF the last parameter of the function is the format string, AND the format string is NOT a
static string, THEN complain.
LIMITATIONS
The code will not report on some potention buffer overflows, because that is not its goal.
For example the following code is potential dangerous:
sprintf(static_buffer, %s/.foorc", getenv("HOME"));"
This code could cause an issue as there is no immediately obvious bounds checking. However
this is a safe usages with regards to format strings.
RETURN VALUES
If there are any errors found, pscan exits with status 1.
Use pscan online using onworks.net services
