Tool: Check code src vuln
Hereby a very interesting tool to scan open sources u may download, it could help to find out vulnerabilities included into source code.
Very useful for vulnerability assesment and also to ppl devlopping stuff around (it's a way to learn to coding without vulnerable straight forward functions. Maybe M$ should use it!!!)
I found it very useful and it may interest smoe AOs.
Flawfinder
Quote:
How it works! Flawfinder works by using a built-in database of C/C++ functions with well-known problems, such as buffer overflow risks (e.g., strcpy(), strcat(), gets(), sprintf(), and the scanf() family), format string problems ([v][f]printf(), [v]snprintf(), and syslog()), race conditions (such as access(), chown(), chgrp(), chmod(), tmpfile(), tmpnam(), tempnam(), and mktemp()), potential shell metacharacter dangers (most of the exec() family, system(), popen()), and poor random number acquisition (such as random()).
Flawfinder produces a list of ``hits'' (potential security flaws), sorted by risk; by default the riskiest hits are shown first. This risk level depends not only on the function, but on the values of the parameters of the function. For example, constant strings are often less risky than fully variable strings in many contexts.
[...]
it primarily does simple text pattern matching (though it does ignore comments and strings as it should). Nevertheless, flawfinder can be a very useful aid in finding and removing security vulnerabilities.