oss-security - Re: Security vulnerability tools

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <51538CD8.20204@redhat.com>
Date: Thu, 28 Mar 2013 11:20:40 +1100
From: Murray McAllister <mmcallis@...hat.com>
To: Corey Bryant <coreyb@...ux.vnet.ibm.com>
CC: oss-security@...ts.openwall.com
Subject: Re: Security vulnerability tools

On 03/28/2013 06:54 AM, Corey Bryant wrote:
> Hi,
>
> I'd like to get a better understanding of tools used in the open source
> community (kernel and user space) to detect security vulnerabilities.
>
> I have a list below to get started.  If anyone has any input, I'd
> appreciate it!
>
> I'll plan on updating http://oss-security.openwall.org/wiki/tools with
> anything it doesn't already have.

Hi,

I am sometimes using Splint. From http://www.splint.org/ "Splint is a 
tool for statically checking C programs for security vulnerabilities and 
coding mistakes. With minimal effort, Splint can be used as a better 
lint. If additional effort is invested adding annotations to programs, 
Splint can perform stronger checking than can be done by any standard lint."

Cheers.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.