Bugtraq mailing list archives
ITS4 version 1.1 released
From: John Viega <viega () LIST ORG>
Date: Sun, 1 Oct 2000 15:55:50 -0700
Version 1.1 of ITS4, the C/C++ source code security scanner, has been released. It is available from http://www.cigital.com/its4 Major changes include: - Added handlers for format string attacks, along w/ some supporting code. - Support was added to integrate ITS4 with the Visual Studio GUI. Directions are in the INSTALL file. Thanks to Bob Fleck (rfleck () cigital com) for this contribution. - By default, identifiers with the same names as "bad" functions are not flagged, even though there is a slight chance that macro magic could be hiding a real problem. If you want the old behavior, use the flag "--paranoid". - Fixed a bug that redefined __cplusplus for most Solaris users without a getopt_long (Reported by lots and lots of people... thanks, all!). - Fixed several small bugs that probably have no impact on most users. The most important is that numbers are parsed as if ITS4 is a preprocessor, not a C parser. This helps ITS4 address many language extensions without choking (but not all). - Reliable Software Technologies changed its name to Cigital, Inc. The documentation and license have been modified to reflect this change. I also switched the signing key to my GPG key, which can be looked up on most major keyservers. The digital signature for the release is available at: http://www.cigital.com/its4/jviega/its4-1.1.tgz.asc John
Attachment:
_bin
Description:
Current thread:
- ITS4 version 1.1 released John Viega (Oct 01)