[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] CCA source code released

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] CCA source code released
From: Jonathan Heusser <jonny@xxxxxxxxxxxx>
Date: Mon, 02 May 2005 17:17:51 +0200

Hello,

Some months ago I announced the C Code Analyzer, a static analysis tool for
detecting potential security problems in C source code.
I released the source code of CCA today.

Current features are:
- fully automatic user input tracer
- potential bufferoverflow detection
- memory leak detection
- multiple/dangling free detection
- array out of bound accesses
- eclipse frontend plugin

If you are interested, visit http://www.drugphish.ch/~jonny/cca.html
More information, example sessions detecting bufferoverflows in real
applications and screenshots of the plugin are available on the page.

-- 
ACF8 4AC4 E7E4 1C72 44C5  4E55 2CF0 79E9 84B6 4AD3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] DMA[2005-0425a] - 'ESRI ArcGIS 9.x multiple localvulnerabilities'
Next by Date: [Full-disclosure] The Tel Aviv University Security Forum - meeting #11 - 8/5/05
Previous by thread: Re: [Full-disclosure] DMA[2005-0425a] - 'ESRI ArcGIS 9.x multiple localvulnerabilities'
Next by thread: [Full-disclosure] The Tel Aviv University Security Forum - meeting #11 - 8/5/05
Index(es):
- Date
- Thread