Source code scanners can be used to audit security problems in source code. It can detect problems, such as buffer overflows, race conditions, privilege escalation, and tainted input. Buffer overflows enable data to be written over portions of your executable, which can allow a malicious user to do just about anything. Race conditions can prevent protective systems from functioning properly, or deny the availability of resources to their rightful users. Privilege escalation occurs when code runs with higher privileges than that of the user who executed it. Tainting of input allows unchecked data through your defenses, possibly qualified as already error-checked information.
Here is a list of Linux tools used to audit security problems by scanning scource codes:
- Flawfinder A Python program that searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first.
- Rough Auditing Tool for Security (RATS) RATS is written in C and contains external XML collections of rules that apply to each language.
- StackGuard A compiler that builds programs hardened against stack smashing attacks. Stack smashing attacks are a common and big problem for Linux and Windows applications. After programs have been compiled with StackGuard, they are largely immune to stack smashing attack.
- Libsafe Produces a transparent protection method that has the big advantage of not requiring applications to be recompiled. It guards against buffer overflows and can protect applications for which the source code isn’t available.