todo

源码漏洞检查

TODO List for ITS4:
-----------------------------------
Should check to see if files are dirs, and refuse to handle them if so.
Add a recursive option.
Improve the vuln database, always.
Flag/use stack alloc'd (primitive type) buffer declarations
Heuristic ptr analysis
Clean up the code. 
  -- There's a lot of redundancy in the handler module.  There need to be
     better primitives. 
Fix known bugs, if any.  See BUGS file.
A brief page on how to extend the tool.
Check for "bad words" in comments (and even identifiers).  E.G, FIXME and BUG.
  Maybe make this a separate scan option.
Reason for downgrading a vuln (or at least change the message so strcpy
  at NO_RISK doesn't say "big risk of...").  This is kind of supported in a 
very kludgy way now.
Document the code more thoroughly.
Check for size checks... 
Fix spacing issues
Could cache the vuln db, but it seems to load more than fast enough.
Might want to undo the string pool stuff for clarity's sake. 
  Why is it still there?
     Either we'd have to copy all vars or we'd end up w/ a mem
     management nightmare.
Improve the usability of sorting at the command line.
Once we see something bad in a macro, we can warn when we see that macro name
  (Do another pass for this though, to make sure we don't miss stuff).
Integrate in more linty scanning tools.
Regularly run through purify to make sure no new leaks, etc. have been added

Other suggestions?  We'd love to hear them.

its4@cigital.com
http://www.cigital.com/its4