SecureProgramming.com

BOON: A buffer overflow checking tool	Category: Code Auditing
	Language: C, C++, and Objective-C

Posted by John Viega on Sun, Aug 31, 2003 (03:41 PM) GMT

External URL: http://www.cs.berkeley.edu/~daw/boon/

This static analysis tool checks C programs for buffer overflows. It has a lower false positive rate than tools like RATS and Flawfinder, but not by much (due to the exact analysis used; other static analysis tools do better). It points out potentially bad buffers instead of potentially bad call sites.

Available under a BSD license.

All trademarks and copyrights on this page are owned by their respective owners. Copyrights on submitted material are copyrighted by the submitter. Everything else is Copyright © 2003 by John Viega and Matt Messier. Click here for licensing information regarding the use of recipes on this site and from The Secure Programming Cookbook for C and C++.