1 ITS4 -- It's the software, stupid! (Security Scanner)
3 ITS4 is a tool that statically scans C and C++ source code for
4 potential security vulnerabilities. It is a command-line tool that
5 works across Unix environments (hopefully) and will also work under
6 Windows with CygWin installed. ITS4 scans code, looking for function
7 calls that are potentially dangerous. For some calls, ITS4 tries to
8 perform some code analysis to determine how risky the call is. In
9 each case, ITS4 provides a problem report, including a short
10 description of the potential problem and suggestions on how to fix the