TODO List for ITS4:
-----------------------------------
Improve the vuln database.
  - Sanity check what's there.
  - Clean up the error messages.
  - Add new vuln info (especially Windows ones)
  - Add more types of info.
Flag/use stack alloc'd (primitive type) buffer declarations
Heuristic ptr analysis
Integrate with VC++
Clean up the code. 
  -- There's a lot of redundancy in the handler module.  There need to be
     better primitives. 
Sort result names w/ a flag.  
Fix known bugs, if any.  See BUGS file.
A brief page on how to extend the tool.
Check for "bad words" in comments (and even identifiers).  E.G, FIXME and BUG.
  Maybe make this a separate scan option.
Reason for downgrading a vuln (or at least change the message so strcpy
  at NO_RISK doesn't say "big risk of...")
Document the code more thoroughly
Check for size checks... 
Fix spacing issues
Could cache the vuln db, but it seems to load more than fast enough.
Might want to undo the string pool stuff for clarity's sake. 
  Why is it still there?
     Either we'd have to copy all vars or we'd end up w/ a mem
     management nightmare.
Improve the usability of sorting at the command line.
Once we see something bad in a macro, we can warn when we see that macro name
  (Do another pass for this though, to make sure we don't miss stuff).
Integrate in more linty scanning tools.
Regularly run through purify to make sure no new leaks, etc. have been added


Other suggestions?  I'd love to hear them.

John Viega
viega@list.org
