malicious code = non normative code, a code that makes things not allowed or planned intentionally or not. Moving literals into record is suspected, not always a malicious code.
ITschak On 8/11/08, Binyamin Dissen <[EMAIL PROTECTED]> wrote: > > On Mon, 11 Aug 2008 09:30:57 +0200 Itschak Mugzach <[EMAIL PROTECTED]> > wrote: > > :>I know some products that checks program complexity, and even those who > look > :>into specific command usage. But this time I am looking for a product to > :>analyse mainframe traditional language (Cobol, PLI, etc) for malicious > code. > :>I have some ideas like the usage of string command, Input that come > outside > :>a file record, etc. > > :>What are you using to analyse your code? > > Define "malicious code". > > Why is "input that come outside a file record" malicious? > > -- > Binyamin Dissen <[EMAIL PROTECTED]> > http://www.dissensoftware.com > > Director, Dissen Software, Bar & Grill - Israel > > > Should you use the mailblocks package and expect a response from me, > you should preauthorize the dissensoftware.com domain. > > I very rarely bother responding to challenge/response systems, > especially those from irresponsible companies. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
