The devel/flawfinder port
flawfinder-2.0.19p1 – C/C++ source code auditing tool
Flawfinder is a program that can scan code and identify out potential
security flaws, ranking them by likely severity. Unlike ITS4,
flawfinder is completely open source / free software (it's released
under the GPL license).
Flawfinder will miss some security problems, and point out issues
that aren't really security problems, but nevertheless it can help
track down security problems in code so that the code can be fixed.