Best Tool for Static Taint Analysis for c/c++

Hi all, I am new in program analysis area, and I am now trying to use static taint analysis on some c/c++ code. Is it possible for you guys to let me know which tool is easiest for this? I browse clang and did not find a well-defined static taint analysis framework.

Hi Alfred,

We had done some initial taint analysis work in the clang static analyzer (see implemented in GenericTaintChecker.cpp); however, it is not complete and most likely will not be useful out of the box. We do have the infrastructure to attach taint to symbols and propagate it from one symbol to another; however, we did not implement any cleansing rules, which are important in most taint analysis contexts.

Feel free to give it a spin and let us know if you have more questions,