Does anyone know if clang’s dataflow sanitizer supports the following option, or if there are plans to?
Right now (clang 3.6), it seems that when two or more inputs of a given operation carry different labels, the resulting value is tagged with the union of those labels. But I’m interested in a different kind of analysis, where I track the pristine flow of a value. So in my analysis, when an operation does anything other than cleanly propagate an input value to its output, I want the output to be unlabeled.
For example, if we have:
int c = a + b;
Then I want ‘c’ to be have a dfas label if and only if ‘a’ and ‘b’ both have the same label.