Let in a program a variable ‘x’ is tainted. There is an assignment ‘y=x’ where y is untainted.
How to check the taintflow in the output or data flow graph ?
Any suggestions?
Thank you. Have a great day.
Let in a program a variable 'x' is tainted. There is an assignment 'y=x' where y is untainted.
How to check the taintflow in the output or data flow graph ?
I'm not involved in it, but you might be interested in the DataFlowSanitizer, dfsan: https://clang.llvm.org/docs/DataFlowSanitizer.html, which sounds like it can do what you want.
I'd be interested to hear in other answers to this question, too.
Thanks, I will check it out.
There is another tool for taint analysis, taintgrind. I am not able to find any relevant output yet.
I am new to this area, still exploring.
I feel there is more context needed to answer this question.