Hi, I’m a student of Computer Science and I’m working on a project that aims to identify vulnerabilities in binary programs. I started to write an LLVM Pass that analyzes the lifted representation of the program and I planned to use the Stack Safety Analysis to obtain some information on the program functions, but I’ve found that the FunctionInfo variable of StackSafetyInfo class is private and there is no method that returns a reference to it.
Is there any way to obtain useful information on the result of the Stack Safety Analysis?
Daniele, the SSA was intended to be an inter-procedural ThinLTO-aware generalization of a similar algorithm used in the SafeStack pass intended for use in both SafeStack as well as HWASAN. Unfortunately other priorities have come up so ThinLTO support has not been upstreamed and as it is not yet used by any passes you’ll likely find that it’s not immediately usable in its current state (e.g. its lacking accessors that you need to extract information about allocas.) You would either have to plumb them in yourself, or if you only need an intra-procedural analysis you could use the one in the SafeStack pass.