[cfe-dev] Best Tool for Static Taint Analysis for c/c++
Anna Zaks
ganna at apple.com
Tue Oct 29 11:23:06 PDT 2013
Hi Alfred,
We had done some initial taint analysis work in the clang static analyzer (see alpha.security.taint implemented in GenericTaintChecker.cpp); however, it is not complete and most likely will not be useful out of the box. We do have the infrastructure to attach taint to symbols and propagate it from one symbol to another; however, we did not implement any cleansing rules, which are important in most taint analysis contexts.
Feel free to give it a spin and let us know if you have more questions,
Anna.
On Oct 24, 2013, at 8:34 AM, Qi Alfred Chen <alfchen at umich.edu> wrote:
> Hi all, I am new in program analysis area, and I am now trying to use static taint analysis on some c/c++ code. Is it possible for you guys to let me know which tool is easiest for this? I browse clang and did not find a well-defined static taint analysis framework.
> Alfred
>
> --
> Kind regards,
> Qi Alfred Chen
> PhD Student,
> Department of Electrical Engineering and Computer Science,
> University of Michigan - Ann Arbor, 48105
> Tel: 1-734-834-2916
> Alt. Email: adios737 at gmail.com
> Homepage: www.eecs.umich.edu/~alfchen
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20131029/07d4b0e1/attachment.html>
More information about the cfe-dev
mailing list