<div dir="ltr">Thank you very much for you nice reply.<div>I have red some parts of LLVM documents, but not all. However, I think I have no time to read more documents. because I must complete my work almost 40 days later.</div><div><br></div><div>I want to writer a simple checker to check a OS(wrote by C) to determine if it has buffer overflow(or more) vulnerability using LLVM. And I want to write it as a LLVM pass. I think static taint analsiy technique can solve it.</div><div><br></div><div>Limited by time, I need a static taint analysis example to imitation and improve. I hope the example should using LLVM, and it must have well annotation because coding is a difficult thing for me. </div><div><br></div><div>I have found a example : <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_thinkmoore_llvm-2Ddeps&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=Mfk2qtn1LTDThVkh6-oGglNfMADXfJdty4_bhmuhMHA&m=K5H1gZlhYc-AkfiqCfEei2UsDxEpHsqVAwNlzhVdhaM&s=swNGrOB5MsIUhK4F-XZGXbRUJF5xlV8kEa0rfAWHQnU&e=">https://github.com/thinkmoore/llvm-deps</a>.</div><div>but it has little annotations(I have send email to the wirter, but I haven't receive reply). I have implement "sourcesinkanalysis" parts as a LLVM pass by myself. but other parts is difficult for me without annotation. </div><div>so if you have a better examples, or you have some better suggestions for my work. Please tell me. Thank you very much!</div><div><br></div><div>best wishes ,</div><div>zhaoqian </div></div><div class="gmail_extra"><br><div class="gmail_quote">2015-07-17 22:07 GMT+08:00 Kenneth Adam Miller <span dir="ltr"><<a href="mailto:kennethadammiller@gmail.com" target="_blank">kennethadammiller@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">It appears that you've not done the requisite reading that's highlighted multiple times in the very beginning of the document. Compilers are extremely sophisticated and hard; the assumed proclivity for self learning here is high, so if you don't demonstrate that you've done your homework it will probably be hard to solicit support.<div><br></div><div>In any case, not that I know of, and I've been on a stride for the past while, reading about and learning llvm. You can see all the different passes that are publicly available in the documentation as well. In addition, since I've already told you that it's not there, I might as well help you out by saying that the way llvm works is as a library in that when you want your pass to be executed, you register the code with the overall framework. In your case, you'll need two things, from a higher level perspective-a way to insert some form of a runtime/library regarding how the shadow memory is maintained. My perspective regarding this is you can construct your own shadow memory functionality as a shared object that is loaded and initialized via a companion preamble to main, and produce compiled executables that implicitly use this (or edit the compilation behavior of your targets, more tedious). And the other thing you need is to weave in the calls, or inline, the work necessary to maintain the shadow memory. I recommend writing a pass that will work at basic block granularity level, because at that point you can array the memory operations to facilitate liveness of the shadow memory callback or offset information, thereby further streamlining the efficiency of the final code by combining shadow memory maintenance work. </div><div><br></div><div>This book is good for getting started: Getting Started with LLVM Core Libraries. It has lots of examples, but to be honest, you don't need to pay for anything until you've read what's publicly available, and llvm even comes with examples.</div><div><br></div><div>Let me know your thoughts and we can pick up when you've seen the passes and learned about how to extend the correct C++ class.</div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Thu, Jul 16, 2015 at 8:44 PM, Q Z <span dir="ltr"><<a href="mailto:zhaoqian301@gmail.com" target="_blank">zhaoqian301@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr">Hello,<div>I want to know if LLVM support static taint analysis now ? and how to implement static taint analysis code in term of LLVM pass or something else ?</div><div><br></div><div>can anyone help me?Thank you very much!</div><div><br></div><div>zhaoqian</div></div>
<br></div></div>_______________________________________________<br>
LLVM Developers mailing list<br>
<a href="mailto:LLVMdev@cs.uiuc.edu" target="_blank">LLVMdev@cs.uiuc.edu</a> <a href="http://llvm.cs.uiuc.edu" rel="noreferrer" target="_blank">http://llvm.cs.uiuc.edu</a><br>
<a href="http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev" rel="noreferrer" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev</a><br>
<br></blockquote></div><br></div>
</blockquote></div><br></div>