[cfe-dev] Can SymExpr in clang carry multiple taints
Alexey Sidorin via cfe-dev
cfe-dev at lists.llvm.org
Thu Dec 10 11:32:15 PST 2015
Hello,
There is no simple multimap support (like REGISTER_*_WITH_PROGRAMSTATE) now.
However, for taint analysis this functionality may be easily extended with
using bitfields. So, I can imagine some functions like:
bool isTainted(ProgramStateRef State, SymbolRef Sym, unsigned TaintKind) {
const unsigned *TaintKinds = State->get<TaintMap>(Sym);
return TaintKinds && (*TaintKinds & (1 << TaintKind));
}
ProgramStateRef ProgramState::addTaint(SymbolRef Sym, TaintKind K) {
const unsigned *CurrKinds = get<TaintMap>(Sym);
unsigned NewFlag = 1 << K;
unsigned FinalFlags = CurrKinds ? (*CurrKinds | NewFlag) : NewFlag;
return set<TaintMap>(FinalFlags);
}
This may be a possible solution in your case.
More information about the cfe-dev
mailing list