Taint Analysis for C [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 5 years ago.

Improve this question

I need to perform static taint analysis on my C program. I tried using Splint, no luck. Are there any other open source or freeware tools that are available to perform taint analysis?

If yes, can you please also mention about the way to use it or refer to any link. Appreciate your help. Thanks

Answer 1

Searching google I have found the following that support taint analysis for C programs:

1. http://code.google.com/p/tanalysis/
2. http://www.cs.umd.edu/~jfoster/cqual/ -- see their printf format string example

Answer 2

I haven't tried it, but taintgrind (for Valgrind) is probably where I would start. It's on GitHub and seems reasonably "alive".

Answer 3

You can use SAINT: a static taint analysis tool for C to perform static taint analysis on C programs.

The tool is still in development.