Taint Analysis for C [closed]

https://stackoverflow.com/questions/13178263

c
static-analysis
lint
splint

25-07-2021
|

Pergunta

I need to perform static taint analysis on my C program. I tried using Splint, no luck. Are there any other open source or freeware tools that are available to perform taint analysis?

If yes, can you please also mention about the way to use it or refer to any link. Appreciate your help. Thanks

Solução

Searching google I have found the following that support taint analysis for C programs:

http://code.google.com/p/tanalysis/
http://www.cs.umd.edu/~jfoster/cqual/ -- see their printf format string example

Outras dicas

I haven't tried it, but taintgrind (for Valgrind) is probably where I would start. It's on GitHub and seems reasonably "alive".

You can use SAINT: a static taint analysis tool for C to perform static taint analysis on C programs.

The tool is still in development.

Licenciado em: CC-BY-SA com atribuição

Não afiliado a StackOverflow