taint-analysis-in-practice.md (473B)
1 +++ 2 title = 'Taint analysis in practice' 3 +++ 4 # Taint analysis in practice 5 What to taint: 6 - data coming from network for attack detection 7 - program input for analysis 8 9 How to propagate taint; 10 - on move and arithmetic instructions 11 - clean when you store a constant 12 - don't propagate on implicit flows and tainted pointers 13 14 How to use taint 15 - for attack detection, check targets of control flow instructions 16 - for program analysis, monitor syscalls/lib calls/cmp instructions