Skip to main content

Table 2 An example of detailed taint propagation process

From: ELAID: detecting integer-Overflow-to-Buffer-Overflow vulnerabilities by light-weight and accurate static analysis

Step

IR Line No.

Taint propagation

Applied rule

Initialization

-

T(taint_data)=true

Initialization

The first loop

2

T(a1) = T(taint_data)

Store rule

The second loop

1

T(x − > bar) = T(a1)

Getelementptr rule 2

 

3

T(a2) = T(x − > bar)

Getelementptr rule 1

 

4

T(b1) = T(a2)

Load rule