Module TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

We define taint propagation informally to mean that a substantial part of the information from the source is preserved at the sink. For example, taint propagates from x to x + 100, but it does not propagate from x to x > 100 since we consider a single bit of information to be too little.

Import path

semmle.code.cpp.dataflow.TaintTracking

Imports

DataFlow

Provides a library for local (intra-procedural) and global (inter-procedural) data flow analysis: deciding whether data can flow from a source to a sink.

DataFlow2

Provides a DataFlow2 module, which is a copy of the DataFlow module. Use this class when data-flow configurations must depend on each other. Two classes extending DataFlow::Configuration should never depend on each other, but one of them should instead depend on a DataFlow2::Configuration, a DataFlow3::Configuration, or a DataFlow4::Configuration.

Modules