Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for tracking taints from socket reads, similar to how we handle STDIN #6488

Closed
ESultanik opened this issue Sep 14, 2022 · 1 comment · Fixed by #6511
Closed

Add support for tracking taints from socket reads, similar to how we handle STDIN #6488

ESultanik opened this issue Sep 14, 2022 · 1 comment · Fixed by #6511
Assignees
@hbrodin
Labels
enhancement New feature or request

Comments

@ESultanik
Copy link
Collaborator

No description provided.

@hbrodin hbrodin self-assigned this Nov 8, 2022
@hbrodin
Copy link
Collaborator

hbrodin commented Nov 8, 2022

Rough plan:

  1. Add test case for stdin
  2. Implemente stdin
  3. Add test case for socket reads
  4. Implement socket reads
  5. Consider if taint sources shall be refactored to support multiple distinct types of taint-sources (consider comment in Refactor TDAG-format, differentiate taint sources #6490).

@hbrodin hbrodin mentioned this issue Nov 9, 2022
Closed
hbrodin added a commit that referenced this issue Nov 21, 2022
@hbrodin
Support for streaming inputs such as stdin and sockets as taint source
6ee6d9c 
Upon connect/accept a taint source name will be derived from the involved parties.
This implementation supports AF_INET sockets.

Enabled instrumentation of a couple of functions such as getchar and others.
Tracks read offsets via per source index counters.

Refactor program_trace fixture to use smaller fixtures

Fixes #6501
Closes #6488
hbrodin added a commit that referenced this issue Nov 21, 2022
@hbrodin
Support for streaming inputs such as stdin and sockets as taint source
4f1915f 
Upon connect/accept a taint source name will be derived from the involved parties.
This implementation supports AF_INET sockets.

Enabled instrumentation of a couple of functions such as getchar and others.
Tracks read offsets via per source index counters.

Refactor program_trace fixture to use smaller fixtures

Fixes #6501
Closes #6488
@hbrodin hbrodin mentioned this issue Nov 21, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hbrodin hbrodin

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support for streaming inputs such as stdin and sockets as taint source trailofbits/polytracker
2 participants
@ESultanik @hbrodin