Module TaintTrackingUtil
DEPRECATED: Use semmle.code.cpp.dataflow.new.DataFlow
instead.
Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.
We define taint propagation informally to mean that a substantial part of
the information from the source is preserved at the sink. For example, taint
propagates from x
to x + 100
, but it does not propagate from x
to x > 100
since we consider a single bit of information to be too little.
Import path
import semmle.code.cpp.dataflow.internal.TaintTrackingUtil
Predicates
defaultAdditionalTaintStep | Holds if the additional step from |
defaultImplicitTaintRead | Holds if default |
defaultTaintSanitizer | Holds if |
localAdditionalTaintStep | Holds if taint can flow in one local step from |
localExprTaint | Holds if taint can flow from |
localTaint | Holds if taint may propagate from |
localTaintStep | Holds if taint propagates from |