Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.
We define taint propagation informally to mean that a substantial part of
the information from the source is preserved at the sink. For example, taint
x + 100, but it does not propagate from
x > 100 since we consider a single bit of information to be too little.
To use global (interprocedural) taint tracking, extend the class
TaintTracking::Configuration as documented on that class. To use local
(intraprocedural) taint tracking between expressions, call
TaintTracking::localExprTaint. For more general cases of local taint
TaintTracking::localTaintStep with arguments of type
Provides a library for local (intra-procedural) and global (inter-procedural) data flow analysis: deciding whether data can flow from a source to a sink. This library differs from the one in