CONTEXT-SENSITIVE TAINT ANALYSIS
First Claim
Patent Images
1. A processor-readable medium storing code representing instructions that when executed at a processor cause the processor to:
- identify a taint processing applied to a tainted value of an application;
determine an output context of the application associated with output of the tainted value from the application; and
generate a notification if the taint processing is incompatible with the output context.
8 Assignments
0 Petitions
Accused Products
Abstract
In one implementation, a taint processing applied to a tainted value of an application is identified and an output context of the application associated with output of the tainted value is determined. A notification is generated if the taint processing is incompatible with the output context.
31 Citations
20 Claims
-
1. A processor-readable medium storing code representing instructions that when executed at a processor cause the processor to:
-
identify a taint processing applied to a tainted value of an application; determine an output context of the application associated with output of the tainted value from the application; and generate a notification if the taint processing is incompatible with the output context. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A context-sensitive taint analysis system, comprising:
-
a taint monitor to monitor a taint processing of a tainted value of an application; a output context monitor to monitor a current output context from a plurality of output contexts of the application; and an analysis module to determine that the tainted value is associated with output of the current output context and to determine whether the taint processing applied to the tainted value is compatible with the current output context. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A context-sensitive taint analysis method, comprising:
-
updating a processing state associated with each tainted value from a plurality of tainted values in response to each taint processing from a plurality of taint processings applied to that tainted value; updating an output context identifier associated with an application including the plurality of tainted values in response to output from the application; and comparing the processing state of a tainted value from the plurality of tainted values with the output context identifier if that tainted value is output from the application. - View Dependent Claims (17, 18, 19, 20)
-
Specification