drtaint
drtaint copied to clipboard
toshipiazza
Very WIP taint analysis for DynamoRIO (ARM)
I have found DynamoRIO offers rich APIs to operate for instrumentation. I noticed that most of us used drx_buf_insert_buf_store to store the value retrieved. I am wondering about the differences...
small fix to provide an alternative to the hardcoded paths. small question - on ARM32/AARCHXX dynamorio forever loops for me when I insert instrumentations around OP_strex. did you notice the...
Should have an options struct that controls taint propagation dials, as well as IR-level design issues. For example: 1. Should PC be explicitly tainted, i.e. on `blx r0`. The taint...
Core functionality is not yet completed. Urgent: - [ ] Finish implementing all non-SIMD instructions - [x] Add getters and setters for register/memory taint under `drtaint_` namespace - [ ]...
32-bit users of Umbra require custom fault handling logic when writing to a read-only page shared shadow memory page. Currently, we write the last app address to a spill slot,...