Skip to content
/ PIN-Taint-check Public

Code for a software security project implemented for academic purposes in a graduate level course at the University of Georgia.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

McGarity99/PIN-Taint-check

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
obj-ia32
obj-ia32
 
 
testcases
testcases
 
 
README.md
README.md
 
 
makefile
makefile
 
 
makefile.rules
makefile.rules
 
 
pin.log
pin.log
 
 
pintool.log
pintool.log
 
 
proj1.cpp
proj1.cpp
 
 
test.cpp
test.cpp
 
 

Repository files navigation

PIN-Taint-check

A repository to hold the work for a C++ application that uses the Intel PIN API to perform taint-checking on bytes entered through user input.

The program taints data bytes that enter the control flow via prominent user-input channels such as command-line args, fgets, strcpy, and strncpy. These user-input bytes are stored in a hash data structure. Upon function return, the return address is validated against these tainted bytes. If user-input tainted bytes are used in a return address, then an attack (i.e., buffer overflow) has occurred. At this point, the program prints a detailed error message alerting the user to the attack and halts execution.

The uthash structure is used for tracking the tainted bytes and the Intel PIN tool is used for instrumentation of functions, which allows for capturing and tracking input parameters as well as return addresses.

About

Code for a software security project implemented for academic purposes in a graduate level course at the University of Georgia.

Topics

security cpp taint-tracking

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages