Track multiple variables with the same query

CodeShield-Security / SPDS

Efficient and Precise Pointer-Tracking Data-Flow Framework

Eclipse Public License 2.0

66 stars 12 forks source link

Track multiple variables with the same query #27

Open tomkurtz opened 3 years ago

tomkurtz commented 3 years ago

Hello,

Is it possible to create a query that will track two variables? For example:

void main() {
    foo();
    bar();
}

void foo() {
    queryTarget("a1", "b1");
}

void bar() {
    queryTarget("a2", "b2");
}

void queryTarget(String x, String y) {}

Given that my entry point is main, if I query x, I would get a1 and a2. Then if I query y, I would get b1 and b2. Obviously the results I expect are the sets (a1,b1) and (a2,b2), and NOT (a1,b2) or (a2,b1). How can this be done?

Thanks, Tom

johspaeth commented 3 years ago

HI @tomkurtz

that is indeed possible and similar to what has been implemented in this class which allows to trigger multiple queries and share their contexts in between.

I.e. you would trigger the first query for x under the context of foo or bar and then you can also trigger a second query for y under the same context.

For your case the logic referenced abot might need some slight adoption though.