Closed 0ca closed 8 years ago
I added two flags in globals.cpp:
#define ENABLE_TAINTING_ENGINE true
#define ENABLE_SYMBOLIC_ENGINE true
But when I disable the symbolic engine the tainting engine is not working. I reported this "bug" to triton: https://github.com/JonathanSalwan/Triton/issues/379
Jonathan fixed it: https://github.com/JonathanSalwan/Triton/issues/379
Now it is possible to disable the symbolic engine and do only taint analysis.
The plugin could be use just to do tainting analysis and know which instructions of the program are tainted and this is different to make a symbolic execution analysis where all the formulas (from the tainted instructions) are being generated.
Tainting analysis should be quite more light than symbolic execution. So in some scenarios it could be useful to allow the user just to do tainting without symbolic.