Open liangjs opened 3 years ago
moyix
commented
3 years ago That's possible – our taint system only looks at read and pread, and only looks at actual files (no stdin). If fscanf is using some other mechanism, or is reading from stdin, then you will have to add support for that in the file_taint plugin, or modify the target so that it reads from one of the supported sources.
tleek
commented
3 years ago If fscanf is from a file, would that not correspond to sys_read, though? So it depends, maybe.
On Wed, Sep 15, 2021 at 11:34 AM Brendan Dolan-Gavitt < @.***> wrote:
That's possible – our taint system only looks at read and pread, and only looks at actual files (no stdin). If fscanf is using some other mechanism, or is reading from stdin, then you will have to add support for that in the file_taint plugin, or modify the target so that it reads from one of the supported sources.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/panda-re/lava/issues/46#issuecomment-920128264, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAZ2OBYXCBZYLFCV24RI7PDUCC4HBANCNFSM4UPD5X4A .
-- When I see an adult on a bicycle, I do not despair for the future of the human race. - H. G.Wells
If the input data is read by fscanf, it seems the data will not be tainted?