/tvc

The tool for bugs detection in the process of tainted data processing (based on DBI Intel PIN).

Primary LanguageC++GNU General Public License v2.0GPL-2.0

tvc (x86)

The tool for bugs detection in the process of tainted data propagation (based on DBI Intel PIN).

Requirements:

  1. Intel pin-2.13-65163-msvc10-windows (Windows compilation)
  2. Intel pin-2.13-65163-gcc.4.4.7-linux (Linux compilation)

This tool aimed to find bugs in the process of tainted data propagation in machine code (x86 architecture). Taint analyzer is taken and a little bit modified from this blog: http://shell-storm.org/blog/Taint-analysis-and-pattern-matching-with-Pin/

Usage:

pin.exe -t tvc.dll -i <syscalls_list> -o <log_file> -no_dll <1|0> -- <target_app>
-i <syscalls_list> - file that contains syscalls list which process tainted data (PTAL tainted_syscalls.in for example).
-o <log_file> - file to write results.
-no_dll 1 - tvc will not consider code in shared dll.