no taint from scanf

Question

no taint from scanf

Opened this issue 4 years ago · 2 comments

If the input data is read by fscanf, it seems the data will not be tainted?

Answer 1 · 2021-09-15T15:33:57.000Z

That's possible – our taint system only looks at read and pread, and only looks at actual files (no stdin). If fscanf is using some other mechanism, or is reading from stdin, then you will have to add support for that in the file_taint plugin, or modify the target so that it reads from one of the supported sources.

Answer 2 · 2021-09-15T22:59:06.000Z

If fscanf is from a file, would that not correspond to sys_read, though? So it depends, maybe.

…

On Wed, Sep 15, 2021 at 11:34 AM Brendan Dolan-Gavitt < ***@***.***> wrote: That's possible – our taint system only looks at read and pread, and only looks at actual files (no stdin). If fscanf is using some other mechanism, or is reading from stdin, then you will have to add support for that in the file_taint plugin, or modify the target so that it reads from one of the supported sources. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#46 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAZ2OBYXCBZYLFCV24RI7PDUCC4HBANCNFSM4UPD5X4A> .

-- When I see an adult on a bicycle, I do not despair for the future of the human race. - H. G.Wells