no taint from scanf
Opened this issue · 2 comments
liangjs commented
If the input data is read by fscanf, it seems the data will not be tainted?
moyix commented
That's possible – our taint system only looks at read
and pread
, and only looks at actual files (no stdin). If fscanf
is using some other mechanism, or is reading from stdin, then you will have to add support for that in the file_taint
plugin, or modify the target so that it reads from one of the supported sources.
tleek commented
If fscanf is from a file, would that not correspond to sys_read, though?
So it depends, maybe.
…On Wed, Sep 15, 2021 at 11:34 AM Brendan Dolan-Gavitt < ***@***.***> wrote:
That's possible – our taint system only looks at read and pread, and only
looks at actual files (no stdin). If fscanf is using some other
mechanism, or is reading from stdin, then you will have to add support for
that in the file_taint plugin, or modify the target so that it reads from
one of the supported sources.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#46 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAZ2OBYXCBZYLFCV24RI7PDUCC4HBANCNFSM4UPD5X4A>
.
--
When I see an adult on a bicycle, I do not despair for the future of the
human race. - H. G.Wells