Fernando Magno Quintao Pereira
2015-Feb-20 15:27 UTC
[LLVMdev] LLVM based tainted flow analysis
Dear LLVMers, we have put on-line a tainted flow analysis tool based on LLVM. In other words, we find, in the program's dependence graph, if there is a path between a source of information and a consumer. The analysis is interprocedural. So far, we have used our tool, FlowTracker, to find address leaks in LLVM bytecodes. Now, we are using it to uncover time-based side channels in the implementation of crypto algorithms. At this point, we are looking for more users, to either points us out bugs in the tool, or to suggest improvements. Benchmarks are also welcome. The link to the tool is here: http://cuda.dcc.ufmg.br/flowtracker/ The main developer is Bruno Rodrigues <brunors172 at gmail.com>. Our page is based on the old LLVM demo page. Regards, Fernando