DataFlowSanitizer

E292718

DataFlowSanitizer is an LLVM-based dynamic data flow analysis tool used to track and detect the propagation of untrusted or tainted data at runtime.

All labels observed (1)

Label Occurrences
DataFlowSanitizer canonical 1

How this entity was disambiguated

Statements (48)

Predicate Object
instanceOf LLVM sanitizer
dynamic data flow analysis tool
taint analysis tool
analysisType dynamic analysis
approach shadow memory for taint metadata
basedOn LLVM
category program analysis tool
security analysis tool
software testing tool
configuration taint labels for data sinks
taint labels for data sources
detects improper propagation of untrusted data
tainted data reaching sensitive sinks
developedBy LLVM
surface form: LLVM project
documentation LLVM sanitizer documentation
focus security-related data flow properties
goal enforce data flow policies at runtime
help developers find security issues related to untrusted data
granularity byte-level taint tracking
implements dynamic data flow analysis
instrumentationType compile-time instrumentation
integratedInto Clang
LLVM
surface form: LLVM compiler toolchain
license open source
limitation requires source-level or build-system changes
runtime performance overhead
monitors data flows between memory locations
data flows between program variables
operatesAt runtime
platform Linux
Unix-like systems
relatedTo AddressSanitizer
MemorySanitizer
ThreadSanitizer
requires compilation with Clang/LLVM
recompilation of target program
supports multiple taint sinks
multiple taint sources
taint tracking
user-defined taint labels
target C programs
C++ programs
tracks propagation of tainted data
propagation of untrusted data
useCase detecting use of untrusted inputs
information flow tracking
security analysis
vulnerability detection

How these facts were elicited

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

LLVM hasComponent DataFlowSanitizer