Skip to content
/ taint-tracking Public

A taint tracking system for primitive types in java.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Lisstem/taint-tracking

BranchesTags

Repository files navigation

Taint Tracking

A taint tracking system for primitive types in Java.

BEWARE THESISWARE!

This code is the result of my bachelor thesis. As such it was written under strict deadlines and the code contains

  • little to know documentation
  • no unit tests
  • possibly bugs
  • some shortcuts

Taint Tracking System

The system only works for the int type and some Java features like reflexion are not supported. Also checking the presence of taints is not possible.

Taints are implemented via an interface should easily be replaced. Currently only a simple boolean taint is provided.

Taints can be applied through two different methods. In the boxing method each int is replaced by a TaintedInt which contains the original int and the Tiant. In the shadow memory method a taint is added for each int.

Usage

The Taint System can be applied to a program as a Java-agent.

First build the jar with the shadowJar gradle command.

./gradlew shadowJar

The compiled jar should be build/libs/java-0.1-SNAPSHOT.jar.

Then the tainted system can be applied with

java -javaagent:<path to compiled jar>=<method> Program

method specifies the method to use:

  • box for the boxing method
  • shadow for the shadow memory method
  • none to disable taint tracking

License

The code is provided under the MIT License.

About

A taint tracking system for primitive types in java.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages