A hacky clang analyzer checker that looks for potentially exploitable kernel integer overflows.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
tests
.gitignore
MachInterface.h
README.md
build.sh
taint.patch

README.md

This clang analyzer checker uses taint analysis to look for integer overflows in various kernels. You can read about it here.

Run FreeBSD/Linux/XNU/Android builds using the same commands as here but replace the enabled checker with alpha.security.taint. This is not production-worthy code, there is a lot of hacking around ConstraintManager limitations.

To run tests, run ~/build/bin/llvm-lit llvm/tools/clang/test/Analysis/kernel-int-overflow-checker/*.c