Panda__TaintQuery *__taint2_query_pandalog (Addr a, uint32_t offset) { LabelSetP ls = tp_query(shadow, a); if (ls) { Panda__TaintQuery *tq = (Panda__TaintQuery *) malloc(sizeof(Panda__TaintQuery)); *tq = PANDA__TAINT_QUERY__INIT; if (ls_returned.count(ls) == 0) { // we only want to actually write a particular set contents to pandalog once // this ls hasn't yet been written to pandalog // write out mapping from ls pointer to labelset contents // as its own separate log entry ls_returned.insert(ls); Panda__TaintQueryUniqueLabelSet *tquls = (Panda__TaintQueryUniqueLabelSet *) malloc (sizeof (Panda__TaintQueryUniqueLabelSet)); *tquls = PANDA__TAINT_QUERY_UNIQUE_LABEL_SET__INIT; tquls->ptr = (uint64_t) ls; tquls->n_label = ls_card(ls); tquls->label = (uint32_t *) malloc (sizeof(uint32_t) * tquls->n_label); el_arr_ind = 0; tp_ls_iter(ls, collect_query_labels_pandalog, (void *) tquls->label); tq->unique_label_set = tquls; } tq->ptr = (uint64_t) ls; tq->tcn = taint2_query_tcn(a); // offset within larger thing being queried tq->offset = offset; return tq; } return NULL; }
// queries taint on this addr and // if anything is tainted returns 1, else returns 0 // if there is taint, we write an entry to the pandalog. uint8_t __taint2_query_pandalog (Addr a) { uint8_t saw_taint = 0; LabelSetP ls = tp_query(shadow, a); if (ls) { saw_taint = 1; if (ls_returned.count(ls) == 0) { // we only want to actually write a particular set contents to pandalog once // this ls hasn't yet been written to pandalog // write out mapping from ls pointer to labelset contents // as its own separate log entry ls_returned.insert(ls); Panda__TaintQueryUniqueLabelSet *tquls = (Panda__TaintQueryUniqueLabelSet *) malloc (sizeof (Panda__TaintQueryUniqueLabelSet)); *tquls = PANDA__TAINT_QUERY_UNIQUE_LABEL_SET__INIT; tquls->ptr = (uint64_t) ls; tquls->n_label = ls_card(ls); tquls->label = (uint32_t *) malloc (sizeof(uint32_t) * tquls->n_label); el_arr_ind = 0; tp_ls_iter(ls, collect_query_labels_pandalog, (void *) tquls->label); Panda__LogEntry ple = PANDA__LOG_ENTRY__INIT; ple.taint_query_unique_label_set = tquls; pandalog_write_entry(&ple); free (tquls->label); free (tquls); } // safe to refer to the set by the pointer in this next message Panda__TaintQuery *tq = (Panda__TaintQuery *) malloc(sizeof(Panda__TaintQuery)); *tq = PANDA__TAINT_QUERY__INIT; tq->ptr = (uint64_t) ls; tq->tcn = taint2_query_tcn(a); // tq->offset = offset; Panda__LogEntry ple = PANDA__LOG_ENTRY__INIT; ple.taint_query = tq; pandalog_write_entry(&ple); free(tq); } return saw_taint; }
uint32_t __taint2_query_llvm(int reg_num, int offset) { LabelSetP ls = tp_query_llvm(shadow, reg_num, offset); return ls_card(ls); }
// if phys addr pa is untainted, return 0. // else returns label set cardinality uint32_t __taint2_query_ram(uint64_t pa) { LabelSetP ls = tp_query_ram(shadow, pa); return ls_card(ls); }
uint32_t __taint2_query(Addr a) { LabelSetP ls = tp_query(shadow, a); return ls_card(ls); }