Skip to main content

TaintSource

dotscope::emulation

Enum TaintSource 

pub enum TaintSource {
    Unknown,
    Parameter(u16),
    Local(u16),
    Field(u32),
    StaticField(u32),
    ArrayElement,
    MethodReturn(u32),
    UserInput,
    ExternalData,
    Computation,
    Constant,
    Exception,
}
Expand description

Source/origin of a symbolic value for taint tracking.

Taint sources identify where symbolic values originate, enabling data flow analysis and security auditing. Some sources are considered “tainted” (potentially malicious), while others are neutral.

§Taint Propagation

When operations are performed on tainted values, the result is also tainted. The TaintSource::Computation variant is used for values derived from other values.

Variants§

§

Unknown

Origin is unknown.

This is the default for values that cannot be tracked. Not considered tainted.

§

Parameter(u16)

Value comes from a method parameter.

Parameters are considered tainted because they come from outside the current method’s control.

§

Local(u16)

Value comes from a local variable that was initialized symbolically.

Locals are considered tainted if they were never assigned a concrete value.

§

Field(u32)

Value comes from a field load.

The u32 is the field’s metadata token.

§

StaticField(u32)

Value comes from a static field load.

Static fields are potentially tainted as they can be modified by other code.

§

ArrayElement

Value comes from an array element load.

§

MethodReturn(u32)

Value comes from a method return value.

The u32 is the called method’s metadata token.

§

UserInput

Value comes from external/user input (e.g., Console.ReadLine).

Always tainted - represents potentially malicious data.

§

ExternalData

Value comes from a file, network, or other external source.

Always tainted - represents potentially malicious data.

§

Computation

Value was computed from other values.

Taint status depends on the input values’ taint status. If any input is tainted, the computation result is tainted.

§

Constant

Value comes from a constant in the metadata.

Constants are not tainted as they are embedded in the assembly.

§

Exception

Value comes from exception handling (catch block).

Implementations§

§

impl TaintSource

pub fn is_tainted(&self) -> bool

Returns true if this source is considered tainted.

Tainted sources include:

  • User input
  • External data
  • Parameters (untrusted input)
  • Fields (can be modified externally)
  • Array elements (contents can change)
  • Method returns (behavior unknown)

pub fn description(&self) -> &'static str

Returns a human-readable description of this source.

Trait Implementations§

§

impl Clone for TaintSource

§

fn clone(&self) -> TaintSource

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
§

impl Debug for TaintSource

§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
§

impl Display for TaintSource

§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
§

impl Hash for TaintSource

§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
§

impl PartialEq for TaintSource

§

fn eq(&self, other: &TaintSource) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
§

impl Eq for TaintSource

§

impl StructuralPartialEq for TaintSource

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, A> IntoAst<A> for T
where T: Into<A>, A: Ast,

Source§

fn into_ast(self, _a: &A) -> A

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.