Struct TaintTracker

Source

pub struct TaintTracker { /* private fields */ }

Expand description

Tracks taint through a single execution session.

This is the main interface for cross-function taint tracking in the Rust core. It maintains the set of sources and sinks, and records confirmed taint flows.

Implementations§

Source §

impl TaintTracker

Source

pub fn new() -> Self

Create a new empty taint tracker.

Source

pub fn register_source( &mut self, api: impl Into<String>, description: impl Into<String>, ) -> TaintLabel

Register a new taint source.

Returns the assigned taint label for this source. CRITICAL FIX: Uses saturating arithmetic to prevent overflow.

Source

pub fn register_sink( &mut self, api: impl Into<String>, dangerous_args: Vec<usize>, severity: Severity, cwe: impl Into<String>, )

Register a new taint sink.

Source

pub fn is_source(&self, api: &str) -> Option<&Source>

Check if an API is a registered source.

Source

pub fn is_sink(&self, api: &str) -> Option<&Sink>

Check if an API is a registered sink.

Source

pub fn apply_source_taint(&self, api: &str, value: Value) -> Value

Apply taint to a value returned from a source API.

If the API is a registered source, the value is marked with the corresponding taint label. Otherwise, the value is returned unchanged.

Source

pub fn check_sink(&mut self, api: &str, args: &[Value]) -> Option<TaintFlow>

Check for taint flows at a sink API call.

If any of the dangerous arguments are tainted, records a taint flow and returns it. Returns None if no tainted data reached the sink.

Source

pub fn flows(&self) -> &[TaintFlow]

Get all recorded taint flows.

Source

pub fn take_flows(&mut self) -> Vec<TaintFlow>

Take all recorded taint flows (clears internal list).

Source

pub fn has_flows(&self) -> bool

Returns true if any taint flows were recorded.

Source

pub fn flow_count(&self) -> usize

Count of confirmed taint flows.

Source

pub fn sources(&self) -> &HashMap<String, Source>

Get all registered sources.

Source

pub fn sinks(&self) -> &HashMap<String, Sink>

Get all registered sinks.

Trait Implementations§

Source §

impl Debug for TaintTracker

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl Default for TaintTracker

Source §

fn default() -> TaintTracker

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl UnwindSafe for TaintTracker

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §