Intel® C++ Compiler
Community support and assistance for creating C++ code that runs on platforms based on Intel® processors.
7944 Discussions

Does taint analysis in pintool (Pin version 3.13) works in both windows and linux ?

MehdiGhninou
Beginner
1,455 Views

Hi I have a question please, I have builded a pintool with make on windows and used pin-3.13 to run the pin tool with the command : 

pin -t taint.dll -- main.exe

 

but I did not see any results and any information about the tainted data ? Am I missing something in the pintool c++ code ? Or the functions of the pintool aren't associated with the pin-3.13 version ?

 

here is my source code of my pintool (taint.cpp) 

 

And thank you so much for your response

0 Kudos
6 Replies
ArpitaP_Intel
Moderator
1,392 Views

Hi,


Thanks for reaching out to us.

We are checking your query internally, will get back to you on the updates.


Regards,

Arpita


0 Kudos
MehdiGhninou
Beginner
1,371 Views
0 Kudos
ArpitaP_Intel
Moderator
1,309 Views

Hi,


You're using the pintool correctly. However I can see a number of issues with the pintool code.

First, you're using the wrong types.


For example, your analysis routine has the following signature


VOID ReadMem(UINT64 insAddr, std::string insDis, UINT64 memOp)


whereas according to your instrumentation it should be


VOID ReadMem(ADDRINT insAddr, ADDRINT insDis, ADDRINT memOp)


If you want to print insDis you should call: cout << (CHAR*)insDis << endl;


Also, there is a problem with the instrumentation:


if (INS_MemoryOperandIsRead(ins, 0) && INS_OperandIsReg(ins, 0))

else if (INS_MemoryOperandIsWritten(ins, 0)){


You are using operand index 0 without checking whether it's the operand that you want.

Moreover, it's not necessarily the same operand because INS_MemoryOperandIsRead(ins, 0) refers to the first *memory* operand,

and INS_OperandIsReg(ins, 0) refers to the first *generic* (memory or register) operand.

What happens if the instruction does not have a memory operand at all?


As for the syscall callback. I'd recommend adding some printouts inside the callback to see what syscall numbers you are getting. If you're not getting any data from your pintool it could be that you are not entering the if statement in the syscall callback.


Thanks


0 Kudos
ArpitaP_Intel
Moderator
1,269 Views

Hi,


Please let us know if your issue is resolved.


Thanks!


0 Kudos
MehdiGhninou
Beginner
1,249 Views

Thank you so much for your help sir. Finaly ! It works on windows system 

Thank you again !

0 Kudos
ArpitaP_Intel
Moderator
1,238 Views

Hi,


Glad to know that your issue is resolved. If you need any additional information, please post a new question as this thread will no longer be monitored by Intel.


Thanks!


0 Kudos
Reply