Hi,
I have a C program and I want to track all branch conditions which belong
to an execution path corresponding to a concrete input. For example,
consider a simple program:
#include <stdio.h>
#include <string.h>
int test(char* a) {
if (strcmp(a, "123") == 0)
return 0;
if (strcmp(a, "123") < 0)
return -1;
else
return 1;
}
int main() {
char* a;
return test (a);
}
With a = "1234", the program return 1 and the corresponding path condition
is strcmp(a, "123") > 0. I want to collect strcmp, "123" and value of this
operator (1). I first thought about working with some C parser but seems
like its not that simple. To get the values of parameters we have to deal
with pointer analysis or external library call, which I don't know how to
solve.
Then I made several searches and come to valgrind. I read around the
documentation and tool description. It's so expressive that valgrind
supports many useful tools. I'm thinking to use *Callgrind *to solve my
problem, but I'm not sure whether its a right choice. Could you please give
me some suggestion? Is this a possible approach and how can I process this
way?
Thank you,
--
Loi, Luu The (Mr.)
RA at Security Lab, SoC, NUS
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users
