Taint analysis
Taint analysis
(also taint checking, data tainting)
Taint analysis definition
A process to determine what impact user input can have on a system’s security. Malicious users can enter tainted data to cause problems to apps and operating systems at vulnerable points (known as sensitive sinks).
Real taint analysis examples
1989: the Perl programming language starts supporting taint checking in setuid scripts from version 3.0.
1996: Netscape implements taint checking for JavaScript in Netscape Navigator 3.
