Systems and/or software can be exploited through user input. In particular, malicious input can be used to gain control over a system, which may result in the compromise of thousands of computer systems and/or software applications and possibly cause financial harm.
One method of finding code that can be exploited through user input is manual code inspection. However, manual code inspection may be time-consuming, repetitive, and tedious. Accordingly, bug checking tools that use static program analysis have been developed to identify source code that is explicitly data dependent from user input within the software. Bug checking tools track and mark data from untrusted sources (e.g., user input and/or other external data source) as tainted data by tracking explicit data dependencies from external data. Specifically, if a value on the right-hand side of an assignment is tainted, then the variable on the left-hand side is also considered tainted since the variable on is explicitly data dependent on the right-hand side of the assignment. Thereafter, all tainted values may be inspected manually to find software code that can be exploited through user input. Accordingly, tracking data dependencies provides a way to identify code reachable by user input through data dependencies and reduces the amount of code that has be inspected manually to check for potential exploitation.