Hi,
For a project I'm working on, I am attempting to follow symbolic values through the Linux kernel, and see what their effects are in certain places for the purpose of vulnerability analysis.
As a specific example, I for instance want to see whether some user input (that is marked as a symbolic value) or data that is dependent on this input reaches some MOV instruction in the kernel, and determine what this MOV instruction could do (e.g., what range of addresses could this instruction load data from).
Hence, I was wondering whether it is possible for me at all to reason about instructions in the guest at this level, by observing the instructions themselves and their operands from S2E in the host, and if there is existing code that can help me do this (and if not, what a good starting point for me would be to create it)?
Kind regards,
Dave