https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106007
--- Comment #2 from David Malcolm <dmalcolm at gcc dot gnu.org> --- Currently the taint analysis only has handling for numeric arguments being bounds-checked. How can string arguments transition to a "sanitized" state? Or are string arguments always tainted once they've acquired taint?
