You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like to mark the RHS as a source (tainting r1, etc), only if the argument provided to android.net.Uri.parse is content://com.android.calendar. (I am aware that may not quite be the intended usage of the tool)
Having looked around the code, issues etc. I think I need to use StatementSourceSinkDefinition (AFAICT there's no way to do it out-of-the-box with PermissionMethodParser or XMLSourceSinkParser) but I am a bit confused as to:
The stmt parameter - that would be a StaticInvokeExpr, correct? I can create one using Jimple.v().newStaticInvokeExpr.
The local parameter - I don't necessary want to limit myself to a specific local (e.g. r1), as I would run it on multiple apps and the local name would not be the same (also I'm not quite sure how I would know the local without analyzing the code myself) - although it's entirely possible I've misunderstood the parameter's purpose.
How I would go about using it - AFAICT I would need to create a new ISourceSinkDefinitionProvider and return a StatementSourceSinkDefinition inside its getSources() - would that be enough? I would use that in conjunction with PermissionMethodParser.
Thanks for your help.
The text was updated successfully, but these errors were encountered:
Your request is perfectly fine and FlowDroid can handle this. There are two approaches.
a) Implement your own ISourceSinkManager. For every reachable statement in the program, this class is queried whether the statement is a source, a sink, neither or both. You can then check whether it's a call to the method you want, check the parameter, and then return the correct indication. If you want the normal behavior for all other methods, just pass the query on to a normal AndroidSourceSinkManager if the statement doesn't need special-casing.
b) Implement a StatementSourceSinkDefinition and pass that to the existing ´´SourceSinkManager. The concept is a bit different here. The other definitions refer to APIs, e.g., match all calls to a method with a given signature. The StatementSourceSinkDefinition, on the other hand, reference a concrete statement in the Jimple code. That's your misunderstanding. You need to loop over the Jimple IR and creates instances of StatementSourceSinkDefinitionfor every statement that you want to consider as a source. In the constructor, you pass the respective statement and the local you want to track at that statement. You don't have oneStatementSourceSinkDefinition`` globally, but one per statement in the Jimple IR.
Hello,
I'm trying to add some kind of parameter filtering to the source definitions. To explain:
Given a Jimple statement such as:
I would like to mark the RHS as a source (tainting
r1
, etc), only if the argument provided toandroid.net.Uri.parse
iscontent://com.android.calendar
. (I am aware that may not quite be the intended usage of the tool)Having looked around the code, issues etc. I think I need to use
StatementSourceSinkDefinition
(AFAICT there's no way to do it out-of-the-box withPermissionMethodParser
orXMLSourceSinkParser
) but I am a bit confused as to:stmt
parameter - that would be aStaticInvokeExpr
, correct? I can create one usingJimple.v().newStaticInvokeExpr
.local
parameter - I don't necessary want to limit myself to a specific local (e.g.r1
), as I would run it on multiple apps and the local name would not be the same (also I'm not quite sure how I would know the local without analyzing the code myself) - although it's entirely possible I've misunderstood the parameter's purpose.ISourceSinkDefinitionProvider
and return aStatementSourceSinkDefinition
inside itsgetSources()
- would that be enough? I would use that in conjunction withPermissionMethodParser
.Thanks for your help.
The text was updated successfully, but these errors were encountered: