Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do I make Flowdroid to produce Taint path of all identified sources. #757

Open
marshalwahlexyz1 opened this issue Aug 23, 2024 · 1 comment
Open

How do I make Flowdroid to produce Taint path of all identified sources. #757

marshalwahlexyz1 opened this issue Aug 23, 2024 · 1 comment

Comments

@marshalwahlexyz1
Copy link

To provide more clarification

I am working on analyzing Andoroid Apps, I included API used to retrieve contact,sms and media in the source and sink file.

Flowdroid does identify sources and sinks but does not detect a leak when infact data was tainted using those methods (this was confirmed b6y manualy inspecting the code as when data was tainted it ends up in a network connection, it was also confirmed dynamically using FRida to hook into the methods along that path.)

However flowdroid is not detecting this as a leak. but all i need is to be able to see the taint path for each source it analyzes.

This is the output from Flowdroid showing it finds 69 sources and 8 sinks. Na it detects 0 leaks.

[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Looking for sources and sinks...
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Source lookup done, found 69 sources and 8 sinks.
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Taint wrapper hits: 0
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Taint wrapper misses: 0
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - IFDS problem with 69 forward and 0 backward edges solved in 0 seconds, processing 0 results...
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Current memory consumption: 514 MB
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Memory consumption after cleanup: 255 MB
[main] INFO soot.jimple.infoflow.memory.MemoryWarningSystem - Shutting down the memory warning system...
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Memory consumption after path building: 255 MB
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Path reconstruction took 0 seconds
[main] WARN soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - No results found.
[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Data flow solver took 2 seconds. Maximum memory consumption: 514 MB
[main] INFO soot.jimple.infoflow.android.SetupApplication - Found 0 leaks from 0 sources

My question is: How do I make Flowdroid produce Taint Path for all the identified sources regardless of if a leak is detected or not?
@marshalwahlexyz1
Copy link
Author

@t1mlange @StevenArzt Please your insight and comment on this would be highly appreciated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@marshalwahlexyz1