[Soot-list] [Android][FlowDroid] Extending FlowDroid to track input validation along the access path
Sumaya Abdullah A Almanee
salmanee at uci.edu
Wed Apr 3 15:34:26 EDT 2019
Hi all,
Im currently using flowDroid to track taint propagations between certain
sources and sinks. I'm also trying to check whether these sources can be
controlled by an attacker and furthermore check if there is any input
validation along the path (i.e. path from source to sink). For example, if
the source is <com.google.android.mms.pdu.ReadRecInd: long *getDate*()>
which ends up getting leaked to a specific sink *X*(date) I want to track
whether there is any input validation (such as checking the format of the
date) that is applied to the info returned from *getDate()* before it gets
leaked.
I was wondering if this can be achieved by extending FlowDroid? if not, are
you aware of any related work that can assist me in achieving this?
Your help and time is greatly appreciated!
Best,
Sumaya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20190403/656253d0/attachment.html>
More information about the Soot-list
mailing list