[Soot-list] [Android][FlowDroid] Using FlowDroid to analyze data passed from Dalvik to Native Code
Arzt, Steven
steven.arzt at sit.fraunhofer.de
Wed Mar 13 09:02:12 EDT 2019
Hi Sumaya,
FYlowDroid processes all taints that are passed to native methods to an
INativeCallHandler implementation. If you want to apply any sort of reasoning
about the native code, such as integrating a native code analysis framework
into FlowDroid, that is indeed the interface you need to implement. In that
interface, FlowDroid calls the getTaintedValues method with the current
statement that invokes the native method, the current taint abstractions, and
the parameters that are passed to the native method. Note that the sources are
not immediately available here. However, you can always register a taint
abstraction as a result (a leak) through the InfoflowManager. In the end,
FlowDroid collects all the registered results (which are essentials taint
abstractions at statements) and identifies the corresponding sources.
Best regards,
Steven
From: Soot-list <soot-list-bounces at cs.mcgill.ca> On Behalf Of Sumaya Abdullah
A Almanee
Sent: Wednesday, March 13, 2019 3:02 AM
To: soot-list at cs.mcgill.ca
Subject: [Soot-list] [Android][FlowDroid] Using FlowDroid to analyze data
passed from Dalvik to Native Code
Hi Everyone,
I have recently started reading about and experimenting with FlowDroid. I was
wondering if FlowDroid (or a combination of FlowDroid and other tools) can be
used to track the sources of data passed to the native code (whether it is
custom or existing native libraries).
For example, in the following function of an Android app:
private native void nativeNotifyError(int var1, String var2);
I want to track the sources of the variables var1 and var2 to know what values
are passed to the nativeNotifyError function.
It seems that FlowDroid has a Native Call Handling component but I'm not quite
sure if it serves this purpose?
Thanks,
Sumaya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20190313/e16ed17a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 9148 bytes
Desc: not available
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20190313/e16ed17a/attachment-0001.p7s>
More information about the Soot-list
mailing list