[Soot-list] [Android][FlowDroid] Using FlowDroid to analyze data passed from Dalvik to Native Code
Sumaya Abdullah A Almanee
salmanee at uci.edu
Thu Mar 14 00:55:22 EDT 2019
Thank you so much for your detailed response Steven!
So if I understand correctly I can register all *native* methods as sinks
(since I'm mainly interested in analyzing the sources of the arguments
passed to native code) then FlowDroid will collect these registered sinks
and return the corresponding sources. correct?
Can you also elaborate a bit on what you mean by registering a taint
abstraction? Are you referring to something similar to this
<https://github.com/secure-software-engineering/FlowDroid/blob/master/soot-infoflow-android/SourcesAndSinks.txt>
Thanks again for your help! I really appreciate it!
On Wed, Mar 13, 2019 at 6:03 AM Arzt, Steven <steven.arzt at sit.fraunhofer.de>
wrote:
> Hi Sumaya,
>
>
>
> FYlowDroid processes all taints that are passed to native methods to an
> INativeCallHandler implementation. If you want to apply any sort of
> reasoning about the native code, such as integrating a native code analysis
> framework into FlowDroid, that is indeed the interface you need to
> implement. In that interface, FlowDroid calls the getTaintedValues method
> with the current statement that invokes the native method, the current
> taint abstractions, and the parameters that are passed to the native
> method. Note that the sources are not immediately available here. However,
> you can always register a taint abstraction as a result (a leak) through
> the InfoflowManager. In the end, FlowDroid collects all the registered
> results (which are essentials taint abstractions at statements) and
> identifies the corresponding sources.
>
>
>
> Best regards,
>
> Steven
>
>
>
> *From:* Soot-list <soot-list-bounces at cs.mcgill.ca> *On Behalf Of *Sumaya
> Abdullah A Almanee
> *Sent:* Wednesday, March 13, 2019 3:02 AM
> *To:* soot-list at cs.mcgill.ca
> *Subject:* [Soot-list] [Android][FlowDroid] Using FlowDroid to analyze
> data passed from Dalvik to Native Code
>
>
>
> Hi Everyone,
>
>
>
> I have recently started reading about and experimenting with FlowDroid. I
> was wondering if FlowDroid (or a combination of FlowDroid and other tools)
> can be used to track the sources of data passed to the native code (whether
> it is custom or existing native libraries).
>
> For example, in the following function of an Android app:
>
>
>
> *private native void* nativeNotifyError(*int* var1, *String* var2);
>
>
>
> I want to track the sources of the variables var1 and var2 to know what
> values are passed to the nativeNotifyError function.
>
> It seems that FlowDroid has a *Native Call Handling* component but I'm
> not quite sure if it serves this purpose?
>
>
>
> Thanks,
>
> Sumaya
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20190313/ae08d555/attachment.html>
More information about the Soot-list
mailing list