[Soot-list] [FlowDroid] Parameter sinks

Pierre Graux pierre.graux at inria.fr
Fri Jan 17 05:27:03 EST 2020 

Hello,

Thank you very much for your answers.

MethodSourceSinkDefinition fulfill exactly my needs.

In case other people need to use it programmatically, an example of
MethodSourceSinkDefinition creation is present in the
XMLSourceSinkParser class and, if custom sources/sinks are also
needed, an example of corresponding sources/sinks creation is in the
AccessPathBasedSourceSinkManager class.

Best regards,

Pierre


----- Mail original -----
> De: "Arzt, Steven" <steven.arzt at sit.fraunhofer.de>
> À: "Eric Bodden" <eric.bodden at uni-paderborn.de>, "Pierre Graux" <pierre.graux at inria.fr>
> Cc: "soot-list" <soot-list at CS.McGill.CA>
> Envoyé: Mardi 14 Janvier 2020 17:28:03
> Objet: RE: [Soot-list] [FlowDroid] Parameter sinks

> Hi Pierre,
> 
> if you want to detect flows that end in a method call, but are only
> interested if the tainted data ends up in a particular parameter: yes,
> FlowDroid can do that by now. Instead of the text-based source sink
> definition format, we now also have a much more expressive XML-based format.
> Here's how it works:
> 
> <sinkSources>
>	<category id="NO_CATEGORY">
>		<method signature="<com.example.androidtest.Sources:
> java.lang.String sourceTest(com.example.androidtest.MyTestObject,int)>">
>			<param index="0"
> type="com.example.androidtest.MyTestObject">
>				<accessPath isSource="false" isSink="true"
> />
>			</param>
>		</method>
>	</category>
> </sinkSources>
> 
> You can even specify complete access paths, if parameter-level is not
> expressive enough. In the code, this is handled through the
> MethodSourceSinkDefinition class.
> 
> Best regards,
>  Steven
> 
> -----Original Message-----
> From: Soot-list <soot-list-bounces at CS.McGill.CA> On Behalf Of Eric Bodden
> Sent: Dienstag, 14. Januar 2020 17:17
> To: Pierre Graux <pierre.graux at inria.fr>
> Cc: <soot-list at cs.mcgill.ca> <soot-list at CS.McGill.CA>
> Subject: Re: [Soot-list] [FlowDroid] Parameter sinks
> 
> Hi Pierre.
> 
> I am 99% sure that this has been addressed by now.
> 
> Best wishes
> Eric Bodden
> 
>> On 8. Jan 2020, at 17:18, Pierre Graux <pierre.graux at inria.fr> wrote:
>> 
>> Hello,
>> 
>> I have seen in an 2014 thread of the soot-list archives that FlowDroid
>> does not support parameter sinks
>>
> (https://mailman.cs.mcgill.ca/pipermail/soot-list/2014-October/007437.html).
>> That is FlowDroid can only consider a whole method invocation as a
>> sink.
>> 
>> Is it still the case and do we still have to use the hack described in
>> the aforementioned thread?
>> 
>> Thanks,
>> 
>> Pierre
>> _______________________________________________
>> Soot-list mailing list
>> Soot-list at CS.McGill.CA
>> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
> 
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list

More information about the Soot-list mailing list