smover
commented
7 years ago It seems in another sable related project (soot-inflow-android, used by flowdroid) they parse the manifest https://github.com/secure-software-engineering/soot-infoflow-android/blob/develop/src/soot/jimple/infoflow/android/manifest/ProcessManifest.java
They have a method addPermission there.
The project is: https://github.com/secure-software-engineering/soot-infoflow-android
From the flowdroid page:
soot-infoflow – This contains a generic taint analysis.
soot-infoflow-android – This models the Android lifecycle etc.
If the instrumented app does not have the permission for network communications then the instrumentation will not work. Currently we are adding this manually but it would be nice to do it automatically.