search

proganalysis / type-inference

Automatically exported from code.google.com/p/type-inference
Other
26 stars 23 forks source link

Androi Apps Results #5

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1.
2.
3.

What is the expected output? What do you see instead?

Please use labels and text to provide additional information.

Original issue reported on code.google.com by dongya...@gmail.com on 13 Sep 2013 at 4:09

Attachments:

GoogleCodeExporter commented 9 years ago 
Fixed:
Callbacks_LocationLeak1
Callbacks_LocationLeak2
Callbacks_LocationLeak3
FieldAndObjectSensitivity_FieldSensitivity3
Lifecycle_ActivityLifecycle3
Lifecycle_ServiceLifecycle1

False positive:
Callbacks_MultiHandlers1: Due to object sensitivity (I think)
ArraysAndLists_ArrayAccess1: type imprecision 
ArraysAndLists_ArrayAccess2: type imprecision
ArraysAndLists_ListAccess1: type imprecision
FieldAndObjectSensitivity_FieldSensitivity4: Due to flow sensitivity
FieldAndObjectSensitivity_ObjectSensitivity2: flow sensitivity
GeneralJava_UnreachableCode: We are not whole-program analysis...

True negative: We don't handle implicit flow
GeneralJava_Exceptions4
ImplicitFlows_ImplicitFlow1
ImplicitFlows_ImplicitFlow2
ImplicitFlows_ImplicitFlow3
ImplicitFlows_ImplicitFlow4

Original comment by csweihu...@gmail.com on 16 Sep 2013 at 7:56

GoogleCodeExporter commented 9 years ago 
AndroidSpecific_PrivateDataLeak1: I don't think there is a leak, because 
"sendMessage" isn't called in the life circle of Activity.

Original comment by csweihu...@gmail.com on 16 Sep 2013 at 8:05

GoogleCodeExporter commented 9 years ago 
New Test Results:

False Positive:

AndroidSpecific_InactiveActivity
SUB-102: InactiveActivity.java:27(213):VAR_imei{@Secret}  <:  
(InactiveActivity.java:29(221):EXP_Log.i("INFO", imei){@Secret} =m=> 
zLIB:android.util.Log:0(226):VAR_arg1{@Tainted})

ArraysAndLists_ArrayAccess1
SUB-153: 
(ArrayAccess1.java:39(308):EXP_arrayData[ArrayAccess1.java:39(309):#INTERNAL#]{@
Secret} =f=> ArrayAccess1.java:39(309):#INTERNAL#{@Poly})  <:  
ArrayAccess1.java:39(307):EXP_arrayData[2]{@Tainted}

ArraysAndLists_ListAccess1
SUB-187: (ListAccess1.java:27(242):THIS_onCreate(android.os.Bundle){@Secret} 
=f=> 
ListAccess1.java:25(239):VAR_listData:[ListAccess1.java:25(240):#INTERNAL#]{@Pol
y})  <:  
ListAccess1.java:38(342):EXP_listData:[ListAccess1.java:38(343):#INTERNAL#]{@Tai
nted}

FieldAndObjectSensitivity_FieldSensitivity4
SUB-122: (FieldSensitivity4.java:30(258):VAR_data1{@Secret} =f=> 
FieldSensitivity4.java:39(286):VAR_value{@Poly})  <:  
FieldSensitivity4.java:33(285):EXP_data1.value{@Tainted}

FieldAndObjectSensitivity_ObjectSensitivity2
1: 
SUB-157: (OverwiteValue.java:28(261):VAR_ds{@Secret} =f=> 
DataStore.java:4(229):VAR_field{@Poly})  <:  
OverwiteValue.java:41(332):EXP_ds.field{@Tainted}
2: 
SUB-152: OverwiteValue.java:27(260):VAR_var{@Secret}  <:  
(OverwiteValue.java:39(298):VAR_sms{@Secret} =m=> 
zLIB:android.telephony.SmsManager:0(310):VAR_arg2{@Tainted}

Negative Positive:
AndroidSpecific_PrivateDataLeak1
Callbacks_AnonymousClass1 (There are two leaks, only catch one)
Callbacks_Button2 (There are two potential leaks, only catch one)
Callbacks_LocationLeak3 (There are two leaks, only catch one)
GeneralJava_Exceptions4
ImplicitFlows_ImplicitFlow2
ImplicitFlows_ImplicitFlow3
ImplicitFlows_ImplicitFlow4

PS: When run the program, there are warnings like:
Lifecycle_ActivityLifecycle4/src/de/ecspride/MainActivity.java:25: warning: 
onCreate(android.os.Bundle) in de.ecspride.MainActivity cannot override 
onCreate(android.os.Bundle) in android.app.Activity; attempting to use an 
incompatible receiver type
    protected void onCreate(Bundle savedInstanceState) {
                   ^
  found   : @Mutable @Secret MainActivity
  required: @Mutable @Poly Activity

Original comment by dongya...@gmail.com on 17 Sep 2013 at 3:34