Closed AndreyPesnyak closed 1 year ago
Hello. I continue experimenting with android app and flowdroid. I wrote another application with following sources:
var text = intent.getStringExtra("string") // <- source text?.let { it.replace("a", "b") val cv2 = ContentValues() cv2.put("string", it) val dbHelper = DBHelper(this) val db: SQLiteDatabase = dbHelper.getWritableDatabase() val i = db.insert("mytable", null, cv2) // <- sink Log.w("SINK6", db.toString()) // <-sink }
sources and sinks:
<android.content.Intent: java.lang.String getStringExtra(java.lang.String)> -> _SOURCE_ <android.util.Log: int w(java.lang.String,java.lang.String)> -> _SINK_ <android.database.sqlite.SQLiteDatabase: long insert(java.lang.String,java.lang.String,android.content.ContentValues)> -> _SINK_
running command
java -jar soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar -s "D:\PentestBox\vendor\FlowDroid\soot-infoflow-android\test.txt" -a "D:\AndroidProjects\flowdroidtest\app\build\outputs\apk\debug\app-debug.apk" -p "D:\AndroidSDK\platforms" -o "test.xml" -d -cp -i ALL
Program found 2 paths, but they are not correct, because it ignore ContentValues.put method:
-> <com.example.flowdroidtest.MainActivity: void onCreate(android.os.Bundle)> -> $r3 = virtualinvoke $r2.<android.content.Intent: java.lang.String getStringExtra(java.lang.String)>("string") -> <com.example.flowdroidtest.MainActivity: void onCreate(android.os.Bundle)> -> if $r3 != null goto staticinvoke <kotlin.text.StringsKt: java.lang.String replace$default(java.lang.String,java.lang.String,java.lang.String,boolean,int,java.lang.Object)>($r3, "a", "b", 0, 4, null) -> <com.example.flowdroidtest.MainActivity: void onCreate(android.os.Bundle)> -> r4 = new android.content.ContentValues -> <com.example.flowdroidtest.MainActivity: void onCreate(android.os.Bundle)> -> virtualinvoke $r7.<android.database.sqlite.SQLiteDatabase: long insert(java.lang.String,java.lang.String,android.content.ContentValues)>("mytable", null, r4)
on Path: -> <com.example.flowdroidtest.MainActivity: void onCreate(android.os.Bundle)> -> $r3 = virtualinvoke $r2.<android.content.Intent: java.lang.String getStringExtra(java.lang.String)>("string") [main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - -> <com.example.flowdroidtest.MainActivity: void onCreate(android.os.Bundle)> -> if $r3 != null goto staticinvoke <kotlin.text.StringsKt: java.lang.String replace$default(java.lang.String,java.lang.String,java.lang.String,boolean,int,java.lang.Object)>($r3, "a", "b", 0, 4, null) -> <com.example.flowdroidtest.MainActivity: void onCreate(android.os.Bundle)> -> staticinvoke <android.util.Log: int w(java.lang.String,java.lang.String)>("SINK6", $r3)
apk - https://andreypesnyak.github.io/app-debug.apk
Hello. I continue experimenting with android app and flowdroid. I wrote another application with following sources:
sources and sinks:
running command
Program found 2 paths, but they are not correct, because it ignore ContentValues.put method:
apk - https://andreypesnyak.github.io/app-debug.apk