does sanitizer have been implimented in flowdroid

secure-software-engineering / FlowDroid

FlowDroid Static Data Flow Tracker

GNU Lesser General Public License v2.1

1.03k stars 293 forks source link

does sanitizer have been implimented in flowdroid #516

Open mengjianwei12345 opened 1 year ago

mengjianwei12345 commented 1 year ago

I found that there are test cases for sanitizer in the securibench of the flowdroid, so I wanted to ask if the flowdroid analysis can already support the sanitizer for harmless treatment

flankerhqd commented 1 year ago

I guess you can implement this using summary or TaintPropagationHandler.

StevenArzt commented 1 year ago

Correct. The StubDroid summaries already support "kill flows". have a look at the summary for List.clear() (forlder soot-infoflow-summaries/summariesManual).