does sanitizer have been implimented in flowdroid

secure-software-engineering / FlowDroid

FlowDroid Static Data Flow Tracker

GNU Lesser General Public License v2.1

1.06k stars 299 forks source link

does sanitizer have been implimented in flowdroid #516

Open mengjianwei12345 opened 2 years ago

mengjianwei12345 commented 2 years ago

I found that there are test cases for sanitizer in the securibench of the flowdroid, so I wanted to ask if the flowdroid analysis can already support the sanitizer for harmless treatment

flankerhqd commented 2 years ago

I guess you can implement this using summary or TaintPropagationHandler.

StevenArzt commented 2 years ago

Correct. The StubDroid summaries already support "kill flows". have a look at the summary for List.clear() (forlder soot-infoflow-summaries/summariesManual).