getOnKeyboardActionListener() in NETWORK_INFORMATION

secure-software-engineering / SuSi

SuSi - our tool to automatically discover sources and sinks in the Android framework

143 stars 74 forks source link

getOnKeyboardActionListener() in NETWORK_INFORMATION #4

Open vitaliiavdiienko opened 9 years ago

vitaliiavdiienko commented 9 years ago

Hi guys, do you have any idea why

android.inputmethodservice.KeyboardView: android.inputmethodservice.KeyboardView$OnKeyboardActionListener getOnKeyboardActionListener() has a label 'NETWORK_INFORMATION' in Output_CatSources_v0_9.txt

Thanks in advance, Vitalii

srasthofer commented 9 years ago

Hi Vitalii,

thanks for pointing to this. Indeed, it looks like a false positive. Since SuSi is a machine learning approach, it would require an in-depth analysis to figure out what features produce this FP. So you could ignore this source-definition for now.

Thanks!

vitaliiavdiienko commented 9 years ago

Hi Siegfried,

thanks for a quick reply. This one also goes there: android.inputmethodservice.InputMethodService: android.view.inputmethod.InputConnection getCurrentInputConnection()

srasthofer commented 9 years ago

Yes, I guess in this case, the word "Connection" within the method-name and also the word "Connection" within the return typ is the reason for the miss-classification. We would need more precise features here...