New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problems detecting taint propogation #48
Comments
Source Definition (same as the implicitintentsourcegenerator):
Sink Definition:
rules.json: |
Hi @chuayupeng, thanks for reaching out.
Internally, we do differentiate between sources produced at call sites (called TL, DR: Using |
Hi @arthaud, thanks for the easy to understand explanation! I changed the definition with the source and it worked like a charm! |
I have problems trying to write a propogation that can detect this flow of data from the initialisation of the implicit intent to calling it in an activity.
I can define the source to be the method that inits the intent, and sink to be the startActivityForResult, but when I write in the rules to link the source to the sink, no issues come up.
Is there any further way I can debug this? Not sure how to proceed
The text was updated successfully, but these errors were encountered: