You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I wanted to ask if the methods inside the MainActivity class of an apk are not supposed to be defined as a source or a sink. This is because during the taint analysis these types of methods are never recognized as such, despite being declared in the sourcessinks.xml file. Meanwhile, a method in any other class is correctly identified as a source or a sink depending on the xml file definition.
Thank you.
The text was updated successfully, but these errors were encountered:
You can declare any method as source or sink, regardless of the class in which it is defined. If your method signature is correct in the source/sink definition file, that should work.
App-specific sources or sinks are rather uncommon, though. Most people declare Android API methods as sources or sinks.
My follow-up question now is, how would I define the source signature definition of a constructor, when i am interested in one of the parameters used, as an example:
public class Test { public Test(int, String) { .... } }
The value I'm interested in is the second parameter of type String. This is what I am thinking:
I wanted to ask if the methods inside the MainActivity class of an apk are not supposed to be defined as a source or a sink. This is because during the taint analysis these types of methods are never recognized as such, despite being declared in the sourcessinks.xml file. Meanwhile, a method in any other class is correctly identified as a source or a sink depending on the xml file definition.
Thank you.
The text was updated successfully, but these errors were encountered: