super issues

Macro-generate permission checklist

1

We currently have thousands of LOC for generating permission enums. This shouldn't be done this way, and a simpler way using macros and automatic permission upgrading at build time should...

Razican

Enhancement

D-Easy

D-Moderate

T-Core

Group vulnerabilities by type

1

This will be implemented with #25, but in any case we need to create tables for vulnerabilities in summary reports, with vulnerabilities grouped by type. Also, the ability to understand...

Razican

D-Moderate

T-Rules

T-Results

Add tests for Manifest

1

Currently there is no tests for the manifest. We should create a sample manifest with some of the known vulnerabilities, and check if the vulnerabilities are being detected. Even if...

Razican

Enhancement

D-Easy

D-Moderate

T-Tests

Reverse R file references

Currently, references to R file veriable IDs are pure integers. We should reverse them using tools like this one: https://github.com/justingarrick/android-reverse-r

Razican

New feature

D-Moderate

T-Results

Documentation for `static_analysis/manifest.rs`

Most of the code is still not documented. This is the tracking issue for `static_analysis/manifest.rs` file documentation. - [ ] Module level documentation. - [ ] `manifest_analysis()` function: - [...

Razican

Enhancement

Help wanted

D-Easy

T-Docs

Documentation for `static_analysis/code.rs`

Most of the code is still not documented. This is the tracking issue for `static_analysis/code.rs` file documentation. - [ ] Module level documentation. - [ ] `code_analysis()` function: - [...

Razican

Enhancement

Help wanted

D-Easy

T-Docs

Documentation

This issue tracks the documentation of different modules in SUPER. Each module has its own issue: - [x] [`main.rs` (#54)](https://github.com/SUPERAndroidAnalyzer/super/issues/54) - [x] [`lib.rs` (#147)](https://github.com/SUPERAndroidAnalyzer/super/issues/147) - [ ] `cli.rs` - [...

Razican

Enhancement

Help wanted

D-Easy

T-Docs

Documentation of `results/mod.rs`

Most of the code is still not documented. This is the tracking issue for `results/mod.rs` file documentation. - [ ] Module level documentation. - [ ] Results struct: - [...

Razican

Enhancement

Help wanted

D-Easy

T-Docs

Documentation of `utils.rs`

10

Most of the code is still not documented. This is the tracking issue for `utils.rs` file documentation. - [ ] Module level documentation. - [x] `PARSER_CONFIG` constant. - [x] `print_error()`...

Razican

Enhancement

Help wanted

D-Easy

T-Docs

Complex AndroidManifest.xml analysis

3

We need to add content providers, receivers, etc. to manifest analysis, and rules to decide what to analyze. Here is the complete list: - ``: - if `android:exported="false"` everything is...

Razican

Enhancement

D-Moderate

T-Rules

T-Docs

super
super copied to clipboard

Metadata

Macro-generate permission checklist

Group vulnerabilities by type

Add tests for Manifest

Reverse R file references

Documentation for `static_analysis/manifest.rs`

Documentation for `static_analysis/code.rs`

Documentation

Documentation of `results/mod.rs`

Documentation of `utils.rs`

Complex AndroidManifest.xml analysis

← Metadata

Owner

Metadata

super super copied to clipboard

Metadata

← Metadata

Owner

Metadata

super
super copied to clipboard