draftyfrog

Results 13 comments of draftyfrog

Missed sink in loop in called function

Thanks for the explanation! Indeed, when I add the type annotation to `arg0:str = arg1`, pysa correctly reports the issue. Interestingly, any additional type annotation in `function1` seems to do...

False negative with taint propagated via class attribute without static initializer

Still present in the `1.0.7` version (i.e., still does not report an issue for `this.sink(myString)`).

Missed sinks with lists and statements uninvolved in the taint path including negative numbers

Using the current version of FlowDroid (including up to the latest commit [e8b193e](https://github.com/secure-software-engineering/FlowDroid/commit/e8b193eb66c3e879a8210c99f356b85d520f99e1)), it still misses the sink but the statement `Integer unused = -1;` doesn't seem to be relevant...

Missed sinks with lists and statements uninvolved in the taint path including negative numbers

I tinkered around a little and discovered that this issue only happens if the uninvolved list is not used in between instantiation and the sink. If we add any statement...

Missed sinks with lists and statements uninvolved in the taint path including negative numbers

Using the latest version of FlowDroid ([02dba8a](https://github.com/secure-software-engineering/FlowDroid/commit/02dba8a77fcaf710322dcb8c16b4d310bdee2dff)) I can confirm that this issue no longer exists. Thank you!

False positive with sanitizing function in a loop

Implicit flows are not enabled, I call FlowDroid via ``` java -jar ./soot-infoflow-cmd-2.13.0-jar-with-dependencies.jar \ -a {path-to-apk} \ -s ./SourcesAndSinks.xml \ -o ./out.xml \ -d \ -p {path-to-android-platforms-folder} ``` and my...

False positive with sanitizing function in a loop

I tried the latest version (this commit [3a45a5d](https://github.com/secure-software-engineering/FlowDroid/commit/3a45a5d22656f20f4bb8602f13f7752252d0b536) ), it still reports one leak for the sink in `onCreate`.

False positive with sanitizing function in a loop

Indeed, the `Math.random()` seems to be the problem, when I remove it from the condition, no leaks are reported. However, since the whole `if`-statement is a no-op, shouldn't it be...

False positive with sanitizing function in a loop

Thank you for the quick fix! I confirm that the original issue is fixed in the latest commit [2227456](https://github.com/secure-software-engineering/FlowDroid/commit/22274567e3b8e10357376a20fc8683a8c3574d41). I'm trying to make sense of the fact that the misoptimized...

False positive with sanitizing function in a loop

Now it makes sense, thank you! > Yes, IFDS computes the join-over-all-paths solution. I see, so this is a known imprecision issue (imprecision, given that there's no actual path around...