Sink on no-source-code method
Closed this issue · 2 comments
Is it possible to define a sink model on a method which is not implemented inside the apk?
According to the documentation that method (let say the method foo from Service, not defined/implemented inside the apk) will have the default model, which corresponds to what I see on the verbose output:
INFO Instruction: INVOKE_VIRTUAL v0, v4, Lcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;
WARNING Unable to resolve call to `Lcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;`
INFO Getting model for virtual call ``
INFO Callee model:
Model(method=``,
modes={ skip-analysis add-via-obscure-feature taint-in-taint-out})
But immediately after those lines I get:
INFO Processing sinks for call to `Lcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;`
INFO Processing propagations for call to `Lcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;`
INFO Processing generations for call to `Lcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;`
So, it seems that is trying to process sinks/propagations/generations for that method...
Is it possible to define sinks/propagations for that method? how can I do that?
Thanks!
Apparently, Mariana Trench doesn't know the method Lcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;
. You should first solve that problem before you can add sinks on it.
You will need to provide a jar that defines that method to Mariana Trench using the --system-jar-configuration-path
option.
INFO Processing sinks for call to
Lcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;
INFO Processing propagations for call toLcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;
INFO Processing generations for call toLcom/example/demo/Service;.foo:(Ljava/lang/String;)Ljava/lang/String;
Those lines are misleading, please ignore them.
Yes! That's what I thought!
But those INFO lines were confusing me...
Thanks arthaud!