Comments (11)
bdbubble
commented on August 23, 2024
true 在 jimple 里就是数字 1,false 是 0。可以用ConstNumberMode
{
"WebViewDebug": {
"traceDepth" : 1,
"ConstNumberMode": true,
"targetNumberArr": [1],
"sink": {
"<android.webkit.WebView: void setWebContentsDebuggingEnabled(boolean)>": {
"TaintCheck": ["p0"]
}
}
}
}
from appshark.
firmianay
commented on August 23, 2024
可以了,谢谢师傅!
from appshark.
firmianay
commented on August 23, 2024
那如果参数是通过变量传入的呢,ConstNumberMode好像找不到这个入口
public class GConfig {
public static boolean DEBUG = true;
public static void prepareWebView(Context context) {
if (mWebView == null) {
WebView webView = new WebView(context.getApplicationContext());
mWebView = webView;
webView.getSettings().setJavaScriptEnabled(true);
mWebView.getSettings().setDomStorageEnabled(true);
if (Build.VERSION.SDK_INT >= 19) {
WebView.setWebContentsDebuggingEnabled(GConfig.DEBUG);
}
}
mWebView.clearHistory();
mWebView.addJavascriptInterface(mContent, "_hybrid_circle_content");
mWebView.loadUrl(NetworkConfig.getInstance().getCirclePageUrl());
}
from appshark.
firmianay
commented on August 23, 2024
还有个问题,这种设置通常是有默认值的,那如何判断没有调用某个方法,即默认为true
from appshark.
nkbai
commented on August 23, 2024
这个调整一下traceDepth,不过不要太深了,会引起很多误报。
这个规则的本质是有哪些常量整数流到了函数的某个参数中。
from appshark.
nkbai
commented on August 23, 2024
还有个问题,这种设置通常是有默认值的,那如何判断没有调用某个方法,即默认为true
如果是判断某个函数没有调用,这个appshark不好检测。
from appshark.
firmianay
commented on August 23, 2024
还有个问题,这种设置通常是有默认值的,那如何判断没有调用某个方法,即默认为true
如果是判断某个函数没有调用,这个appshark不好检测。
我不了解这个函数签名具体是怎么匹配的,能不能在APIMode增加这个功能,先找到某个类名的所有函数,然后看是否包含特定函数
from appshark.
nkbai
commented on August 23, 2024
你可以好好想想这个功能怎么设计,如果确实能描述清楚,可以增加这个单独的mode都是可以的。
from appshark.
firmianay
commented on August 23, 2024
这个调整一下traceDepth,不过不要太深了,会引起很多误报。 这个规则的本质是有哪些常量整数流到了函数的某个参数中。
有时候感觉不太行,ConstString模式似乎是去jimple里匹配每一行是否有字符串,然后添加到constStringPatternMap缓存,但是像下面这种情况,只会把A处的表达式添加进去,B处的就被忽略了
<com.example.loaddex.LiveLiterals$MainActivityKt: java.lang.String String$0$str$arg-0$call-$init$$val-file$fun-errorExample2dexKt$class-MainActivity> = "/sdcard/"; // A
public final java.lang.String String$0$str$arg-0$call-$init$$val-file$fun-errorExample2dexKt$class-MainActivity()
{
com.example.loaddex.LiveLiterals$MainActivityKt r0;
androidx.compose.runtime.State $r2, $r3;
java.lang.String $r1;
boolean $z0;
r0 := @this: com.example.loaddex.LiveLiterals$MainActivityKt;
$z0 = staticinvoke <androidx.compose.runtime.internal.LiveLiteralKt: boolean isLiveLiteralsEnabled()>();
if $z0 != 0 goto label1;
$r1 = <com.example.loaddex.LiveLiterals$MainActivityKt: java.lang.String String$0$str$arg-0$call-$init$$val-file$fun-errorExample2dexKt$class-MainActivity>; // B
return $r1;
from appshark.
nkbai
commented on August 23, 2024
B处在做指针分析的时候不是会被关联起来么?
from appshark.
firmianay
commented on August 23, 2024
在那几个log文件里都没有搜到errorExample2dexKt,在results.json里也没有
from appshark.
Related Issues (20)
- 来自一个强迫症 HOT 1
- 扫描时如何筛选函数的参数 HOT 2
- 多规则扫描显示json解析出错 HOT 2
- AndroidManifest.xml 权限保护级别解析错误 HOT 1
- [Appshark-UI] - init.sql file
- 复杂一点的应用会报OOM HOT 1
- switch-case语句的result.json只有第一个case的label部分 HOT 1
- 添加规则对应的安卓版本 HOT 1
- 在规则文件中增加permission字段来检查权限滥用 HOT 7
- SignInfo没有具体实现 HOT 2
- 函数签名的返回类型解析错误 HOT 2
- 如何区分source的原始对象和传播中被污染的对象 HOT 12
- 污点链没有传播到List中对象的属性 HOT 1
- 如何在sanitizer过滤导出组件,未导出组件不检测 HOT 5
- Appshark扫描优化 HOT 1
- SliceMode不能正确找到入口 HOT 4
- 污点传播不支持gson.fromJson HOT 3
- Lambda表达式断链问题 HOT 2
- 不支持ARouter路由框架导致断链 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from appshark.