How to Utilize FlowDroid to Track Implicit Data-Flow
luoyashuo opened this issue · comments
Consider the following code snippet:
String encodedQuery = new Uri.Builder().appendQueryParameter("hwid", getHWID(context)).appendQueryParameter("operador", "cfData").appendQueryParameter("content", str).build().getEncodedQuery();
OutputStream outputStream = httpURLConnection.getOutputStream();
outputStream.write(encodedQuery.getBytes("UTF-8"));
I have marked the getHWID
method as Source, but it does not taint encodedQuery
. I am wondering how I could apply FlowDroid to handle this implicit data flow scenario and ensure encodedQuery gets tainted appropriately whenever getHWID is involved. Any detailed instructions or references would be highly appreciated.
Some summaries were missing. The flow should now be found.
Your update has perfectly solved my current problem, thank you very much for your timely update!