-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathTODOs.txt
28 lines (16 loc) · 1.1 KB
/
TODOs.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
---------------Prio:
- Unsupported instructions that are used:
check-cast ['v0', 'Ljava/lang/String;'] -- Does not change tracked register, throws exception
- Correct following of blocks in case of try/catch block (see sendImei)
- Tracking results of methods and instances where methods are called on even when defined within apk
- Turn on indirect functions again
- Correctly track multiple virtual functions (see also line 192 of findFunctions.py)
---------------Later:
- Track data that is returned by reference. For example a method could take tainted data and some additional object, and put the data in that object without returning it.
- Track whether or not a listener is actually added. Now we only track if a listener is inherited.
- Analyze conditional statements to decide whether or not something is leaking
- Track fields by object instance instead of assuming that field is tainted for all instances of that class.
- Parallelize the lookup of tainted methods
- Find a way to track data put in intents
- Track subclasses of sinks
- Find a way to show how an instruction became to be marked as a sink