如何在sanitizer过滤导出组件,未导出组件不检测 #66
Comments
|
结果的manifest中会给出了这个组件是否导出 |
|
可以在规则文件中添加一个字段,表示在输出结果中过滤掉非导出组件 |
|
发现flowdroid在解析exported的时候有问题,已经提给上游准备修复:secure-software-engineering/FlowDroid#678 现在的问题是Appshark是否会同步更新,是不是把这几个包也传到github上来维护: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
举个例子,例如:ContentProviderPathTraversal这个检测规则,如果只关心导出组件,未导出的provider即使出现漏洞我也不关心,应该如何写sanitizer,好像没有看到类似的例子,谢谢
The text was updated successfully, but these errors were encountered: