Skip to content

False negative with taint propagated via class attribute #174

New issue
New issue
Open
Open
False negative with taint propagated via class attribute#174
Labels
bugSomething isn't working
@draftyfrog

Description

@draftyfrog
draftyfrog
opened on Nov 14, 2024

Bug

Bug description
This might be the False Negative counterpart to the False Positive reported in #173.

Please consider the following code

public class MainActivity extends AppCompatActivity{
  public void onCreate(Bundle savedInstanceState){
    MyClass myInstance = new MyClass();
    String myString = myInstance.myField;
    myInstance.myField = "";
    sink(myString); // NOT reported as issue by Mariana Trench
  }

  public static String source(){ // Defined as source in MT config
    return "Secret";
  }

  public void sink(String param){} // Defined as sink in MT config
}

class MyClass{
  String myField = MainActivity.source();
}

As annotated in the code, Mariana Trench doesn't detect any issues, but actually the sink in MainActivity.onCreate should be reported.

I'm using mariana-trench Version: 1.0.6.

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions