Skip to content

Commit 661f561

Browse files
author
Eric Bodden
committed
Update README.md
1 parent 3301406 commit 661f561

File tree

1 file changed

+35
-0
lines changed

1 file changed

+35
-0
lines changed

README.md

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,3 +27,38 @@ Field and Object Sensitivity
2727
* **InheritedObjects1**: Chooses an object’s actual type based on a conditional. Only one possible type leads to a leak.
2828
* **ObjectSensitivity1**: Writes a tainted value into an object and an untainted one into another object of the same type. Leaks the untainted value.
2929
* **ObjectSensitivity2**: Writes a tainted value into a field and then overwrites it with untainted data.
30+
31+
Inter-App Communication
32+
-----------------------
33+
* **IntentSink1**: A tainted value is leaked to another application using an intent.
34+
* **IntentSink2**: Similar to IntentSink, but the value is sent out in a callback method defined in XML.
35+
* **ActivityCommunication1**: Contains two activities that communicate using static fields.
36+
37+
Lifecycle
38+
---------
39+
* **BroadcastReceiverLifecycle1**: Calls to sources and sinks distributed across a broadcast receiver lifecycle.
40+
* **ActivityLifecycle1**: Calls to sources and sinks distributed across an activity lifecycle.
41+
* **ActivityLifecycle2**: Activity class inherited from a superclass containing the lifecycle method which leaks the tainted value.
42+
* **ActivityLifecycle3**: Calls to sources and sinks distributed across instance state handling methods.
43+
* **ActivityLifecycle4**: A tainted value is obtained on `onPause()` and leaked when the activity is restarted later.
44+
* **ServiceLifecycle1**: Calls to sources and sinks distributed across a service lifecycle.
45+
46+
General Java
47+
------------
48+
* **Loop1**: Contains a simple loop and a data leak.
49+
* **Loop2**: Retrieves location information through a callback and leaks it via nested loops.
50+
* **SourceCodeSpecific1**: Uses unusual code construct `a = p ? b : c.`
51+
* **StaticInitialization1**: Passes a tainted value into a static initialization method.
52+
* **UnreachableCode**: Passes tainted data into a method that is never called.
53+
54+
Miscellaneous Android-Specific
55+
------------------------------
56+
* **PrivateDataLeak1**: Summary test case containing various challenges.
57+
* **PrivateDataLeak2**: Leaks a value from a password field.
58+
* **DirectLeak1**: The device id is read out and sent via SMS on the activity’s `onCreate()` event.
59+
* **InactiveActivity**: Data leak in a disabled activity.
60+
* **LogNoLeak**: Writes untainted data into a log file.
61+
62+
Implicit Flows
63+
--------------
64+
* **ImplicitFlow1-4**: Test cases for implicit flows.

0 commit comments

Comments
 (0)