Sunday, January 30, 2011

taintdroid code reading 1.

I am curious how taintdroid track apps which use senseitive information.
Firstly, I check the diff between taintdroid and android.
According to TaintDroid Build Instructions, it modifies the source under dalvik/ and frameworks/base.

We can obtain the list of modified files by:

  git diff --name-only 0e9d568ec6b946e77bc0ec1903acac1ef916e6d1
for dalvik/, and
  git diff --name-only 562ac30bddb37b8bebeedfb035111dda41187332.
for framework/base.

The list for dalvik is too huge, is 456 files, so firstly we check one for framework/base.


README_TAINTDROID.txt
api/current.xml
cmds/servicemanager/Android.mk
cmds/servicemanager/binder.c
core/java/android/hardware/Camera.java
core/java/android/hardware/SensorManager.java
core/java/android/os/Parcel.java
core/jni/Android.mk
core/jni/android_util_Binder.cpp
include/binder/Parcel.h
libs/binder/Android.mk
libs/binder/Parcel.cpp
location/java/com/android/internal/location/GpsLocationProvider.java
media/java/android/media/AudioRecord.java
media/java/android/media/MediaRecorder.java
media/jni/Android.mk
media/jni/android_media_MediaRecorder.cpp
services/java/com/android/server/LocationManagerService.java
telephony/java/com/android/internal/telephony/gsm/GSMPhone.java
telephony/java/com/android/internal/telephony/gsm/SIMRecords.java

Next, I'll check what changes were made in services and telephont.

No comments:

There was an error in this gadget