add apk

fgwei · fgwei · commit a51bb3c3fdcb · 2017-03-10T18:35:27.000-05:00
diff --git a/icc_stateful/src/main/java/org/arguslab/icc_stateful/FooActivity.java b/icc_stateful/src/main/java/org/arguslab/icc_stateful/FooActivity.java
@@ -15,7 +15,7 @@ protected void onCreate(Bundle savedInstanceState) {
         String imei = tel.getDeviceId(); // source
         Intent i2 = getIntent();
         i2.putExtra("data", imei);
-        setResult(RESULT_OK, i2);
+        setResult(RESULT_OK, i2); // sink
         finish();
     }
 }
diff --git a/icc_stateful/src/main/java/org/arguslab/icc_stateful/MainActivity.java b/icc_stateful/src/main/java/org/arguslab/icc_stateful/MainActivity.java
@@ -15,7 +15,8 @@
  * @description MainActivity start FooActivity and waiting for the result and leak it.
  * 				FooActivity obtains sensitive data and return to MainActivity.
  * @dataflow source -> imei -> i2 -> FooActivity.setResult(i2) -> MainActivity.onActivityResult(data) -> imei3 -> sink
- * @number_of_leaks 1
+ *           source -> imei -> i2 -> FooActivity.setResult(i2)
+ * @number_of_leaks 2
  * @challenges The analysis must be able to resolve stateful ICC call and handle data flow
  * 				across different components.
  */

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ protected void onCreate(Bundle savedInstanceState) {`
`15`	`15`	`String imei = tel.getDeviceId(); // source`
`16`	`16`	`Intent i2 = getIntent();`
`17`	`17`	`i2.putExtra("data", imei);`
`18`		`- setResult(RESULT_OK, i2);`
	`18`	`+ setResult(RESULT_OK, i2); // sink`
`19`	`19`	`finish();`
`20`	`20`	`}`
`21`	`21`	`}`