-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathchangelog-sparta.txt
executable file
·198 lines (154 loc) · 7.51 KB
/
changelog-sparta.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
Version 1.0.2 3 February 2016
Version control repository:
The SPARTA source code is available in GitHub:
https://github.com/typetools/sparta/
Version 1.0.1 24 April 2015
Information Flow Checker changes:
If you supply the -DcfOpts="-AresolveReflection=" option to the check-flow an target,
IFC will attempt to resolve reflection. This reduces the number of
false positive warnings caused by reflection.
----------------------------------------------------------------------
Version 1.0.0 28 Dec 2014
Information Flow Checker changes:
Add more methods to the stub files.
----------------------------------------------------------------------
Version 0.9.9 14 November 2014
Information Flow Checker changes:
@Source and @Sink annotations now take a string argument of the following form:
PERMISISON(param1, param2)
where the part in parenthesis is optional.
Parameterized permissions can be inferred when certain methods are used. See
the manual for more details.
Receiver polymorphism is implemented using @PolySourceR @PolySinkR. See the
manual for more details.
----------------------------------------------------------------------
Version 0.9.8 1 August 2014
Intent Checker:
New checker that type-checks information flows across communicating components
of an Android app.
Information Flow Checker changes:
LITERAL and CONDITIONAL have been removed. See manual for new defaulting
rules.
Report Not Reviewed Checker:
A new tool has been add to report all API methods used that do not appear
in stub files.
----------------------------------------------------------------------
Version 0.9.7 5 May 2014
Detection Tools
A new detection tool, report-strings, was added. See Section 6.2.1 for more
details.
Checker Framework package renaming
1. The environment variable CHECKERS should
not be used. Instead use CHECKERFRAMEWORK and set it to checker-framework/
2. The lines to copy to an app's build file have changed. The are listed in
the manual. Note that this means you'll have to change the build files for
apps that previously used our tools.
----------------------------------------------------------------------
Version 0.9.4 19 November 2013
Sample Apps
Three new apps have been fully annotated as examples uses of the
Flow Checker.
Flow Checker Changes
A warning is issued if a flow policy contains a possible transitive flow
Documentation
Improvements to the manual
----------------------------------------------------------------------
Version 0.9.3 1 August 2013
Flow Checker Changes
Flow Checker now writes a file called missingAPI.astub that list all
the methods that need to be annotated in a stub file.
Stub file defaulting has changed. See Section 3.5 Annotating methods in stub
files in the manual for more details
More Flow Analysis
The Flow Checker now creates summary files of flows found in the application.
These flows can be filtered using the filter-flows ant target.
Current flow files include:
foundFlows.txt - A summary of found and forbidden flows
forbiddenFlows.txt - A flow-policy consisting of forbidden flows
forbiddenFlowLocations.txt - A machine searchable file of all flows in the system that
can be indexed using filter-flows.
String Comparison
Sparta now contains ant build targets and perl scripts for finding strings
shared between multiple applications, which is useful for detecting collusion.
String literals are first captured using capture-strings for each application.
The captured strings are placed in sparta_strings.txt. An application under
analysis can be compared against other applications by using compare-strings.
A root directory of where to search for sparta_strings.txt must be provided
by using the -Dcompare.root= command line parameter.
Dependent Permissions Checker
Intents and URIs use different permissions depending on what they access.
Dependent Permissions checker tracks special string literals and
string constants that will require some permission if used to in an Intent
or URI.
RequiredPermission Changes
A new annotation, @MayRequiredPermission, was added. It is used to indicate
that a method method require a permission. The notes field discribes when the
permission may be required.
Unified Permissions Checker
A unified permissions checker has been added that will run the Required
Permissions checker and the Dependent Permissions Checker. Users should now use
ant check-permissions instead of reqperms.
----------------------------------------------------------------------
Version 0.9.2 1 June 2013
Major Refactoring
We did the following renamings:
ant target flow-test is now check-flow
@FlowSources -> @Source
@FlowSinks -> @Sink
@PolyFlowSinks -> @PolySink
@PolyFlowSources -> @PolySource
Also, merged the FlowSource and FlowSink enums into FlowPermission
all of the constants in the new enum are named to match Android
permissions. This means that some of the old sources and sinks no
longer exist. You can find a mapping from old to new in comments in
SpartaPermission.
Documentation
Improvements to the manual
----------------------------------------------------------------------
Version 0.9.1 1 May 2013
Documentation
Improvements to the manual
----------------------------------------------------------------------
Version 0.9.0 22 April 2013
Stub Files
flow.astub is now generated from files in
src/sparta/checkers/flowstubfile. Annotations for Android and Java
class should go in the file name that corresponds with its package
name.
----------------------------------------------------------------------
Version 0.8.1 3 April 2013
flow.astub
Removed incorrect annotations
Permissions
permission.astub now uses the PScout Permission map for Android
version 4.0.1. (http://pscout.csl.toronto.edu)
----------------------------------------------------------------------
Version 0.8.0, 1 March 2013
Policy Files
Applications are now required to have flow policies describing
permitted flows.
Default Types
Literals are now typed with @Sources(SpartaPermission.LITERAL)
Other changes to defaulting to reduce annotation burden
Documentation
Improvements to the manual
----------------------------------------------------------------------
Version 0.7, 16 Oct 2012
Added more API annotations for Android and JDK libraries, in file flow.astub.
Such annotations are necessary for any API that an app uses. By
expanding the SPARTA-provided set, the user has less work to do.
flow.astub now contains over 1600 annotated methods (APIs).
Rewrote parts the SPARTA manual, notably Chapter 4, "Flow Checker".
The description of the flow type system is clearer, with additional examples.
Some material that was redundant with the Checker Framework manual has
been replaced by a cross-reference to the Checker Framework manual, so
that users can look just one place for authoritative information.
Defaulting is more clearly explained.
A new chapter 5 details what an app developer is required to do in order
to have the app approved. For example, source code obfuscation is not
permitted, and each warning suppression must be justified.
Use version 1.4.2 instead of 1.4.0 of the Checker Framework.
SPARTA is built on the Checker Framework. The detailed changes (mostly
bug fixes and refactorings, but also a few new features) appear in
the Checker Framework changelog at
http://types.cs.washington.edu/checker-framework/current/changelog-checkers.txt