Date: Thu, 25 Oct 2012 21:27:08 -0700 (PDT)
From: bobo <bobogues...@gmail.com>
To: taintdroid@googlegroups.com
Message-Id: <e135472e-698e-445d-aaf9-78efb242cf58@googlegroups.com>
In-Reply-To: <CAJ2GknO+BqDzsejXm5ShQU+NEJPRpgcJRaTktsU3WcOSvHWYww@mail.gmail.com>
References: <43837be1-9994-4ca0-9014-7bd97bb14bd1@googlegroups.com>
 <CAJ2GknO+BqDzsejXm5ShQU+NEJPRpgcJRaTktsU3WcOSvHWYww@mail.gmail.com>
Subject: Re: A question about taint propagation rules in array
MIME-Version: 1.0
Content-Type: multipart/mixed; 
	boundary="----=_Part_251_10960546.1351225628374"

------=_Part_251_10960546.1351225628374
Content-Type: multipart/alternative; 
	boundary="----=_Part_252_77633.1351225628374"

------=_Part_252_77633.1351225628374
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Thank you very much.

On Friday, October 26, 2012 5:48:19 AM UTC+8, Jaeyeon Jung wrote:
>
> Sorry for the confusion. I think we fixed it in our journal submission.=
=20
> Basically, once a tainted variable is stored into array A, then the array=
 A=20
> gets tainted so from that point any variable that is read from the array =
A=20
> will get tainted (a potential source of false positives). Also, if I=20
> remember correctly, once array A is tainted then it will stay tainted unt=
il=20
> the end of its lifetime.
>
> --=20
> Jaeyeon Jung (=EC=A0=95=EC=9E=AC=EC=97=B0)
>
> On Wed, Oct 24, 2012 at 11:03 PM, bobo <bobog...@gmail.com <javascript:>>=
wrote:
>
>> Firstly, forgive my poor English please, I had do my best.
>>
>> from "TaintDroid An Information-Flow Tracking System for Realtime=20
>> PrivacyMonitoring on Smartphones" :
>> * For example, if untainted variable u is stored into array A at index 0=
=20
>> (A[0]) and tainted variable t is stored into A[1], then array A is taint=
ed.=20
>> Later, if variable v is assigned to A[0], v will be tainted, even though=
 u=20
>> was untainted.*
>>
>> so, if untainted variable q is assigned to A[1] instead of tainted=20
>> variable t, the array still be tainted?
>> thanks for your kind reply.
>>
>
>
>
>
>
> 
------=_Part_252_77633.1351225628374
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Thank you very much.<br><br>On Friday, October 26, 2012 5:48:19 AM UTC+8, J=
aeyeon Jung wrote:<blockquote class=3D"gmail_quote" style=3D"margin: 0;marg=
in-left: 0.8ex;border-left: 1px #ccc solid;padding-left: 1ex;">Sorry for th=
e confusion. I think we fixed it in our journal submission. Basically, once=
 a tainted variable is stored into array A, then the array A gets tainted s=
o from that point any variable that is read from the array A will get taint=
ed (a potential source of false positives). Also, if I remember correctly, =
once array A is tainted then it will stay tainted until the end of its life=
time.<div>

<br></div><div>--&nbsp;<br><div>Jaeyeon Jung (=EC=A0=95=EC=9E=AC=EC=97=B0)<=
/div><br><div class=3D"gmail_quote">On Wed, Oct 24, 2012 at 11:03 PM, bobo =
<span dir=3D"ltr">&lt;<a href=3D"javascript:" target=3D"_blank" gdf-obfusca=
ted-mailto=3D"-7gzZc3Y6ZEJ">bobog...@gmail.com</a>&gt;</span> wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">Firstly, forgive my poor English please, I h=
ad do my best.<br><br>from "TaintDroid An Information-Flow Tracking System =
for Realtime PrivacyMonitoring on Smartphones" :<br>

<b>&nbsp;For example, if untainted variable u is stored into array A at ind=
ex 0 (A[0]) and tainted variable t is stored into A[1], then array A is tai=
nted. Later, if variable v is assigned to A[0], v will be tainted, even tho=
ugh u was untainted.</b><br>

<br>so, if untainted variable q is assigned to A[1] instead of tainted vari=
able t, the array still be tainted?<br>thanks for your kind reply.<br></blo=
ckquote></div><br><br clear=3D"all"><div><br></div><br><br>
</div>
</blockquote>
------=_Part_252_77633.1351225628374--

------=_Part_251_10960546.1351225628374--