I am working on the security of mobile applications and in android I came across the tainting object concept. But I have not figured out how exactly tainting works in Java or Android.
Not much different from any other language: by keeping a separate "taint table" in memory, which tracks the taint state of each variable (or register, in case of Android). Most variables are unique within the scope (ClassLoader x class x method x thread), static variables are of course unique within (ClassLoader x class x thread).
The taint state is modified at runtime according to a "propagation logic" which determines how each individual statement affects the taint state of the used variables. For example, it might define that for "move-object X, Y", the taint state of Y is copied to X.
- Badges
- Science topic
- Similar topics
- Computer Communications (Networks)
- Simulators