This repository was archived by the owner on Feb 16, 2024. It is now read-only.
This repository was archived by the owner on Feb 16, 2024. It is now read-only.
Panic after trying to insert the same vulnerability twice in results #150
Description
In debug mode, thanks to a debug_assert!, SUPER will panic when trying to insert a duplicated vulnerability in the results. This is the expected behavior, but there should be no duplicate vulnerability.
An example of an app giving the error: https://github.com/javiersantos/MLManager/releases/download/v1.0.4.1/com.javiersantos.mlmanager_1.0.4.1.apk
Seems that the error is thrown in cases where for example multiple SQL Injection vulnerabilities are found in the same line. Example code that gives the error:
try
{
StringBuilder localStringBuilder = new java/lang/StringBuilder;
localStringBuilder.<init>();
paramSQLiteDatabase.execSQL("ALTER TABLE favorites ADD COLUMN " + paramString + " INTEGER NOT NULL DEFAULT " + paramLong + ";");
paramSQLiteDatabase.setTransactionSuccessful();
paramSQLiteDatabase.endTransaction();
bool = true;
}