Skip to content

MASTG-TEST-0231: References to Logging APIs

Overview

This test verifies if an app uses logging APIs like android.util.Log, Log, Logger, System.out.print, System.err.print, and java.lang.Throwable#printStackTrace.

Steps

  1. Use either Static Analysis on Android with a tool such as semgrep to identify all logging APIs.

Observation

The output should contain a list of locations where logging APIs are used.

Evaluation

The test fails if an app logs sensitive information from any of the listed locations.

Mitigations