[Soot-list] interprocedural control flow analysis, whole mode and cfg
Amit
ciphermaker99 at gmail.com
Mon Jun 18 22:27:28 EDT 2012
related to this post
http://www.sable.mcgill.ca/pipermail/soot-list/2007-May/001225.html
I need to do do interprocedural data flow analysis (DFA) using soot.
The general idea is to run soot in whole program mode and do something with
the call graph.
For example generate the cfg for each method called and do DFA inside that.
However, how to analyze data across method boundaries? Is there a way to
identify which variables are passed and returned? (and use generic DFA
techniques using flowsets). Please point me to the right references.
Big picture: I need to mark certain data as "critical" and then to track
how this critical data propagates across the program (across method
boundaries). Then report all places where this data (or other data
generated from it) is given to a unsafe method such as filewriter.
For instance, the critical data may be something output by
"EncryptionKeyStore.getKey()" method.
Is soot the right tool for this, and is DFA the right approach for this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20120619/cdaa5a42/attachment.html
More information about the Soot-list
mailing list