[Soot-list] Problems in detecting flows across Java(-String) system classes #79

Alexander MMXII fromm.alex at gmail.com
Wed Sep 9 05:56:52 EDT 2015 

Dear FlowDroid-team,
I am trying to analyses a piece of Java code with flowdroid, and somehow I 
do not understand why FlowDroid does not report a flow, although sinks and 
sources are detected. The code is the following:

------------------------------------------------------------
public class DataContainerMain(){
public static void main(String[] args){
FileInputStream fis1 = new FileInputStream(new File("D1.txt"));
byte[] b1 = read(new byte[100],fis1);        
String s1 = new String(b1, StandardCharsets.UTF_8);
FileOutputStream fos = new FileOutputStream(new File("D3.txt"));
fos.write(s1.getBytes()); 
}
}

------------------------------------------------------------

I expect that Flowdroid should report the flow from source read(new 
byte....) -> b1->s1-> sink fow.write(s1.getBytes()); (source and sink are 
detected). 

To analyze that code I extended one of JUnit test cases of Flowdroid, 
namely soot.jimple.infoflow.test.junit.StringTests, with a test method as 
follows:

------------------------------------------------------------
@Test()
    public void stringConstructorTest() throws IOException {
        Infoflow infoflow = initInfoflow();
        
        List<String> epoints = new ArrayList<String>();
        epoints.add("<soot.jimple.infoflow.test.DataContainerMain: void 
main(java.lang.String[])>");

        List<String> sources = new LinkedList<String>();
        sources.add("<soot.jimple.infoflow.test.DataContainerMain: byte[] 
read(byte[],java.io.FileInputStream)>");
        
        List<String> sinks = new LinkedList<String>();
        sinks.add("<java.io.FileOutputStream: void write(byte[])>");

        infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks);
    }
------------------------------------------------------------

Could it be the case that the test method is incorrect? May I need to 
provide more configuration parameters to the Infoflow-Object?

 If I add the constructor <java.lang.String: void 
<init>(byte[],java.nio.charset.Charset)> to the set of EasyTaintWrappers 
and instantiate the infoflow object with true (i.e. initInfoflow(true)), 
that a flow is detected. But without that it doesnt work. So, I do not 
understand why Flowdroid doesnt detect the flow (without TaintWrappers) in 
the upper example. What do I have to provide to the analysis in order to 
detect that flow? 
Thanks a lot for your help in advance!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150909/862e550e/attachment.html

More information about the Soot-list mailing list