[Soot-list] Method Call Graph does not report all the methods

Dr. Yury Zhauniarovich yzhauniarovich at hbku.edu.qa
Thu Mar 16 02:45:51 EDT 2017 

Dear community,

I faced with an issue with Soot (Flowdroid) when I analyze an apk file that I do not see all the methods in a method call graph. Here are the details of the problem.

I am trying to build a method call graph with Soot. I am experimenting with apks from F-Droid, and I noticed that Soot seems to miss some methods. For example, for the arXiv apk https://f-droid.org/repository/browse/?fdfilter=arXiv&fdid=com.commonsware.android.arXiv in the class arXivDB the method deleteFeed() is not found by Soot.

To extract MCG nodes I use the following code:

       SetupApplication app = new SetupApplication(ANDROID_JAR, APK);
app.setCallbackFile("./lib_res/AndroidCallbacks.txt");
try {
    app.calculateSourcesSinksEntrypoints("./lib_res/SourcesAndSinks.txt");
} catch (Exception e) {
    e.printStackTrace();
}
soot.G.reset();

Options.v().set_src_prec(Options.src_prec_apk);
Options.v().set_process_dir(Collections.singletonList(APK));
Options.v().set_force_android_jar(ANDROID_JAR);
Options.v().set_whole_program(true);
Options.v().set_allow_phantom_refs(true);
Options.v().set_output_format(Options.output_format_none);
Options.v().setPhaseOption("cg.spark", "on");
new SootConfigForAndroid().setSootOptions(Options.v());

Scene.v().loadNecessaryClasses();

SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();
entryPoint.getActiveBody().validate();
Options.v().set_main_class(entryPoint.getSignature());
Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
// System.out.println(entryPoint.getActiveBody());

PackManager.v().runPacks();
CallGraph cg = Scene.v().getCallGraph();
int numOfNodes = 0;
for (Iterator<MethodOrMethodContext> mtds = cg.sourceMethods(); mtds.hasNext();) {
    SootMethod mtd = mtds.next().method();
    System.out.println(mtd.getSignature());
    numOfNodes++;
}


I have an assumption that there are some optimizations that reduce method call graph but I do not know where to look them for and how to disable them. Could you please help me?
Thank you in advance!

--
Best Regards,
Yury Zhauniarovich

CONFIDENTIALITY  NOTICE:
This email and any attachments transmitted with it are confidential and intended for the use of individual or entity to which it is addressed. If you have received this email in error, please delete it immediately and inform the sender. Unless you are the intended recipient, you may not use, disclose, copy or distribute this email or any attachments included. The contents of this email, including any attachments, may be subjected to copyright law. In such cases, the contents may not be copied, adapted, distributed or transmitted without the consent of the copyright owner.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20170316/0cde4ca3/attachment.html>

More information about the Soot-list mailing list