[Soot-list] Method Call Graph does not report all the methods

Dr. Yury Zhauniarovich yzhauniarovich at hbku.edu.qa
Mon Mar 20 02:57:13 EDT 2017 

Hi Steven,

Thank you very much for your quick fix and prompt response! It would be great if you can provide the corresponding jar. It can be aslo great if you can deploy this jar in some maven repository as it is done for soot. Thank you in advance!
--
Best Regards,
Yury Zhauniarovich

On Thu, 2017-03-16 at 20:17 +0000, Arzt, Steven wrote:
Hi Yury,

You found a bug in FlowDroid ☺ I have applied a fix and committed it to the official repository. If you are using FlowDroid from source, you can immediately update your copy and you will find that the deleteFeed() method appears in the callgraph just fine. If you need a new JAR file, please let me know and I will upload an official 1.5.1 version on Github that contains this bugfix.

Thanks for spotting the bug.

Best regards,
  Steven

From: Soot-list [mailto:soot-list-bounces at cs.mcgill.ca] On Behalf Of Dr. Yury Zhauniarovich
Sent: Thursday, March 16, 2017 7:46 AM
To: soot-list at cs.mcgill.ca
Subject: [Soot-list] Method Call Graph does not report all the methods

Dear community,

I faced with an issue with Soot (Flowdroid) when I analyze an apk file that I do not see all the methods in a method call graph. Here are the details of the problem.

I am trying to build a method call graph with Soot. I am experimenting with apks from F-Droid, and I noticed that Soot seems to miss some methods. For example, for the arXiv apk https://f-droid.org/repository/browse/?fdfilter=arXiv&fdid=com.commonsware.android.arXiv in the class arXivDB the method deleteFeed() is not found by Soot.

To extract MCG nodes I use the following code:

       SetupApplication app = new SetupApplication(ANDROID_JAR, APK);
app.setCallbackFile("./lib_res/AndroidCallbacks.txt");
try {
    app.calculateSourcesSinksEntrypoints("./lib_res/SourcesAndSinks.txt");
} catch (Exception e) {
    e.printStackTrace();
}
soot.G.reset();

Options.v().set_src_prec(Options.src_prec_apk);
Options.v().set_process_dir(Collections.singletonList(APK));
Options.v().set_force_android_jar(ANDROID_JAR);
Options.v().set_whole_program(true);
Options.v().set_allow_phantom_refs(true);
Options.v().set_output_format(Options.output_format_none);
Options.v().setPhaseOption("cg.spark", "on");
new SootConfigForAndroid().setSootOptions(Options.v());

Scene.v().loadNecessaryClasses();

SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();
entryPoint.getActiveBody().validate();
Options.v().set_main_class(entryPoint.getSignature());
Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
// System.out.println(entryPoint.getActiveBody());

PackManager.v().runPacks();
CallGraph cg = Scene.v().getCallGraph();
int numOfNodes = 0;
for (Iterator<MethodOrMethodContext> mtds = cg.sourceMethods(); mtds.hasNext();) {
    SootMethod mtd = mtds.next().method();
    System.out.println(mtd.getSignature());
    numOfNodes++;
}


I have an assumption that there are some optimizations that reduce method call graph but I do not know where to look them for and how to disable them. Could you please help me?
Thank you in advance!

--
Best Regards,
Yury Zhauniarovich

CONFIDENTIALITY NOTICE:
This email and any attachments transmitted with it are confidential and intended for the use of individual or entity to which it is addressed. If you have received this email in error, please delete it immediately and inform the sender. Unless you are the intended recipient, you may not use, disclose, copy or distribute this email or any attachments included. The contents of this email, including any attachments, may be subjected to copyright law. In such cases, the contents may not be copied, adapted, distributed or transmitted without the consent of the copyright owner.

CONFIDENTIALITY  NOTICE:
This email and any attachments transmitted with it are confidential and intended for the use of individual or entity to which it is addressed. If you have received this email in error, please delete it immediately and inform the sender. Unless you are the intended recipient, you may not use, disclose, copy or distribute this email or any attachments included. The contents of this email, including any attachments, may be subjected to copyright law. In such cases, the contents may not be copied, adapted, distributed or transmitted without the consent of the copyright owner.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20170320/6a417f02/attachment.html>

More information about the Soot-list mailing list