[Soot-list] Implementation of Thin Slicing Analysis and Taint Analysis

Mon Sep 28 14:57:17 EDT 2020

Dear all,

Given the method getX in class C3 (in the figure shown below), I want to trace the set of methods which affect it based on the data (i.e., the variables used in getX).

I think this is a reverse data flow problem. First getX use the props , and props is a class variable of C3. Then the props is set value by the constructor of C3.
Finally, for the constructor, it receives the returned value of the method load to set the props considering the method main. 

So I can get the value dependency path of the variable props in getX: C3.getX() ――> C3.C3() ――> C2.load(). 

I think the aforcementioned analysis is similar to the backward thin slicing analysis or taint analysis. Does soot provide the implemntation?

// File: C1.java
public class C1(){
    public static void main(String[] args) {
        C2 c2 = new C2();
        Properties props = c2.load();
        C3 c3 = new C3(props);
        System.out.println(c3.getX("ccc"));
    }
}

// File: C2.java
public class C2(){
    public static Properties load() {
        ...
    }
}

// File: C3.java
public class C3(){
    Properties props;
    public void C3(Properties props){
        this.props = props;
    }

    public static Object getX(String key) {
        return props.getProperty(key);
    }
}

Best,
Yuan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20200928/2c935b6c/attachment.html>