[Soot-list] Implementation of Thin Slicing Analysis and Taint Analysis

Eric Bodden eric.bodden at uni-paderborn.de
Tue Sep 29 10:31:25 EDT 2020 

Hi.

You will have to decide whether you need a flow-sensitive analysis, i.e., taking control flow into account, or not. When you write C3.getX() ――> C3.C3() ――> C2.load() that looks like a flow-insensitive representation.

This you could obtain using Soot’s pointer analysis framework Spark, specifically the pointer assignment graph that Spark computes.

If you need/want flow-sensitivity then you may want to use an appropriate analysis extension such as Boomerang:
https://github.com/CROSSINGTUD/SPDS

Best wishes
Eric



> On 28. Sep 2020, at 20:57, liuyuan at fastmail.com wrote:
> 
> Dear all,
> 
> Given the method getX in class C3 (in the figure shown below), I want to trace the set of methods which affect it based on the data (i.e., the variables used in getX).
> 
> I think this is a reverse data flow problem. First getX use the props , and props is a class variable of C3. Then the props is set value by the constructor of C3.
> Finally, for the constructor, it receives the returned value of the method load to set the props considering the method main. 
> 
> So I can get the value dependency path of the variable props in getX: C3.getX() ――> C3.C3() ――> C2.load(). 
> 
> I think the aforcementioned analysis is similar to the backward thin slicing analysis or taint analysis. Does soot provide the implemntation?
> 
> // File: C1.java
> public class C1(){
>     public static void main(String[] args) {
>         C2 c2 = new C2();
>         Properties props = c2.load();
>         C3 c3 = new C3(props);
>         System.out.println(c3.getX("ccc"));
>     }
> }
> 
> // File: C2.java
> public class C2(){
>     public static Properties load() {
>         ...
>     }
> }
> 
> // File: C3.java
> public class C3(){
>     Properties props;
>     public void C3(Properties props){
>         this.props = props;
>     }
> 
>     public static Object getX(String key) {
>         return props.getProperty(key);
>     }
> }
> 
> Best,
> Yuan
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list

More information about the Soot-list mailing list