some refactoring to make it easier to use FlowDroid in custom settings

Author: StevenArzt

soot-infoflow-android/src/soot/jimple/infoflow/android/SetupApplication.java

@@ -107,6 +107,7 @@
 import soot.jimple.infoflow.solver.memory.IMemoryManagerFactory;
 import soot.jimple.infoflow.sourcesSinks.definitions.ISourceSinkDefinition;
 import soot.jimple.infoflow.sourcesSinks.definitions.ISourceSinkDefinitionProvider;
+import soot.jimple.infoflow.sourcesSinks.definitions.InMemorySourceSinkDefinitionProvider;
 import soot.jimple.infoflow.sourcesSinks.definitions.MethodSourceSinkDefinition;
 import soot.jimple.infoflow.sourcesSinks.manager.ISourceSinkManager;
 import soot.jimple.infoflow.taintWrappers.ITaintPropagationWrapper;
@@ -1477,29 +1478,7 @@ public InfoflowResults runInfoflow(Set<AndroidMethod> sources, Set<AndroidMethod
 		for (AndroidMethod am : sinks)
 			sinkDefs.add(new MethodSourceSinkDefinition(am));
 
-		ISourceSinkDefinitionProvider parser = new ISourceSinkDefinitionProvider() {
-
-			@Override
-			public Set<ISourceSinkDefinition> getSources() {
-				return sourceDefs;
-			}
-
-			@Override
-			public Set<ISourceSinkDefinition> getSinks() {
-				return sinkDefs;
-			}
-
-			@Override
-			public Set<ISourceSinkDefinition> getAllMethods() {
-				Set<ISourceSinkDefinition> sourcesSinks = new HashSet<>(sourceDefs.size() + sinkDefs.size());
-				sourcesSinks.addAll(sourceDefs);
-				sourcesSinks.addAll(sinkDefs);
-				return sourcesSinks;
-			}
-
-		};
-
-		return runInfoflow(parser);
+		return runInfoflow(new InMemorySourceSinkDefinitionProvider(sourceDefs, sinkDefs));
 	}
 
 	/**
@@ -1527,6 +1506,21 @@ public InfoflowResults runInfoflow() throws IOException {
 		File sourceSinkFile = config.getAnalysisFileConfig().getSourceSinkFile();
 		if (sourceSinkFile == null || !sourceSinkFile.exists())
 			throw new RuntimeException("No source/sink file specified for the data flow analysis");
+
+		ISourceSinkDefinitionProvider parser = parseSourceSinkDefinitions(sourceSinkFile);
+		return runInfoflow(parser);
+	}
+
+	/**
+	 * Parses the given source/sink definition file to make it accessible to the
+	 * data flow analysis
+	 * 
+	 * @param sourceSinkFile The source/sink definition file to parse
+	 * @return The {@link ISourceSinkDefinitionProvider} that provides access to the
+	 *         source/sink definitions
+	 * @throws IOException Thrown if the given source/sink file could not be read.
+	 */
+	protected ISourceSinkDefinitionProvider parseSourceSinkDefinitions(File sourceSinkFile) throws IOException {
 		String fileExtension = FilenameUtils.getExtension(sourceSinkFile.getName());
 		fileExtension = fileExtension.toLowerCase();
 
@@ -1544,8 +1538,7 @@ else if (fileExtension.equals("rifl"))
 		} catch (SAXException ex) {
 			throw new IOException("Could not read XML file", ex);
 		}
-
-		return runInfoflow(parser);
+		return parser;
 	}
 
 	/**

soot-infoflow-android/src/soot/jimple/infoflow/android/source/parsers/xml/AbstractXMLSourceSinkParser.java

@@ -24,11 +24,13 @@
 import soot.jimple.infoflow.android.data.AndroidMethod;
 import soot.jimple.infoflow.android.data.CategoryDefinition;
 import soot.jimple.infoflow.data.AbstractMethodAndClass;
-import soot.jimple.infoflow.river.AdditionalFlowCondition;
+import soot.jimple.infoflow.river.conditions.SignatureFlowCondition;
 import soot.jimple.infoflow.sourcesSinks.definitions.AccessPathTuple;
+import soot.jimple.infoflow.sourcesSinks.definitions.FieldSourceSinkDefinition;
 import soot.jimple.infoflow.sourcesSinks.definitions.IAccessPathBasedSourceSinkDefinition;
 import soot.jimple.infoflow.sourcesSinks.definitions.ISourceSinkCategory;
 import soot.jimple.infoflow.sourcesSinks.definitions.ISourceSinkDefinition;
+import soot.jimple.infoflow.sourcesSinks.definitions.MethodSourceSinkDefinition;
 import soot.jimple.infoflow.sourcesSinks.definitions.MethodSourceSinkDefinition.CallType;
 import soot.jimple.infoflow.sourcesSinks.definitions.SourceSinkCondition;
 import soot.jimple.infoflow.sourcesSinks.definitions.SourceSinkType;
@@ -393,7 +395,7 @@ public void endElement(String uri, String localName, String qName) throws SAXExc
 
 			case XMLConstants.ADDITIONAL_FLOW_CONDITION_TAG:
 				if (!classNamesOnPath.isEmpty() || !signaturesOnPath.isEmpty()) {
-					AdditionalFlowCondition additionalFlowCondition = new AdditionalFlowCondition(classNamesOnPath,
+					SignatureFlowCondition additionalFlowCondition = new SignatureFlowCondition(classNamesOnPath,
 							signaturesOnPath, excludedClassNames);
 					// Reset both for a new condition
 					classNamesOnPath = new HashSet<>();
@@ -532,8 +534,8 @@ protected void handleEndtagAccesspath() {
 	 * category is requested, the respective definition is created. Otherwise, the
 	 * existing one is returned.
 	 * 
-	 * @param categoryID    The user-defined category name
-	 * @param desc The human-readable description
+	 * @param categoryID The user-defined category name
+	 * @param desc       The human-readable description
 	 * @return The category definition object for the given category names
 	 */
 	private ISourceSinkCategory getOrMakeCategory(String categoryID, String desc) {

soot-infoflow-android/test/soot/jimple/infoflow/android/test/xmlParser/XmlParserTest.java

@@ -14,7 +14,7 @@
 import soot.jimple.infoflow.android.data.parsers.PermissionMethodParser;
 import soot.jimple.infoflow.android.source.parsers.xml.XMLSourceSinkParser;
 import soot.jimple.infoflow.android.test.BaseJUnitTests;
-import soot.jimple.infoflow.river.AdditionalFlowCondition;
+import soot.jimple.infoflow.river.conditions.SignatureFlowCondition;
 import soot.jimple.infoflow.sourcesSinks.definitions.ISourceSinkDefinition;
 import soot.jimple.infoflow.sourcesSinks.definitions.MethodSourceSinkDefinition;
 import soot.jimple.infoflow.sourcesSinks.definitions.SourceSinkCondition;
@@ -218,7 +218,7 @@ public void additionalFlowsXMLTest() throws IOException {
 			switch (methodSig) {
 			case stringWriteSig: {
 				Assert.assertEquals(1, conds.size());
-				AdditionalFlowCondition cond = (AdditionalFlowCondition) conds.stream().findAny().get();
+				SignatureFlowCondition cond = (SignatureFlowCondition) conds.stream().findAny().get();
 				Set<String> mRefs = cond.getSignaturesOnPath();
 				Assert.assertEquals(1, mRefs.size());
 				Assert.assertTrue(mRefs.contains(openConSig));
@@ -229,7 +229,7 @@ public void additionalFlowsXMLTest() throws IOException {
 			}
 			case stringOffsetWriteSig: {
 				Assert.assertEquals(1, conds.size());
-				AdditionalFlowCondition cond = (AdditionalFlowCondition) conds.stream().findAny().get();
+				SignatureFlowCondition cond = (SignatureFlowCondition) conds.stream().findAny().get();
 				Assert.assertEquals(0, cond.getSignaturesOnPath().size());
 				Set<String> cRefs = cond.getClassNamesOnPath();
 				Assert.assertEquals(1, cRefs.size());
@@ -240,7 +240,7 @@ public void additionalFlowsXMLTest() throws IOException {
 			}
 			case intWriteSig: {
 				Assert.assertEquals(1, conds.size());
-				AdditionalFlowCondition cond = (AdditionalFlowCondition) conds.stream().findAny().get();
+				SignatureFlowCondition cond = (SignatureFlowCondition) conds.stream().findAny().get();
 				Set<String> mRefs = cond.getSignaturesOnPath();
 				Assert.assertEquals(2, mRefs.size());
 				Assert.assertTrue(mRefs.contains(servletSig));
@@ -254,19 +254,19 @@ public void additionalFlowsXMLTest() throws IOException {
 				Assert.assertEquals(2, conds.size());
 				boolean foundServlet = false, foundHttpServlet = false;
 				for (SourceSinkCondition cond : conds) {
-					Set<String> mRefs = ((AdditionalFlowCondition) cond).getSignaturesOnPath();
+					Set<String> mRefs = ((SignatureFlowCondition) cond).getSignaturesOnPath();
 					Assert.assertEquals(1, mRefs.size());
-					Assert.assertEquals(0, ((AdditionalFlowCondition) cond).getClassNamesOnPath().size());
+					Assert.assertEquals(0, ((SignatureFlowCondition) cond).getClassNamesOnPath().size());
 
 					if (mRefs.contains(servletSig)) {
 						foundServlet = true;
-						Assert.assertEquals(2, ((AdditionalFlowCondition) cond).getExcludedClassNames().size());
-						Assert.assertTrue(((AdditionalFlowCondition) cond).getExcludedClassNames().stream()
+						Assert.assertEquals(2, ((SignatureFlowCondition) cond).getExcludedClassNames().size());
+						Assert.assertTrue(((SignatureFlowCondition) cond).getExcludedClassNames().stream()
 								.allMatch(cn -> cn.equals(byteArrayClass) || cn.equals("java.lang.Object")));
 					} else if (mRefs.contains(httpSrvSig)) {
 						foundHttpServlet = true;
-						Assert.assertEquals(1, ((AdditionalFlowCondition) cond).getExcludedClassNames().size());
-						Assert.assertTrue(((AdditionalFlowCondition) cond).getExcludedClassNames().stream()
+						Assert.assertEquals(1, ((SignatureFlowCondition) cond).getExcludedClassNames().size());
+						Assert.assertTrue(((SignatureFlowCondition) cond).getExcludedClassNames().stream()
 								.allMatch(cn -> cn.equals(byteArrayClass) || cn.equals("java.lang.String")));
 					} else {
 						Assert.fail();

soot-infoflow/src/soot/jimple/infoflow/results/InfoflowResults.java

@@ -19,6 +19,7 @@
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
+import java.util.stream.Collectors;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -629,6 +630,29 @@ public void removeAll(Collection<ResultSinkInfo> sinks) {
 			remove(sink);
 	}
 
+	/**
+	 * Gets all sink statements to which there is at least one data flow
+	 * 
+	 * @return The set of sink statements to which there is at least one data flow
+	 */
+	public Set<Stmt> getAllSinkStmts() {
+		if (this.results == null)
+			return Collections.emptySet();
+		return this.results.keySet().stream().map(s -> s.getStmt()).collect(Collectors.toSet());
+	}
+
+	/**
+	 * Gets all source statements from which there is at least one data flow
+	 * 
+	 * @return The set of source statements from which there is at least one data
+	 *         flow
+	 */
+	public Set<Stmt> getAllSourceStmts() {
+		if (this.results == null)
+			return Collections.emptySet();
+		return this.results.values().stream().map(s -> s.getStmt()).collect(Collectors.toSet());
+	}
+
 	@Override
 	public String toString() {
 		if (this.results == null)