search

secure-software-engineering / FlowDroid

FlowDroid Static Data Flow Tracker
GNU Lesser General Public License v2.1
1.03k stars 293 forks source link

Sometimes, FlowDroid cannot find the source/sink and abort analysis #456

Closed zhouyuhao1018 closed 2 years ago

zhouyuhao1018 commented 2 years ago

Hi, In some cases, FLowDroid cannot find source/sink and abort analysis, I don't know why. When I define the following method as source: <android.content.SharedPreferences: int getInt(java.lang.String,int)> -> SOURCE

And, there is a invoke in the load() in the following class: 

public class com.example.viewmodeltest.MyViewModel extends androidx.lifecycle.AndroidViewModel
{
    private int number;
    private android.content.SharedPreferences sharedPreferences;
    ......
    private void load()
    {
        com.example.viewmedeltest.MyViewModel r0;
        android.app.Application $r1;
        android.content.SharedPreferences $r2;
        int $i0;

        r0 := @this: com.example.viewmedeltest.MyViewModel;

        $r1 = virtualinvoke r0.<com.example.viewmedeltest.MyViewModel: android.app.Application getApplication()>();

        $r2 = virtualinvoke $r1.<android.app.Application: android.content.SharedPreferences getSharedPreferences(java.lang.String,int)>("myViewModelTestSharedPref", 0);

        r0.<com.example.viewmedeltest.MyViewModel: android.content.SharedPreferences sharedPreferences> = $r2;

        $r2 = r0.<com.example.viewmedeltest.MyViewModel: android.content.SharedPreferences sharedPreferences>;

        $i0 = -10;

        $i0 = interfaceinvoke $r2.<android.content.SharedPreferences: int getInt(java.lang.String,int)>("KEY", $i0);

        r0.<com.example.viewmedeltest.MyViewModel: int number> = $i0;

        return;
    }
    ......
    public int getNumber()
    {
        com.example.viewmedeltest.MyViewModel r0;
        int i0;

        r0 := @this: com.example.viewmedeltest.MyViewModel;

        i0 = r0.<com.example.viewmedeltest.MyViewModel: int number>;

        return i0;
    }
    ......
}

However, the console prints

[main] INFO soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - Looking for sources and sinks...
[main] ERROR soot.jimple.infoflow.android.SetupApplication$InPlaceInfoflow - No sources found, aborting analysis

This class extends androidx.lifecycle.ViewModle, the field <com.example.viewmedeltest.MyViewModel: int number> is for mainActivity by calling getNumber().