Location of Source and Sink in the source code.

[meixiliu]

Dear all

I used FlowDroid to analyze the taint flow in real Java projects and obtained some results. I attempted to obtain the location of Source and Sink in the source code in the taint flow, but I could only obtain line number information. I don't know how to obtain the Class and File information of Source Stmt and Sink Stmt in the source code.

In addition, when I analyze my own small demo program using FlowDroid compiled from source code, it works normally; However, when I analyze a real Java program, it runs continuously without any results, and the CPU usage reaches over 700%. What is the reason for this?

I have no idea about how to solve the situation. Can anyone help me please?

Thanks in advance Meixi

[timll]

I used FlowDroid to analyze the taint flow in real Java projects and obtained some results. I attempted to obtain the location of Source and Sink in the source code in the taint flow, but I could only obtain line number information. I don't know how to obtain the Class and File information of Source Stmt and Sink Stmt in the source code.

You can obtain the method inside an ResultsAvailableHandler with cfg.getMethodOf(stmt) and then looking at the declaring class of that method. You might be able to retrieve the file with Soot's SourceLocator.

In addition, when I analyze my own small demo program using FlowDroid compiled from source code, it works normally; However, when I analyze a real Java program, it runs continuously without any results, and the CPU usage reaches over 700%. What is the reason for this?

FlowDroid on real-world applications can be quite resource-hungry (worst case of 300GB+ of memory, "long" runtime). You can optimize the settings to increase the scalability: disable static field tracking and exceptional tracking.

[luoyashuo]

I used FlowDroid to analyze the taint flow in real Java projects and obtained some results. I attempted to obtain the location of Source and Sink in the source code in the taint flow, but I could only obtain line number information. I don't know how to obtain the Class and File information of Source Stmt and Sink Stmt in the source code.

You can obtain the method inside an ResultsAvailableHandler with cfg.getMethodOf(stmt) and then looking at the declaring class of that method. You might be able to retrieve the file with Soot's SourceLocator.

In addition, when I analyze my own small demo program using FlowDroid compiled from source code, it works normally; However, when I analyze a real Java program, it runs continuously without any results, and the CPU usage reaches over 700%. What is the reason for this?

FlowDroid on real-world applications can be quite resource-hungry (worst case of 300GB+ of memory, "long" runtime). You can optimize the settings to increase the scalability: disable static field tracking and exceptional tracking.

I am new to using FlowDroid and I'm currently trying to understand the process of acquiring the SootMethod of each Stmt within a Taint Path. In particular, I'm interested in how to correctly use cfg.getMethodOf(stmt). Is it possible for you to provide an example using the ResultsAvailableHandler class to achieve this? This would effectively assist my understanding and usage of the tool.

[StevenArzt]

Are you working on Android apps or Java code? Depending on that, the code you need to use is slightly different. As Tim mentioned, the ResultsAvailableHandler is a good approach and cfg.getMethodOf(stmt) exists in both scenarios. Just the setup is slightly different.