Some problems in running flowdroid source code

[KyleLeith-007]

Hello I'm the new guy for the FlowDroid and got some questions about running flowdroid source code. I just downloaded the latest version of the flowdroid source code and opened the project using idea, but I don't know how to start the project. Some articles I read online are too early and different from those now. How can I start this project, such as customizing an APK file for analysis. The reason why I want to run the source code directly instead of the jar file is as follows: Through some articles, I have a preliminary understanding of the analysis process of flowdroid. I want to modify flowdroid slightly in my own research. Specifically, after flowdroid generates call graph (CG) and control flow graph (CFG) (perhaps the real process is different from what I understand), I want to add a step to filter some function nodes to reduce the function set, so as to make the subsequent ICFG smaller. But I just got started with flowdroid. I don't know how the source code of flowdroid works. Can you give me some guidance. Thanks in advance.

[StevenArzt]

You have two possibilities to get started.

1) You can use the FlowDroid command-line tool, which is located in the soot-infoflow-cmd project. There is main class that you can simply run with the appropriate command-line parameters. It will internally use the various FlowDroid classess. You can modify the rest of the analysis and when you run the command-line tool inside Eclipse, it should pick up your changes from the code.

2) You can write your own code that uses the FlowDroid API. Have a look at the SetupApplication class in the soot-infoflow-android project. It has public methods for the most common use cases such as building a callgraph or running a data flow analysis (which will generate a cllgraph internally if you haven't done so before). This approach gives you more control over inner workings of FlowDroid. Not all configuration options are exposed via the command-line tool. On the other hand, this approach requires some learning to get started with the API.

[KyleLeith-007]

You have two possibilities to get started.

1. You can use the FlowDroid command-line tool, which is located in the soot-infoflow-cmd project. There is main class that you can simply run with the appropriate command-line parameters. It will internally use the various FlowDroid classess. You can modify the rest of the analysis and when you run the command-line tool inside Eclipse, it should pick up your changes from the code.
2. You can write your own code that uses the FlowDroid API. Have a look at the SetupApplication class in the soot-infoflow-android project. It has public methods for the most common use cases such as building a callgraph or running a data flow analysis (which will generate a cllgraph internally if you haven't done so before). This approach gives you more control over inner workings of FlowDroid. Not all configuration options are exposed via the command-line tool. On the other hand, this approach requires some learning to get started with the API.

Thank you very much for your answer！ I will try these two methods . And I also have a small question to ask. I also found a cmdinfoflow.java file in the root infoflow \ src \ root \ jimple \ infoflow directory. It also seems that it runs through CMD parameters. Can I also use this file as a program analysis entry?

[StevenArzt]

The cmdInfoflow is a super outdated class. I'd rather not use it. We might even remove it in the future.

[KyleLeith-007]

The cmdInfoflow is a super outdated class. I'd rather not use it. We might even remove it in the future.

OK. Thank you very much for your reply!