search

soot-oss / SootUp

A new version of Soot with a completely overhauled architecture
https://soot-oss.github.io/SootUp/
GNU Lesser General Public License v2.1
564 stars 71 forks source link

Callgraph for Android app #627

Closed dah-fari7009 closed 1 year ago

dah-fari7009 commented 1 year ago

Hi,

I am trying to use SootUp for building the callgraph of a closed-source Android app. I see that SootUp expects an entrypoint method for callgraph construction, and in my case, I need it to be a dummy main method. I tried running CallGraph cg = rta.initialize(); without any arguments, but got an unexpected output:

GraphBasedCallGraph(38):
<com.newrelic.agent.android.Agent: void <clinit>()>:
    to <com.newrelic.agent.android.Agent: void <clinit>()>
    to <com.newrelic.agent.android.NullAgentImpl: void <clinit>()>
    to <com.newrelic.agent.android.NullAgentImpl: void <init>()>
    to <java.lang.Object: void <init>()>
    from <com.newrelic.agent.android.Agent: void <clinit>()>
    from <com.newrelic.agent.android.Agent: java.lang.String getBuildId()>
    from <com.newrelic.agent.android.util.AgentBuildOptionsReporter: void main(java.lang.String[])>
...

<java.lang.StringBuilder: java.lang.String toString()>:
    from <com.newrelic.agent.android.util.AgentBuildOptionsReporter: void main(java.lang.String[])>

<java.lang.reflect.Field: java.lang.Object get(java.lang.Object)>:
    from <com.newrelic.agent.android.Agent: java.lang.String getBuildId()>

Is there an option for the tool to build a dummy main method or would I have to use a tool like FlowDroid instead for this?

Thank you!

JonasKlauke commented 1 year ago

SootUp does not build a dummy main method. If you dont pass an entry point the jar is checked for a main method. The found main method is this method: <com.newrelic.agent.android.util.AgentBuildOptionsReporter: void main(java.lang.String[])>

dah-fari7009 commented 1 year ago

Thank you for the clarifications!