@Override public String toString() { StringBuilder sb = new StringBuilder(context.toString()); if (context.hasTag("LineNumberTag")) sb.append(" on line ") .append(((LineNumberTag) context.getTag("LineNumberTag")).getLineNumber()); return sb.toString(); }
private void dumpTextGraph(SootMethod caller, PrintStream printStream, int level) { String indent = indentString(level); caller.getTags(); printStream.printf("%s %s\n", indent, caller.toString()); Iterator<Edge> iterator = callGraph.edgesOutOf(caller); callgraphSet.add(caller); // boolean appClass = caller.getDeclaringClass().isApplicationClass(); boolean systemApi = API.v().isSystemMethod(caller); /* printStream.printf("%s Declaring method %s: app %s\n", indent, caller.toString(), systemApi? "False": "True"); */ String subindent = indentString(level + 1); Set<Object> calleeSet = new HashSet<Object>(); while (iterator != null && iterator.hasNext()) { Edge edge = iterator.next(); if (!systemApi) { List<Stmt> invokeStmtList = SootUtils.getInvokeStatements(caller, edge.tgt()); for (Stmt stmt : invokeStmtList) { if (calleeSet.contains(stmt)) continue; printStream.printf("%s #[%s] ", subindent, stmt); SourceLocationTag tag = SootUtils.getSourceLocation(stmt); if (tag != null) { printStream.printf(": %s", tag.toString()); } printStream.printf("\n"); calleeSet.add(stmt.toString()); } } if (!callgraphSet.contains(edge.tgt())) { dumpTextGraph(edge.tgt(), printStream, level + 1); } else { // already in the call graph, just print it out if (calleeSet.contains(edge.tgt())) continue; printStream.printf("%s %s\n", subindent, edge.tgt().toString()); calleeSet.add(edge.tgt()); } } }
/** * Given the merge of the <code>out</code> sets, compute the <code>in</code> set for <code>d * </code>. * * <p>Processes the analysis for the given {@link Unit}, i.e. checks the end of an implicit flow * for the given unit and after that tries to apply a {@link SecurityLevelStmtSwitch} switch to * the statement, i.e. calculates or updates the <em>security levels</em> of the statement * components to check for security violations. * * @param in Current incoming map of the local variables for the given unit. * @param d The current unit which should be checked for security violations. * @param out Current outgoing map of the local variables for the given unit. * @see soot.toolkits.scalar.FlowAnalysis#flowThrough(java.lang.Object, java.lang.Object, * java.lang.Object) * @see SecurityLevelStmtSwitch */ @Override protected void flowThrough(LocalsMap in, Unit d, LocalsMap out) { copy(in, out); Stmt stmt = (Stmt) d; getAnalyzedEnvironment().setStmt(stmt); checkEndOfImplicitFlow(stmt, in, out); try { SecurityLevelStmtSwitch stmtSwitch = new SecurityLevelStmtSwitch(getAnalyzedEnvironment(), getStore(), in, out); stmt.apply(stmtSwitch); } catch (ProgramCounterException | EnvironmentNotFoundException | SwitchException | MethodParameterNotFoundException | LevelNotFoundException e) { throw new AnalysisException( getMsg( "exception.analysis.other.error_switch", stmt.toString(), getSignatureOfMethod(getAnalyzedEnvironment().getSootMethod()), getAnalyzedEnvironment().getSrcLn()), e); } }