Merge branch 'develop' of https://github.com/secure-software-engineering/FlowDroid into dev-experimental

Author: MarcMil

README.MD

@@ -109,7 +109,7 @@ Steven Arzt</a> is a good place to start.
 ## Contributing to FlowDroid
 
 Contributions are always welcome. FlowDroid is an open source project that we published in the hope that it will be useful to
-the research community as a whole. If you have a new feature of a bug fix that you would like to see in the official code
+the research community as a whole. If you have a new feature or a bug fix that you would like to see in the official code
 repository, please open a merge request here on Github and contact us (see below) with a short description of what you have
 done.
 

soot-infoflow-android/src/soot/jimple/infoflow/android/callbacks/DefaultCallbackAnalyzer.java

@@ -2,7 +2,6 @@
 
 import java.io.IOException;
 import java.util.ArrayList;
-import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -28,7 +27,6 @@
 import soot.jimple.infoflow.android.callbacks.filters.ICallbackFilter;
 import soot.jimple.infoflow.android.entryPointCreators.AndroidEntryPointConstants;
 import soot.jimple.infoflow.android.entryPointCreators.AndroidEntryPointUtils;
-import soot.jimple.infoflow.android.entryPointCreators.AndroidEntryPointUtils.ComponentType;
 import soot.jimple.infoflow.memory.IMemoryBoundedSolver;
 import soot.jimple.infoflow.memory.ISolverTerminationReason;
 import soot.jimple.infoflow.util.SystemClassHandler;
@@ -105,7 +103,7 @@ protected void internalTransform(String phaseName, @SuppressWarnings("rawtypes")
 							break;
 
 						List<MethodOrMethodContext> methods = new ArrayList<MethodOrMethodContext>(
-								getLifecycleMethods(sc));
+								entryPointUtils.getLifecycleMethods(sc));
 
 						// Check for callbacks registered in the code
 						analyzeReachableMethods(sc, methods);
@@ -187,77 +185,6 @@ protected void internalTransform(String phaseName, @SuppressWarnings("rawtypes")
 		PackManager.v().getPack("wjtp").add(transform);
 	}
 
-	/**
-	 * Gets all lifecycle methods in the given entry point class
-	 * 
-	 * @param sc The class in which to look for lifecycle methods
-	 * @return The set of lifecycle methods in the given class
-	 */
-	private Collection<? extends MethodOrMethodContext> getLifecycleMethods(SootClass sc) {
-		return getLifecycleMethods(entryPointUtils.getComponentType(sc), sc);
-	}
-
-	/**
-	 * Gets all lifecycle methods in the given entry point class
-	 * 
-	 * @param componentType the component type
-	 * @param sc            The class in which to look for lifecycle methods
-	 * @return The set of lifecycle methods in the given class
-	 */
-	public static Collection<? extends MethodOrMethodContext> getLifecycleMethods(ComponentType componentType,
-			SootClass sc) {
-		switch (componentType) {
-		case Activity:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getActivityLifecycleMethods());
-		case Service:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getServiceLifecycleMethods());
-		case Application:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getApplicationLifecycleMethods());
-		case BroadcastReceiver:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getBroadcastLifecycleMethods());
-		case Fragment:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getFragmentLifecycleMethods());
-		case ContentProvider:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getContentproviderLifecycleMethods());
-		case GCMBaseIntentService:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getGCMIntentServiceMethods());
-		case GCMListenerService:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getGCMListenerServiceMethods());
-		case ServiceConnection:
-			return getLifecycleMethods(sc, AndroidEntryPointConstants.getServiceConnectionMethods());
-		case Plain:
-			return Collections.emptySet();
-		}
-		return Collections.emptySet();
-	}
-
-	/**
-	 * This method takes a lifecycle class and the list of lifecycle method
-	 * subsignatures. For each subsignature, it checks whether the given class or
-	 * one of its superclass overwrites the respective methods. All findings are
-	 * collected in a set and returned.
-	 * 
-	 * @param sc      The class in which to look for lifecycle method
-	 *                implementations
-	 * @param methods The list of lifecycle method subsignatures for the type of
-	 *                component that the given class corresponds to
-	 * @return The set of implemented lifecycle methods in the given class
-	 */
-	private static Collection<? extends MethodOrMethodContext> getLifecycleMethods(SootClass sc, List<String> methods) {
-		Set<MethodOrMethodContext> lifecycleMethods = new HashSet<>();
-		SootClass currentClass = sc;
-		while (currentClass != null) {
-			for (String sig : methods) {
-				SootMethod sm = currentClass.getMethodUnsafe(sig);
-				if (sm != null)
-					if (!SystemClassHandler.v().isClassInSystemPackage(sm.getDeclaringClass().getName()))
-						lifecycleMethods.add(sm);
-			}
-			currentClass = currentClass.hasSuperclass() ? currentClass.getSuperclass() : null;
-		}
-		return lifecycleMethods;
-	}
-
 	private void analyzeReachableMethods(SootClass lifecycleElement, List<MethodOrMethodContext> methods) {
 		// Make sure to exclude all other edges in the callgraph except for the
 		// edges start in the lifecycle methods we explicitly pass in

soot-infoflow-android/src/soot/jimple/infoflow/android/callbacks/filters/ApplicationCallbackFilter.java

@@ -2,6 +2,8 @@
 
 import java.util.Set;
 
+import soot.FastHierarchy;
+import soot.RefType;
 import soot.Scene;
 import soot.SootClass;
 import soot.SootMethod;
@@ -21,6 +23,7 @@ public class ApplicationCallbackFilter extends AbstractCallbackFilter {
 	private SootClass activityLifecycleCallbacks;
 	private SootClass provideAssistDataListener;
 	private SootClass componentCallbacks;
+	private SootClass componentCallbacks2;
 
 	/**
 	 * Creates a new instance of the {@link ApplicationCallbackFilter} class
@@ -65,12 +68,11 @@ public boolean accepts(SootClass component, SootClass callbackHandler) {
 		// not implemented there
 		if (this.applicationClass != null && component.getName().equals(this.applicationClass)
 				&& !callbackHandler.getName().equals(applicationClass)) {
-			if (!Scene.v().getOrMakeFastHierarchy().canStoreType(callbackHandler.getType(),
-					this.activityLifecycleCallbacks.getType())
-					&& !Scene.v().getOrMakeFastHierarchy().canStoreType(callbackHandler.getType(),
-							this.provideAssistDataListener.getType())
-					&& !Scene.v().getOrMakeFastHierarchy().canStoreType(callbackHandler.getType(),
-							this.componentCallbacks.getType()))
+			final FastHierarchy fh = Scene.v().getOrMakeFastHierarchy();
+			final RefType callbackType = callbackHandler.getType();
+			if (!fh.canStoreType(callbackType, this.activityLifecycleCallbacks.getType())
+					&& !fh.canStoreType(callbackType, this.provideAssistDataListener.getType())
+					&& !fh.canStoreType(callbackType, this.componentCallbacks.getType()))
 				return false;
 		}
 
@@ -84,6 +86,8 @@ public void reset() {
 		this.provideAssistDataListener = Scene.v()
 				.getSootClassUnsafe("android.app.Application$OnProvideAssistDataListener");
 		this.componentCallbacks = Scene.v().getSootClassUnsafe(AndroidEntryPointConstants.COMPONENTCALLBACKSINTERFACE);
+		this.componentCallbacks2 = Scene.v()
+				.getSootClassUnsafe(AndroidEntryPointConstants.COMPONENTCALLBACKS2INTERFACE);
 	}
 
 	@Override
@@ -92,10 +96,18 @@ public boolean accepts(SootClass component, SootMethod callback) {
 		// components that are not the application
 		if (component.getName().equals(applicationClass))
 			return true;
+
 		String subSig = callback.getSubSignature();
-		return !AndroidEntryPointConstants.getActivityLifecycleCallbackMethods().contains(subSig)
-				&& !AndroidEntryPointConstants.getComponentCallbackMethods().contains(subSig)
-				&& !AndroidEntryPointConstants.getComponentCallback2Methods().contains(subSig);
+		final FastHierarchy fh = Scene.v().getOrMakeFastHierarchy();
+		final RefType callbackType = callback.getDeclaringClass().getType();
+		if (AndroidEntryPointConstants.getActivityLifecycleCallbackMethods().contains(subSig))
+			return fh.canStoreType(callbackType, this.activityLifecycleCallbacks.getType());
+		if (AndroidEntryPointConstants.getComponentCallbackMethods().contains(subSig))
+			return fh.canStoreType(callbackType, this.componentCallbacks.getType());
+		if (AndroidEntryPointConstants.getComponentCallback2Methods().contains(subSig))
+			return fh.canStoreType(callbackType, this.componentCallbacks2.getType());
+
+		return true;
 	}
 
 }

soot-infoflow-android/src/soot/jimple/infoflow/android/entryPointCreators/AndroidEntryPointConstants.java

@@ -125,8 +125,8 @@ public class AndroidEntryPointConstants {
 
 	private static final String[] activityMethods = { ACTIVITY_ONCREATE, ACTIVITY_ONDESTROY, ACTIVITY_ONPAUSE,
 			ACTIVITY_ONRESTART, ACTIVITY_ONRESUME, ACTIVITY_ONSTART, ACTIVITY_ONSTOP, ACTIVITY_ONSAVEINSTANCESTATE,
-			ACTIVITY_ONRESTOREINSTANCESTATE, ACTIVITY_ONCREATEDESCRIPTION, ACTIVITY_ONPOSTCREATE,
-			ACTIVITY_ONPOSTRESUME };
+			ACTIVITY_ONRESTOREINSTANCESTATE, ACTIVITY_ONCREATEDESCRIPTION, ACTIVITY_ONPOSTCREATE, ACTIVITY_ONPOSTRESUME,
+			ACTIVITY_ONATTACHFRAGMENT };
 	private static final List<String> activityMethodList = Arrays.asList(activityMethods);
 
 	private static final String[] serviceMethods = { SERVICE_ONCREATE, SERVICE_ONDESTROY, SERVICE_ONSTART1,
@@ -135,7 +135,8 @@ public class AndroidEntryPointConstants {
 
 	private static final String[] fragmentMethods = { FRAGMENT_ONCREATE, FRAGMENT_ONDESTROY, FRAGMENT_ONPAUSE,
 			FRAGMENT_ONATTACH, FRAGMENT_ONDESTROYVIEW, FRAGMENT_ONRESUME, FRAGMENT_ONSTART, FRAGMENT_ONSTOP,
-			FRAGMENT_ONCREATEVIEW, FRAGMENT_ONACTIVITYCREATED, FRAGMENT_ONVIEWSTATERESTORED, FRAGMENT_ONDETACH };
+			FRAGMENT_ONCREATEVIEW, FRAGMENT_ONACTIVITYCREATED, FRAGMENT_ONVIEWSTATERESTORED, FRAGMENT_ONDETACH,
+			FRAGMENT_ONSAVEINSTANCESTATE, FRAGMENT_ONVIEWCREATED };
 	private static final List<String> fragmentMethodList = Arrays.asList(fragmentMethods);
 
 	private static final String[] gcmIntentServiceMethods = { GCMINTENTSERVICE_ONDELETEDMESSAGES,
@@ -163,7 +164,8 @@ public class AndroidEntryPointConstants {
 			ACTIVITYLIFECYCLECALLBACK_ONACTIVITYDESTROYED, ACTIVITYLIFECYCLECALLBACK_ONACTIVITYCREATED };
 	private static final List<String> activityLifecycleMethodList = Arrays.asList(activityLifecycleMethods);
 
-	private static final String[] componentCallbackMethods = { COMPONENTCALLBACKS_ONCONFIGURATIONCHANGED };
+	private static final String[] componentCallbackMethods = { COMPONENTCALLBACKS_ONCONFIGURATIONCHANGED,
+			COMPONENTCALLBACKS_ONLOWMEMORY };
 	private static final List<String> componentCallbackMethodList = Arrays.asList(componentCallbackMethods);
 
 	public static final String[] componentCallback2Methods = { COMPONENTCALLBACKS2_ONTRIMMEMORY };

soot-infoflow-android/src/soot/jimple/infoflow/android/entryPointCreators/AndroidEntryPointUtils.java

@@ -1,15 +1,22 @@
 package soot.jimple.infoflow.android.entryPointCreators;
 
+import java.util.Collection;
+import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import soot.FastHierarchy;
+import soot.MethodOrMethodContext;
 import soot.Scene;
 import soot.SootClass;
 import soot.SootMethod;
+import soot.jimple.infoflow.util.SystemClassHandler;
 
 /**
  * Class containing common utility methods for dealing with Android entry points
@@ -21,7 +28,7 @@ public class AndroidEntryPointUtils {
 
 	private static final Logger logger = LoggerFactory.getLogger(AndroidEntryPointUtils.class);
 
-	private Map<SootClass, ComponentType> componentTypeCache = new HashMap<SootClass, ComponentType>();
+	private Map<SootClass, ComponentType> componentTypeCache = new HashMap<>();
 
 	private SootClass osClassApplication;
 	private SootClass osClassActivity;
@@ -162,6 +169,9 @@ public boolean isEntryPointMethod(SootMethod method) {
 		if (componentType == ComponentType.Service
 				&& AndroidEntryPointConstants.getServiceLifecycleMethods().contains(subsignature))
 			return true;
+		if (componentType == ComponentType.Application
+				&& AndroidEntryPointConstants.getApplicationLifecycleMethods().contains(subsignature))
+			return true;
 		if (componentType == ComponentType.Fragment
 				&& AndroidEntryPointConstants.getFragmentLifecycleMethods().contains(subsignature))
 			return true;
@@ -184,4 +194,75 @@ public boolean isEntryPointMethod(SootMethod method) {
 		return false;
 	}
 
+	/**
+	 * Gets all lifecycle methods in the given entry point class
+	 * 
+	 * @param sc The class in which to look for lifecycle methods
+	 * @return The set of lifecycle methods in the given class
+	 */
+	public Collection<? extends MethodOrMethodContext> getLifecycleMethods(SootClass sc) {
+		return getLifecycleMethods(getComponentType(sc), sc);
+	}
+
+	/**
+	 * Gets all lifecycle methods in the given entry point class
+	 * 
+	 * @param componentType the component type
+	 * @param sc            The class in which to look for lifecycle methods
+	 * @return The set of lifecycle methods in the given class
+	 */
+	public static Collection<? extends MethodOrMethodContext> getLifecycleMethods(ComponentType componentType,
+			SootClass sc) {
+		switch (componentType) {
+		case Activity:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getActivityLifecycleMethods());
+		case Service:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getServiceLifecycleMethods());
+		case Application:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getApplicationLifecycleMethods());
+		case BroadcastReceiver:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getBroadcastLifecycleMethods());
+		case Fragment:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getFragmentLifecycleMethods());
+		case ContentProvider:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getContentproviderLifecycleMethods());
+		case GCMBaseIntentService:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getGCMIntentServiceMethods());
+		case GCMListenerService:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getGCMListenerServiceMethods());
+		case ServiceConnection:
+			return getLifecycleMethods(sc, AndroidEntryPointConstants.getServiceConnectionMethods());
+		case Plain:
+			return Collections.emptySet();
+		}
+		return Collections.emptySet();
+	}
+
+	/**
+	 * This method takes a lifecycle class and the list of lifecycle method
+	 * subsignatures. For each subsignature, it checks whether the given class or
+	 * one of its superclass overwrites the respective methods. All findings are
+	 * collected in a set and returned.
+	 * 
+	 * @param sc      The class in which to look for lifecycle method
+	 *                implementations
+	 * @param methods The list of lifecycle method subsignatures for the type of
+	 *                component that the given class corresponds to
+	 * @return The set of implemented lifecycle methods in the given class
+	 */
+	private static Collection<? extends MethodOrMethodContext> getLifecycleMethods(SootClass sc, List<String> methods) {
+		Set<MethodOrMethodContext> lifecycleMethods = new HashSet<>();
+		SootClass currentClass = sc;
+		while (currentClass != null) {
+			for (String sig : methods) {
+				SootMethod sm = currentClass.getMethodUnsafe(sig);
+				if (sm != null)
+					if (!SystemClassHandler.v().isClassInSystemPackage(sm.getDeclaringClass().getName()))
+						lifecycleMethods.add(sm);
+			}
+			currentClass = currentClass.hasSuperclass() ? currentClass.getSuperclass() : null;
+		}
+		return lifecycleMethods;
+	}
+
 }