Merge branch 'kotlinFix' into injectTypeHierarchy

Author: t1mlange

soot-infoflow-integration/test/soot/jimple/infoflow/integration/test/junit/AndroidRegressionTests.java

@@ -3,16 +3,19 @@
 import org.junit.Assert;
 import org.junit.Test;
 import org.xmlpull.v1.XmlPullParserException;
+import soot.SootMethod;
 import soot.jimple.infoflow.InfoflowConfiguration;
 import soot.jimple.infoflow.android.SetupApplication;
+import soot.jimple.infoflow.android.data.parsers.PermissionMethodParser;
 import soot.jimple.infoflow.methodSummary.taintWrappers.TaintWrapperFactory;
+import soot.jimple.infoflow.results.DataFlowResult;
 import soot.jimple.infoflow.results.InfoflowResults;
 import soot.jimple.infoflow.taintWrappers.ITaintPropagationWrapper;
-import soot.jimple.infoflow.util.DebugFlowFunctionTaintPropagationHandler;
 
 import javax.xml.stream.XMLStreamException;
 import java.io.IOException;
 import java.util.Collections;
+import java.util.*;
 
 /**
  * Tests that uncovered a bug.
@@ -42,17 +45,47 @@ public void testFlowSensitivityWithOverwrite() throws XmlPullParserException, IO
         Assert.assertEquals(2, results.getResultSet().size());
     }
 
-
     /**
      * Tests that StubDroid correctly narrows the type when the summary is in a superclass.
      * See also the comment in SummaryTaintWrapper#getSummaryDeclaringClass().
      */
     @Test
     public void testTypeHierarchyFromSummary() throws XmlPullParserException, IOException {
         SetupApplication app = initApplication("testAPKs/TypeHierarchyTest.apk");
-        app.setTaintPropagationHandler(new DebugFlowFunctionTaintPropagationHandler());
         InfoflowResults results = app.runInfoflow("../soot-infoflow-android/SourcesAndSinks.txt");
         Assert.assertEquals(1, results.size());
         Assert.assertEquals(1, results.getResultSet().size());
     }
+
+    /**
+     * Tests an app that uses the kotlin collections.
+     * Expects four leaks:
+     *   * From getDeviceId() in onCreate() to Log.d(String, String)
+     *     in listFlow(String), mapFlow(String) and setFlow(String).
+     *   * From new File in fileFlow() to Log.d(String, String) in fileFlow(String).
+     */
+    @Test
+    public void testKotlinAppWithCollections() throws IOException {
+        SetupApplication app = initApplication("testAPKs/KotlinCollectionApp.apk");
+
+        // Make sure we find only one flow per method
+        app.addResultsAvailableHandler((cfg, results) -> {
+            Set<SootMethod> seenSet = new HashSet<>();
+            for (DataFlowResult res : results.getResultSet()) {
+                SootMethod sm = cfg.getMethodOf(res.getSink().getStmt());
+                Assert.assertFalse(seenSet.contains(sm));
+                seenSet.add(sm);
+            }
+        });
+
+        // Add the sources and sinks
+        List<String> ssinks = new ArrayList<>();
+        ssinks.add("<android.telephony.TelephonyManager: java.lang.String getDeviceId()> android.permission.READ_PHONE_STATE -> _SOURCE_");
+        ssinks.add("<android.util.Log: int d(java.lang.String,java.lang.String)> -> _SINK_");
+        ssinks.add("<kotlin.io.TextStreamsKt: java.util.List readLines(java.io.Reader)> -> _SOURCE_");
+
+        InfoflowResults results = app.runInfoflow(PermissionMethodParser.fromStringList(ssinks));
+        Assert.assertEquals(4, results.size());
+        Assert.assertEquals(4, results.getResultSet().size());
+    }
 }

soot-infoflow-integration/testAPKs/KotlinCollectionApp.apk

@@ -32,7 +32,9 @@
 		<method id="java.util.Iterator iterator()">
 			<flows>
 				<flow isAlias="false" typeChecking="false">
-					<from sourceSinkType="Field" />
+					<from sourceSinkType="Field"
+						  AccessPath="[java.util.Collection: java.lang.Object[] innerArray]"
+						  AccessPathTypes="[java.lang.Object[]]" />
 					<to sourceSinkType="Return"
 						AccessPath="[java.util.Iterator: java.lang.Object innerCollection]"
 						AccessPathTypes="[java.lang.Object]" />