Add attachBaseContext support and optionally do not exclude stub methods in callback analyzer

Author: MarcMil

soot-infoflow-android/src/soot/jimple/infoflow/android/InfoflowAndroidConfiguration.java

@@ -320,6 +320,7 @@ public static class CallbackConfiguration {
 		private int maxCallbackAnalysisDepth = -1;
 		private boolean serializeCallbacks = false;
 		private String callbacksFile = "";
+		private boolean excludeStubsFromCallGraph = true;
 
 		/**
 		 * Copies the settings of the given configuration into this configuration object
@@ -335,6 +336,7 @@ public void merge(CallbackConfiguration cbConfig) {
 			this.maxCallbackAnalysisDepth = cbConfig.maxCallbackAnalysisDepth;
 			this.serializeCallbacks = cbConfig.serializeCallbacks;
 			this.callbacksFile = cbConfig.callbacksFile;
+			this.excludeStubsFromCallGraph = cbConfig.excludeStubsFromCallGraph;
 		}
 
 		/**
@@ -510,6 +512,22 @@ public void setCallbacksFile(String callbacksFile) {
 			this.callbacksFile = callbacksFile;
 		}
 
+		/**
+		 * Returns whether FlowDroid should exclude stub methods when computing the call graph
+		 * @return true if stubs should be excluded
+		 */
+		public boolean getExcludeStubsFromCallGraph() {
+			return excludeStubsFromCallGraph;
+		}
+
+		/**
+		 * Sets whether FlowDroid should exclude stub methods when computing the call graph
+		 * @param value true if stubs should be excluded
+		 */
+		public void setExcludeStubsFromCallGraph(boolean value) {
+			this.excludeStubsFromCallGraph = value;
+		}
+
 		@Override
 		public int hashCode() {
 			final int prime = 31;
@@ -522,6 +540,7 @@ public int hashCode() {
 			result = prime * result + maxCallbackAnalysisDepth;
 			result = prime * result + maxCallbacksPerComponent;
 			result = prime * result + (serializeCallbacks ? 1231 : 1237);
+			result = prime * result + (excludeStubsFromCallGraph ? 1231 : 1237);
 			return result;
 		}
 
@@ -553,6 +572,8 @@ public boolean equals(Object obj) {
 				return false;
 			if (serializeCallbacks != other.serializeCallbacks)
 				return false;
+			if (excludeStubsFromCallGraph != other.excludeStubsFromCallGraph)
+				return false;
 			return true;
 		}
 

soot-infoflow-android/src/soot/jimple/infoflow/android/callbacks/AbstractCallbackAnalyzer.java

@@ -846,7 +846,7 @@ protected void analyzeMethodOverrideCallbacks(SootClass sootClass) {
 		for (SootClass parentClass : Scene.v().getActiveHierarchy().getSuperclassesOf(sootClass)) {
 			if (SystemClassHandler.v().isClassInSystemPackage(parentClass))
 				for (SootMethod sm : parentClass.getMethods())
-					if (!sm.isConstructor())
+					if (!sm.isConstructor() && (sm.isProtected() || sm.isPublic()) && !sm.isStatic())
 						systemMethods.put(sm.getSubSignature(), sm);
 		}
 
@@ -957,7 +957,8 @@ protected boolean checkAndAddMethod(SootMethod method, SootMethod parentMethod,
 			return false;
 
 		// Skip empty methods
-		if (method.isConcrete() && isEmpty(method.retrieveActiveBody()))
+		if (config.getCallbackConfig().getExcludeStubsFromCallGraph() && method.isConcrete()
+				&& isEmpty(method.retrieveActiveBody()))
 			return false;
 
 		// Skip constructors

soot-infoflow-android/src/soot/jimple/infoflow/android/entryPointCreators/AndroidEntryPointConstants.java

@@ -194,6 +194,8 @@ public class AndroidEntryPointConstants {
 	private static final String[] serviceConnectionMethods = { SERVICECONNECTION_ONSERVICECONNECTED,
 			SERVICECONNECTION_ONSERVICEDISCONNECTED };
 	private static final List<String> serviceConnectionMethodList = Arrays.asList(serviceConnectionMethods);
+	public static final String ATTACH_BASE_CONTEXT = "void attachBaseContext(android.content.Context)";
+	public static final String CONTEXT_WRAPPER = "android.content.ContextWrapper";
 	/*
 	 * ========================================================================
 	 */

soot-infoflow-android/src/soot/jimple/infoflow/android/entryPointCreators/AndroidEntryPointCreator.java

@@ -293,6 +293,12 @@ protected SootMethod createDummyMainInternal() {
 			localVarsForClasses.put(applicationClass, applicationLocal);
 		}
 
+		body.getUnits()
+				.add(j.newInvokeStmt(j.newVirtualInvokeExpr(applicationLocal,
+						Scene.v().makeMethodRef(
+								Scene.v().getSootClassUnsafe(AndroidEntryPointConstants.CONTEXT_WRAPPER),
+								AndroidEntryPointConstants.ATTACH_BASE_CONTEXT, false))));
+
 		Map<SootClass, ContentProviderEntryPointCreator> cpComponents = new HashMap<>();
 		// For some weird reason unknown to anyone except the flying spaghetti
 		// monster, the onCreate() methods of content providers run even before

soot-infoflow-android/src/soot/jimple/infoflow/android/entryPointCreators/components/ActivityEntryPointCreator.java

@@ -95,7 +95,10 @@ protected void generateComponentLifecycle() {
 			localVarsForClasses.put(sc, callbackLocal);
 		}
 
-		// 1. onCreate:
+		// 1. attachBaseContext
+		searchAndBuildMethod(AndroidEntryPointConstants.ATTACH_BASE_CONTEXT, applicationLocal);
+
+		// 2. onCreate:
 		{
 			searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITY_ONCREATE, thisLocal);
 			for (SootClass callbackClass : this.activityLifecycleCallbacks.keySet()) {
@@ -118,7 +121,7 @@ protected void generateComponentLifecycle() {
 			}
 		}
 
-		// 2. onStart:
+		// 3. onStart:
 		Stmt onStartStmt;
 		{
 			onStartStmt = searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITY_ONSTART, thisLocal);
@@ -147,7 +150,7 @@ protected void generateComponentLifecycle() {
 		}
 		searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITY_ONPOSTCREATE, thisLocal);
 
-		// 3. onResume:
+		// 4. onResume:
 		Stmt onResumeStmt = Jimple.v().newNopStmt();
 		body.getUnits().add(onResumeStmt);
 		{
@@ -173,7 +176,7 @@ protected void generateComponentLifecycle() {
 			createIfStmt(startWhileStmt);
 		}
 
-		// 4. onPause:
+		// 5. onPause:
 		searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITY_ONPAUSE, thisLocal);
 		for (SootClass callbackClass : this.activityLifecycleCallbacks.keySet()) {
 			searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITYLIFECYCLECALLBACK_ONACTIVITYPAUSED,
@@ -191,7 +194,7 @@ protected void generateComponentLifecycle() {
 		createIfStmt(onResumeStmt);
 		// createIfStmt(onCreateStmt); // no, the process gets killed in between
 
-		// 5. onStop:
+		// 6. onStop:
 		Stmt onStop = searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITY_ONSTOP, thisLocal);
 		boolean hasAppOnStop = false;
 		for (SootClass callbackClass : this.activityLifecycleCallbacks.keySet()) {
@@ -209,11 +212,11 @@ protected void generateComponentLifecycle() {
 		createIfStmt(stopToDestroyStmt);
 		// createIfStmt(onCreateStmt); // no, the process gets killed in between
 
-		// 6. onRestart:
+		// 7. onRestart:
 		searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITY_ONRESTART, thisLocal);
 		body.getUnits().add(Jimple.v().newGotoStmt(onStartStmt)); // jump to onStart()
 
-		// 7. onDestroy
+		// 8. onDestroy
 		body.getUnits().add(stopToDestroyStmt);
 		searchAndBuildMethod(AndroidEntryPointConstants.ACTIVITY_ONDESTROY, thisLocal);
 		for (SootClass callbackClass : this.activityLifecycleCallbacks.keySet()) {

soot-infoflow-android/src/soot/jimple/infoflow/android/entryPointCreators/components/ServiceEntryPointCreator.java

@@ -40,12 +40,16 @@ public ServiceEntryPointCreator(SootClass component, SootClass applicationClass,
 
 	@Override
 	protected void generateComponentLifecycle() {
-		// 1. onCreate:
+
+		// 1. attachBaseContext
+		searchAndBuildMethod(AndroidEntryPointConstants.ATTACH_BASE_CONTEXT, thisLocal);
+
+		// 2. onCreate:
 		searchAndBuildMethod(AndroidEntryPointConstants.SERVICE_ONCREATE, thisLocal);
 
 		// service has two different lifecycles:
 		// lifecycle1:
-		// 2. onStart:
+		// 3. onStart:
 		searchAndBuildMethod(AndroidEntryPointConstants.SERVICE_ONSTART1, thisLocal);
 
 		// onStartCommand can be called an arbitrary number of times, or never