Skip to content

Inspect the Information Flow summary

Jump to bottom
Limei Gilham edited this page Mar 10, 2015 · 4 revisions
Contents
  1. Open the information flow summary view
  2. Expand or collapse the info flow summary outline
  3. Nodes in the info flow summary outline
  4. Select a sink method node from the info flow summary outline
  5. Search the info flow summary outline

1. Open the information flow summary view

  1. Click on the tab Info Flow Summary in the left window pane to open the info flow summary outline view

    Figure 3

    In Figure 3, the left window pane displays the info flow summary for the app PickContacts.

2. Expand or collapse the info flow summary outline

Click on the following icons in the toolbar to expand or collapse the info flow summary outline:

  • - expanding the outline to show all the levels

  • - collapsing the outline to show only the top level

3. Nodes in the info flow summary outline

  • Source category -> Sink category pairs

    At the top level, the info flow summary outline contains nodes that represent high-level info flows from source categories to sink categories. For example, the top level node

    UNIQUE_IDENTIFIER->NETWORK

indicates that there is an info flow in the app from the UNIQUE_IDENTIFIER category to the NETWORKcategory

  • Sink method calls

    Expanding a source category -> sink category node at the top level, you will get a list of sink method calls in the sink category that some sources in the source category can flow to. For example, a second level node under the top level node above

    AbstractHttpClient execute (HttpUriRequest)

    denotes a sink method call in the NETWORK info category where a source in the UNIQUE_IDENTIFIER info category can flow to.

4. Select a sink method node from the info flow summary outline

Clicking on an outline node representing a sink method call will cause the other Droidsafe views and the editor to be updated accordingly.

  • Info Flow Details view - shows the sources of the given category that can flow to the arguments and/or the receiver of this sink method call.

  • Values view - shows the values computed for the arguments and the receiver of this sink method call.

  • Points To Info view - shows the points-to information on the arguments and the receiver of this sink method call.

  • Editor - reveals and highlights the file location corresponding to this sink method call.

    Figure 3 shows the updated contents in the other Droidsafe views and in the editor when a sink method call

    AbstractHttpClient execute (HttpUriRequest)

    in the info flow summary outline is selected.

5. Search the info flow summary outline

  1. Click on in the toolbar

    A search dialog will appear on the top of the info flow summary outline, allowing you to enter search strings and to navigate among the search results.

  2. Enter a search string result in the Search input box and then press return

    When the search status shows (1 of 12), it means that twelve occurrences of result in the outline are found and the current search position is at the first occurrence. The current occurrence is highlighted red, and the remaining occurrence is highlighted yellow.

  3. press return or click on to navigate to the next occurrence

  4. Click on to navigate to the previous occurrence

  5. Click on to exit search.

Previous section: Inspect the Security Specification

Next section: Inspect the Indicators

Table of Contents

Clone this wiki locally