Soot api improvements for android

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

Update packages

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

Author: prabhu

platform/frontends/c2cpg/build.sbt

@@ -10,7 +10,7 @@ libraryDependencies ++= Seq(
     ExclusionRule(organization = "org.eclipse.platform", name = "org.eclipse.jface"),
     ExclusionRule(organization = "org.eclipse.platform", name = "org.eclipse.jface.text")
   ),
-  "org.jline"               % "jline"                      % "3.29.0",
+  "org.jline"               % "jline"                      % "3.30.4",
   "org.scalatest"          %% "scalatest"                  % Versions.scalatest % Test
 )
 

platform/frontends/jimple2cpg/build.sbt

@@ -4,7 +4,7 @@ dependsOn(Projects.dataflowengineoss, Projects.x2cpg % "compile->compile;test->t
 
 libraryDependencies ++= Seq(
   "io.appthreat"           %% "cpg2"              % Versions.cpg,
-  "commons-io"             % "commons-io"         % "2.19.0",
+  "commons-io"             % "commons-io"         % "2.20.0",
   "org.soot-oss"           % "soot"               % "4.6.0",
   "org.scala-lang.modules" % "scala-asm"          % "9.8.0-scala-1",
   "org.ow2.asm"            % "asm"                % "9.8",

platform/frontends/jimple2cpg/src/main/scala/io/appthreat/jimple2cpg/Jimple2Cpg.scala

@@ -30,9 +30,12 @@ class Jimple2Cpg extends X2CpgFrontend[Config]:
       case Some(value) if value.nonEmpty =>
           Options.v().set_src_prec(Options.src_prec_apk)
           Options.v().set_force_android_jar(value)
+          Options.v().setPhaseOption("dex", "ignore-errors:true")
       case _ =>
           Options.v().set_src_prec(Options.src_prec_apk_c_j)
     Options.v().set_process_multiple_dex(true)
+    Options.v().set_search_dex_in_archives(true)
+    Options.v().set_native_code(true)
     // workaround for Soot's bug while parsing large apk.
     // see: https://github.com/soot-oss/soot/issues/1256
     Options.v().setPhaseOption("jb", "use-original-names:false")
@@ -50,7 +53,7 @@ class Jimple2Cpg extends X2CpgFrontend[Config]:
     recurse: Boolean,
     onlyClasses: Boolean
   ): List[ClassFile] =
-    val archiveFileExtensions = Set(".jar", ".war", ".zip")
+    val archiveFileExtensions = Set(".jar", ".war", ".zip", ".apkm", ".xapk")
     extractClassesInPackageLayout(
       src,
       tmpDir,
@@ -139,15 +142,31 @@ class Jimple2Cpg extends X2CpgFrontend[Config]:
           G.reset()
 
   private def configureSoot(config: Config, outDir: File): Unit =
-    // set application mode
-    Options.v().set_app(false)
-    Options.v().set_whole_program(false)
+    if config.fullResolver then
+      // full transitive resolution of all references
+      Options.v().set_full_resolver(true)
+      // set application mode
+      Options.v().set_app(true)
+      Options.v().set_whole_program(true)
+      Options.v().setPhaseOption(
+        "cg.spark",
+        "enabled:true,on-fly-cg:true,propagator:worklist,safe-newinstance:true"
+      )
+      Options.v().setPhaseOption("cg.cha", "enabled:true")
+      Options.v().setPhaseOption("tagger", "enabled:true")
+    else
+      Options.v().set_app(false)
+      Options.v().set_whole_program(false)
+    // don’t choke on missing classes in huge app frameworks
+    Options.v().set_ignore_resolution_errors(true)
+    Options.v().set_ignore_methodsource_error(true)
     // keep debugging info
     Options.v().set_keep_line_number(true)
     Options.v().set_keep_offset(true)
     // ignore library code
     Options.v().set_no_bodies_for_excluded(true)
     Options.v().set_allow_phantom_refs(true)
+    Options.v().set_allow_phantom_elms(true)
     // keep variable names
     Options.v().setPhaseOption("jb.sils", "enabled:false")
     Options.v().setPhaseOption("jb", "use-original-names:true")
@@ -157,12 +176,7 @@ class Jimple2Cpg extends X2CpgFrontend[Config]:
     // output jimple
     Options.v().set_output_format(Options.output_format_jimple)
     Options.v().set_output_dir(outDir.canonicalPath)
-
     Options.v().set_dynamic_dir(config.dynamicDirs.asJava)
     Options.v().set_dynamic_package(config.dynamicPkgs.asJava)
-
-    if config.fullResolver then
-      // full transitive resolution of all references
-      Options.v().set_full_resolver(true)
   end configureSoot
 end Jimple2Cpg

platform/frontends/jimple2cpg/src/main/scala/io/appthreat/jimple2cpg/Main.scala

@@ -59,7 +59,7 @@ private object Frontend:
           .action((_, config) => config.withOnlyClasses(true)),
       opt[Unit]("full-resolver")
           .text(
-            "enables full transitive resolution of all references found in all classes that are resolved"
+            "enables whole program analysis and full transitive resolution of all references found in all classes that are resolved"
           )
           .action((_, config) => config.withFullResolver(true)),
       opt[Unit]("recurse")

platform/frontends/jssrc2cpg/build.sbt

@@ -10,7 +10,7 @@ dependsOn(Projects.dataflowengineoss, Projects.x2cpg % "compile->compile;test->t
 libraryDependencies ++= Seq(
   "io.appthreat"              %% "cpg2" % Versions.cpg,
   "com.lihaoyi"               %% "upickle"           % Versions.upickle,
-  "com.typesafe"               % "config"            % "1.4.3",
+  "com.typesafe"               % "config"            % "1.4.4",
   "com.michaelpollmeier"       % "versionsort"       % "1.0.17",
   "org.scalatest"             %% "scalatest"         % Versions.scalatest % Test
 )

project/build.properties

@@ -1 +1 @@
-sbt.version=1.10.11
+sbt.version=1.11.2