diff --git a/jacodb-analysis/README.md b/jacodb-analysis/README.md index 1141945e4..db774ca3f 100644 --- a/jacodb-analysis/README.md +++ b/jacodb-analysis/README.md @@ -1,27 +1,27 @@ -# Module jacodb-analysis +# The `jacodb-analysis` module -Analysis module allows launching dataflow analyses of applications. -It contains API to write custom analyses, along with several implemented ready-to-use analyses. +The `jacodb-analysis` module allows launching application dataflow analyses. +It contains an API to write custom analyses, and several ready-to-use analyses. -## Concept of units +## Units -The [IFDS](https://dx.doi.org/10.1145/199448.199462) framework is used as the basis for this module. -However, in order to be scalable, the analyzed code is split into so-called units, so that the framework +The [IFDS](https://dx.doi.org/10.1145/199448.199462) framework is the basis for this module. +To make the implementation scalable, the analyzed code is split into the so-called units, so that the framework can analyze them concurrently. Information is shared between the units via summaries, but the lifecycle of each unit is controlled separately. ## Get started -The entry point of the analysis is the [runAnalysis] method. In order to call it, you have to provide: +The analysis entry point is the [runAnalysis] method. To call it, you have to provide: * `graph` — an application graph that is used for analysis. To obtain this graph, one should call the [newApplicationGraphForAnalysis] method. * `unitResolver` — an object that groups methods into units. Choose one from `UnitResolversLibrary`. -Note that in general, larger units mean more precise but also more resource-consuming analysis. +Note that, in general, larger units mean more precise but also more resource-consuming analysis. * `ifdsUnitRunner` — an [IfdsUnitRunner] instance, which is used to analyze each unit. This is what defines concrete analysis. Ready-to-use runners are located in `RunnersLibrary`. * `methods` — a list of methods to analyze. -For example, to detect unused variables in the given `analyzedClass` methods, you may run the following code +For example, to detect the unused variables in the given `analyzedClass` methods, you may run the following code (assuming that `classpath` is an instance of [JcClasspath]): ```kotlin @@ -39,10 +39,11 @@ runAnalysis(applicationGraph, unitResolver, runner, methodsToAnalyze) ## Implemented runners By now, the following runners are implemented: -* `UnusedVariableRunner` that can detect issues like unused variable declaration, unused return value, etc. -* `NpeRunner` that can find instructions with possible null-value dereference. +* `UnusedVariableRunner` that can detect issues like unused variable declaration, unused `return` value, etc. +* `NpeRunner` that can find instructions with possible `null` value dereference. * Generic `TaintRunner` that can perform taint analysis. -* `SqlInjectionRunner` which find places vulnerable to sql injections, thus performing a specific kind of taint analysis. +* `SqlInjectionRunner`, which finds places vulnerable to SQL injections, thus performing a specific kind of taint + analysis. ## Implementing your own analysis @@ -52,9 +53,10 @@ To instantiate it, you need an [AnalyzerFactory] instance, which is an object th To instantiate an [Analyzer] interface, you have to specify the following: -* `flowFunctions` which describe dataflow facts and their transmissions during the analysis. +* `flowFunctions`, which describe the dataflow facts and their transmissions during the analysis; -* How vulnerabilities are produced by these facts, i.e. you have to implement `getSummaryFacts` and `getSummaryFactsPostIfds` methods. +* how these facts produce vulnerabilities, i.e., you have to implement `getSummaryFacts` and + `getSummaryFactsPostIfds` methods. To implement bidirectional analysis, you may use composite [SequentialBidiIfdsUnitRunner] and [ParallelBidiIfdsUnitRunner]. @@ -62,12 +64,12 @@ To implement bidirectional analysis, you may use composite [SequentialBidiIfdsUn [runAnalysis]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis/run-analysis.html -[newApplicationGraphForAnalysis]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis/new-application-graph-for-analysis.html +[newApplicationGraphForAnalysis]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.graph/new-application-graph-for-analysis.html [IfdsUnitRunner]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-ifds-unit-runner/index.html [JcClasspath]: https://jacodb.org/docs/jacodb-api/org.jacodb.api/-jc-classpath/index.html [IfdsBaseUnitRunner]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-ifds-base-unit-runner/index.html [AnalyzerFactory]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-analyzer-factory/index.html [Analyzer]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-analyzer/index.html [JcApplicationGraph]: https://jacodb.org/docs/jacodb-api/org.jacodb.api.analysis/-jc-application-graph/index.html -[SequentialBidiIfdsUnitRunner]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-sequential-bidi-ifds-base-unit-runner/index.html -[ParallelBidiIfdsUnitRunner]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-parallel-bidi-ifds-base-unit-runner/index.html +[SequentialBidiIfdsUnitRunner]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-sequential-bidi-ifds-unit-runner/index.html +[ParallelBidiIfdsUnitRunner]: https://jacodb.org/docs/jacodb-analysis/org.jacodb.analysis.engine/-parallel-bidi-ifds-unit-runner/index.html \ No newline at end of file