{"id":18609514,"url":"https://github.com/secure-software-engineering/sparseboomerang","last_synced_at":"2025-04-10T22:31:20.713Z","repository":{"id":284287089,"uuid":"945887181","full_name":"secure-software-engineering/SparseBoomerang","owner":"secure-software-engineering","description":"Sparse Demand-Driven Pointer Analysis","archived":false,"fork":true,"pushed_at":"2025-03-10T09:45:57.000Z","size":96406,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"develop","last_synced_at":"2025-03-25T05:41:35.372Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"secure-software-engineering/Boomerang","license":"epl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/secure-software-engineering.png","metadata":{},"created_at":"2025-03-10T09:31:51.000Z","updated_at":"2025-03-16T09:09:44.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/secure-software-engineering/SparseBoomerang","commit_stats":null,"previous_names":["secure-software-engineering/sparseboomerang"],"tags_count":null,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2FSparseBoomerang","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2FSparseBoomerang/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2FSparseBoomerang/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2FSparseBoomerang/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/secure-software-engineering","download_url":"https://codeload.github.com/secure-software-engineering/SparseBoomerang/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248309605,"owners_count":21082245,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T03:06:18.994Z","updated_at":"2025-04-10T22:31:20.688Z","avatar_url":"https://github.com/secure-software-engineering.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://github.com/secure-software-engineering/SparseBoomerang/blob/master/SparseBoomerangLogo.png\"\u003e\n\u003c/p\u003e \n\n\n\n# SparseBoomerang\n\nSparseBoomerang is an extension to SPDS-based [Boomerang](https://github.com/CodeShield-Security/SPDS).\nThis [SparseBoomerang repository](https://github.com/secure-software-engineering/SparseBoomerang) is now the main fork of [CodeShield](https://codeshield.io/)'s [Boomerang](https://github.com/CodeShield-Security/SPDS) which is providing further maintainance and development.\nSparseBoomerang introduces two sparsification strategies to aid the scalability of precise Boomerang pointer analysis.\n[SparseBoomerangCorrectness](SparseBoomerangCorrectness) show how these work and compare them against the default non-sparse Boomerang.\n\n## FlowDroid with SparseBoomerang\nThe FlowDroid fork that works with SparseBoomerang is available at: [https://github.com/kadirayk/FlowDroid](https://github.com/kadirayk/FlowDroid)\n\n## Publications\nThe paper is available:\n[Two Sparsification Strategies for Accelerating Demand-Driven Pointer Analysis](https://ieeexplore.ieee.org/document/10132184) (ICST 2023)\n\nPreprint is available: \n[Two Sparsification Strategies for Accelerating Demand-Driven Pointer Analysis](https://www.bodden.de/pubs/kb23sparsification.pdf) (ICST 2023)\n\n## Boomerang\nThis repository contains a Java implementation of Synchronized Pushdown Systems.\nAdditionally, it contains an implementation of [Boomerang](boomerangPDS) and [IDEal](idealPDS) based on a Weighted Pushdown System.\n\n\n## Use as Maven dependency\n\nThe projects are released on [Maven Central](https://central.sonatype.com/artifact/de.fraunhofer.iem/SPDS) and can be included as a dependency in `.pom` files (replace `x.y.z` with the latest version).\n\n- Boomerang can be included with the following dependency:\n\n```.xml\n\u003cdependency\u003e\n  \u003cgroupId\u003ede.fraunhofer.iem\u003c/groupId\u003e\n  \u003cartifactId\u003eboomerangPDS\u003c/artifactId\u003e\n  \u003cversion\u003ex.y.z\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n- IDEal can be included with the following dependency:\n\n```.xml\n\u003cdependency\u003e\n  \u003cgroupId\u003ede.fraunhofer.iem\u003c/groupId\u003e\n  \u003cartifactId\u003eidealPDS\u003c/artifactId\u003e\n  \u003cversion\u003ex.y.z\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n## Checkout, Build and Install\n\nTo build and install SPDS into your local repository, run \n\n``mvn clean install -DskipTests``\n\nin the root directory of this git repository. If you do not want to skip the test cases, remove the last flag.\n\n## Examples\n\nBoomerang code examples can be found [here](https://github.com/CodeShield-Security/SPDS/tree/master/boomerangPDS/src/main/java/boomerang/example). Code examples for IDEal are given [here](https://github.com/CodeShield-Security/SPDS/tree/master/idealPDS/src/main/java/inference/example).\n\n\n## Notes on the Test Cases\n\nThe projects Boomerang and IDEal contain JUnit test suites. As for JUnit, the test methods are annotated with @Test and can be run as normal JUnit tests.\nHowever, these methods are *not* executed but only statically analyzed. When one executes the JUnit tests, the test method bodies are supplied as input to Soot \nand a static analysis is triggered. All this happens in JUnit's @Before test time. The test method itself is never run, may throw NullPointerExceptions or may not even terminate.\n\nIf the static analysis succeeded, JUnit will officially label the test method as skipped. However, the test will not be labeled as Error or Failure. \nEven though the test was skipped, it succeeded. Note, JUnit outputs a message:\n\n``org.junit.AssumptionViolatedException: got: \u003cfalse\u003e, expected: is \u003ctrue\u003e``\n\nThis is ok! The test passed!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecure-software-engineering%2Fsparseboomerang","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsecure-software-engineering%2Fsparseboomerang","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecure-software-engineering%2Fsparseboomerang/lists"}