Using JDT to analyze Java code, author ppz
In IDEA, execute maven install to build the project. The generated jar file will be located in the target directory.
The construction of the Java CPG is divided into three main modules:
j2cpgis responsible for converting Java code into the basic CPG graph files, including theast,cfg, andpdggraphs.j2cghandles the conversion of Java code into function call graph files.g2dbparses the graph files generated by the previous modules and stores the graphs into a database.
Due to a conflict between the AST parsing tool (JDT) and the function call graph generation tool (Spoon), the project is divided into separate modules.
To run the project, a configuration file is required. In the same directory as Java2Graph.jar, create a config.json file with the following format, specifying the address of the Gremlin server.
{
"host": <ip>,
"port": 8182
}The path of the configuration file can be specified by command-line arguments, and the full command-line arguments are as follows.
usage: Java2Graph
-c,--config <arg> configuration file path
-h,--help print this message
-i,--input <input> input directory path
-o,--output <output> output directory path
Place the project to be analyzed into the input directory, and execute java -jar Java2Graph.jar -i input -o output to build the CPG and store it on the Gremlin server.
The output directory contains temporary files generated during the process.