Specific Method between source and sink matters in detecting leak?

[whavey]

With sendTextMessage defined as a sink and getIpAddress defined as a source flowdroid reports a leak when converting the IP address to a string using Integer.toString but not when using android.text.format.Formatter even though the source data flows through the same way. Does the specific method matter between a source and a sink when source data is flowing through the same way?

Jimple when using formatter (no leak reported):

$r5 = staticinvoke <android.telephony.SmsManager: android.telephony.SmsManager getDefault()>();
$r6 = virtualinvoke $r4.<android.net.wifi.WifiManager: android.net.wifi.WifiInfo getConnectionInfo()>();
$i0 = virtualinvoke $r6.<android.net.wifi.WifiInfo: int getIpAddress()>();
$r7 = staticinvoke <android.text.format.Formatter: java.lang.String formatIpAddress(int)>($i0);
virtualinvoke $r5.<android.telephony.SmsManager: void sendTextMessage(java.lang.String,java.lang.String,java.lang.String,android.app.PendingIntent,android.app.PendingIntent)    >("8885551234", null, $r7, null, null);

Jimple when using toString (leak reported):

$r5 = virtualinvoke $r4.<android.net.wifi.WifiManager: android.net.wifi.WifiInfo getConnectionInfo()>();
$i0 = virtualinvoke $r5.<android.net.wifi.WifiInfo: int getIpAddress()>();
$r6 = staticinvoke <java.lang.Integer: java.lang.String toString(int)>($i0);
$r7 = staticinvoke <android.telephony.SmsManager: android.telephony.SmsManager getDefault()>();
virtualinvoke $r7.<android.telephony.SmsManager: void sendTextMessage(java.lang.String,java.lang.String,java.lang.String,android.app.PendingIntent,android.app.PendingIntent)>("8885551234", null, $r6, null, null);

[StevenArzt]

The formatter method is a library method. For performance reasons, library methods are not analyzed together with each app. Instead, FlowDroid relies on external data flow summaries to know how a call to such a method influences the taint. For this class, we did not have a suitable summary. Consequently, the taint was lost. I have added a summary in the commit referenced above. Can you please try again with the new version?