more alt text

5_theseus/5_results.typ

@@ -307,14 +307,19 @@ Although self-explanatory, verifying the code of those methods indeed confirms t
     caption: [Code of `Main.main()`, as shown by Jadx, after patching],
 )<lst:th-demo-after>
 
-#todo[alt text for @fig:th-cg-before and @fig:th-cg-after]
 #figure([
   #figure(
     render(
       read("figs/demo_main_main.dot"),
       width: 100%,
       alt: (
-        "",
+        "A tree diagram. At the top, a node is labelled `Main->main()V`. ",
+        "Arrows goe from this node, down to four other nodes: ",
+        "`Main->decrypt(String)String`, `Method->invoke(Object [Object)Object`, ",
+        "`ClassLoader->loadClass(String)Class` and `Class->getMethod(String [Class)Method`. ",
+        "Arrows go down from `Main->decrypt(String)String` to 5 other nodes: ",
+        "Base64->decode(String I)[B`, `Cipher->init(I Key)V`, `Cipher->doFinal([B)[B`, ",
+        "`Cipher->getInstance(String)Cipher` and `String-><init>([)V`."
       ).join(),
     ),
     caption: [Call Graph of `Main.main()` generated by Androguard before patching],
@@ -325,7 +330,13 @@ Although self-explanatory, verifying the code of those methods indeed confirms t
       read("figs/patched_main_main.dot"),
       width: 100%,
       alt: (
-        "",
+        "The same tree diagram as in the previous figure, but this time, they ",
+        "are 4 additionnal nodes under `Main->main()V`: ",
+        "`T->check_is_Malicious_send_data(Method)Z` and `T->check_is_Malicious_get_data(Method)Z`, ",
+        "both with a grey background, and `Malicious->send_data(String Activity)String` and ",
+        "`Malicious->get_data(String Activity)String`, both with a red background. ",
+        "An arrow goes from `Malicious->get_data` to a `Utils->sink(Activity String)V` ",
+        "node, and an arrow goes from `Malicious->get_data` to a `Utils->source(String)String` node."
       ).join(),
     ),
     caption: [Call Graph of `Main.main()` generated by Androguard after patching],