[Soot-list] Problems with analyzing Android application
Bodden, Eric
eric.bodden at sit.fraunhofer.de
Mon Oct 28 04:45:18 EDT 2013
Hi.
Could it be that java.lang.StringBuffer is not on Soot's classpath? Does Soot say anything about java.lang.StringBuffer being phantom class?
Eric
On 23.10.2013, at 19:38, Alireza Sadeghi <asadeghi at gmu.edu> wrote:
> Hi,
>
> I want to use Soot to extract some information form Android apps source codes. For this purpose, I've implemented the following code:
>
> SootClass sClass = Scene.v().loadClassAndSupport(className);
> sClass.setApplicationClass();
> List<SootMethod> methods = sClass.getMethods();
> for (SootMethod method : methods) {
> Body activeBody = method.retrieveActiveBody();
> PatchingChain<Unit> units = activeBody.getUnits();
> for (Unit unit : units) {
>
> //Extract something from unit.
>
> }
> }
>
> Also I've set the following Soot options:
>
> Options.v().set_soot_classpath(ANDROID_JAR_ADDR + ":" + appRootAddress + "/src:");
> Options.v().set_prepend_classpath(true);
> Options.v().set_src_prec(Options.src_prec_java);
>
>
>
> But, I have couple of problems:
>
> First of all when I run my code, I get different exceptions based on the target Android application, for example, this exception is thrown:
>
> java.lang.RuntimeException: tried to get nonexistent method <java.lang.StringBuffer: void <init>()>
> at soot.Scene.getMethod(Scene.java:394)
> at soot.JastAddJ.AddExpr.eval(AddExpr.java:118)
> at soot.JastAddJ.TypeDecl.emitCastTo(TypeDecl.java:1523)
> at soot.JastAddJ.VariableDeclaration.jimplify2(VariableDeclaration.java:229)
> at soot.JastAddJ.Block.jimplify2(Block.java:134)
> at soot.JastAddJ.IfStmt.jimplify2(IfStmt.java:152)
> at soot.JastAddJ.Block.jimplify2(Block.java:134)
> at soot.JastAddJ.MethodDecl.jimplify2(MethodDecl.java:1032)
> at soot.JastAddInitialResolver$1.getBody(JastAddInitialResolver.java:127)
> at soot.SootMethod.getBodyFromMethodSource(SootMethod.java:89)
> at soot.SootMethod.retrieveActiveBody(SootMethod.java:322)
>
> for this part of Android app code:
>
> String imei = data.getStringExtra("imei");
> String text = "The IMEI of this phone is: " + imei;
> Toast.makeText(getApplicationContext(), text, Toast.LENGTH_SHORT).show();
> Log.i("IMEI", "The IMEI is :" + imei);
>
> I've checked many Soot's sample codes, including the post that Eric Bodden has provided here. But, the goal of all of this sample codes is to instrument the code and they have used Transformers. But, I don't want to transform or instrument the code, I just want to extract some information from the code.
>
> Another problem is with dependencies. In addition to android.jar, many Andriod applications have imported several libraries and also the R class (all apps use its own R file, but this file is not included in app's source code).
>
> So (when I cannot provide these libraries to add to the Soot class path) is it possible to tell Soot to ignore these reference during analysis and do not stop its work because of not finding the referred classes. (I've tried set_allow_phantom_refs option that I thought is designed for this purpose, but it didn't work).
>
>
>
> Thanks,
> Alireza
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
--
Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
Head of Secure Software Engineering at Fraunhofer SIT, TU Darmstadt and EC SPRIDE
Tel: +49 6151 16-75422 Fax: +49 6151 16-72051
Room 3.2.14, Mornewegstr. 30, 64293 Darmstadt
More information about the Soot-list
mailing list