[Soot-list] Problems with analyzing Android application

Alireza Sadeghi asadeghi at gmu.edu
Tue Oct 29 16:08:57 EDT 2013 

Thanks Eric for the reply.
Actually the problem is solved by using the following parameters:

_no_bodies_for_excluded

_android_jars

_src_prec

I've also set output format to output_format_none, to disable creating new
app.
Alireza

On Mon, Oct 28, 2013 at 4:45 AM, Bodden, Eric <eric.bodden at sit.fraunhofer.de
> wrote:

> Hi.
>
> Could it be that java.lang.StringBuffer is not on Soot's classpath? Does
> Soot say anything about java.lang.StringBuffer being  phantom class?
>
> Eric
>
>
>
> On 23.10.2013, at 19:38, Alireza Sadeghi <asadeghi at gmu.edu> wrote:
>
> > Hi,
> >
> > I want to use Soot to extract some information form Android apps source
> codes. For this purpose, I've implemented the following code:
> >
> > SootClass sClass = Scene.v().loadClassAndSupport(className);
> > sClass.setApplicationClass();
> > List<SootMethod> methods = sClass.getMethods();
> > for (SootMethod method : methods) {
> >     Body activeBody = method.retrieveActiveBody();
> >     PatchingChain<Unit> units = activeBody.getUnits();
> >     for (Unit unit : units) {
> >
> >       //Extract something from unit.
> >
> >     }
> > }
> >
> > Also I've set the following Soot options:
> >
> > Options.v().set_soot_classpath(ANDROID_JAR_ADDR + ":" + appRootAddress +
> "/src:");
> > Options.v().set_prepend_classpath(true);
> > Options.v().set_src_prec(Options.src_prec_java);
> >
> >
> >
> > But, I have couple of problems:
> >
> > First of all when I run my code, I get different exceptions based on the
> target Android application, for example, this exception is thrown:
> >
> > java.lang.RuntimeException: tried to get nonexistent method
> <java.lang.StringBuffer: void <init>()>
> > at soot.Scene.getMethod(Scene.java:394)
> > at soot.JastAddJ.AddExpr.eval(AddExpr.java:118)
> > at soot.JastAddJ.TypeDecl.emitCastTo(TypeDecl.java:1523)
> > at
> soot.JastAddJ.VariableDeclaration.jimplify2(VariableDeclaration.java:229)
> > at soot.JastAddJ.Block.jimplify2(Block.java:134)
> > at soot.JastAddJ.IfStmt.jimplify2(IfStmt.java:152)
> > at soot.JastAddJ.Block.jimplify2(Block.java:134)
> > at soot.JastAddJ.MethodDecl.jimplify2(MethodDecl.java:1032)
> > at soot.JastAddInitialResolver$1.getBody(JastAddInitialResolver.java:127)
> > at soot.SootMethod.getBodyFromMethodSource(SootMethod.java:89)
> > at soot.SootMethod.retrieveActiveBody(SootMethod.java:322)
> >
> > for this part of Android app code:
> >
> > String imei = data.getStringExtra("imei");
> > String text = "The IMEI of this phone is: " + imei;
> > Toast.makeText(getApplicationContext(), text, Toast.LENGTH_SHORT).show();
> > Log.i("IMEI", "The IMEI is :" + imei);
> >
> > I've checked many Soot's sample codes, including the post that Eric
> Bodden has provided here. But, the goal of all of this sample codes is to
> instrument the code and they have used Transformers. But, I don't want to
> transform or instrument the code, I just want to extract some information
> from the code.
> >
> > Another problem is with dependencies. In addition to android.jar, many
> Andriod applications have imported several libraries and also the R class
> (all apps use its own R file, but this file is not included in app's source
> code).
> >
> > So (when I cannot provide these libraries to add to the Soot class path)
> is it possible to tell Soot to ignore these reference during analysis and
> do not stop its work because of not finding the referred classes. (I've
> tried set_allow_phantom_refs option that I thought is designed for this
> purpose, but it didn't work).
> >
> >
> >
> > Thanks,
> > Alireza
> >
> > _______________________________________________
> > Soot-list mailing list
> > Soot-list at sable.mcgill.ca
> > http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>
> --
> Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
> Head of Secure Software Engineering  at Fraunhofer SIT, TU Darmstadt and
> EC SPRIDE
> Tel: +49 6151 16-75422    Fax: +49 6151 16-72051
> Room 3.2.14, Mornewegstr. 30, 64293 Darmstadt
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20131029/14e821dc/attachment.html

More information about the Soot-list mailing list