[Soot-list] Proposal: Replace "System.exit()" with Java Exception to handle malformed inputs within analysis procedures
Wei Peng
pengw at umail.iu.edu
Wed Dec 31 10:36:48 EST 2014
BTW, a workaround before such patch is merged is using
"java.lang.SecurityManager" to convert System.exit to SecurityException,
illustrated by the following Clojure snippets:
how to use:
```clj
(let [g-objgetter (new-g-objgetter)]
(with-soot
;; use the current thread's Soot context
g-objgetter
;; no need to reset Soot context at the end --- as long as everyone
uses its own Context
false
;; the real action; g/scene/pack-manager/options/phase-options are
bound to their respective Singletons, e.g, G.v() in Java or (G/v) in Clojure
))
```
the definitions:
```clj
(def soot-mutex
"Soot mutex: Soot is unfortunately Singleton"
(Object.))
(def system-security-manager
"System's exsiting security manager"
(System/getSecurityManager))
(def noexit-security-manager
"prevent Soot brining down the system with System.exit"
;;
http://stackoverflow.com/questions/21029651/security-manager-in-clojure/21033599#21033599
(proxy [SecurityManager] []
(checkPermission
([^java.security.Permission perm]
(when (.startsWith (.getName perm) "exitVM")
(throw (SecurityException. "no exit for Soot"))))
([^java.security.Permission perm ^Object context]
(when (.startsWith (.getName perm) "exitVM")
(throw (SecurityException. "no exit for Soot")))))))
(defmacro with-soot
"wrap body with major Soot refs *at the call time*: g, scene,
pack-manager, options, phase-options; g can be (optionally) provided with
g-objgetter (nil to ask fetch the G *at the call time*); (G/reset) at the
end if \"reset?\" is true"
[g-objgetter reset? & body]
`(locking soot-mutex
(try
(System/setSecurityManager noexit-security-manager)
(when (instance? G$GlobalObjectGetter ~g-objgetter)
(G/setGlobalObjectGetter ~g-objgetter))
(let [~'g (G/v)
~'scene (Scene/v)
~'pack-manager (PackManager/v)
~'options (Options/v)
~'phase-options (PhaseOptions/v)]
~@body
~(when reset?
`(G/reset)))
(catch Exception e#
;; reset Soot state
(G/reset)
(throw e#))
(finally
(System/setSecurityManager system-security-manager)))))
(defn new-g-objgetter
"create a new Soot context (G$GlobalObjectGetter)"
[]
(let [g (new G)]
(reify G$GlobalObjectGetter
(getG [this] g)
(reset [this] (new G)))))
```
Wei Peng
Department of Computer and Information Science
Indiana University-Purdue University, Indianapolis (IUPUI)
pengw at iupui.edu | www.cs.iupui.edu/~pengw/
On Wed, Dec 31, 2014 at 8:00 AM, Bodden, Eric <eric.bodden at sit.fraunhofer.de
> wrote:
> Hi Wei.
>
> I agree. We should probably use an exception type, though, of which we are
> sure that it will be thrown all the way to the top of the stack.
>
> Would you be willing to provide a patch/pull request?
>
> Cheers,
> Eric
>
> > On 30.12.2014, at 21:00, Wei Peng <pengw at umail.iu.edu> wrote:
> >
> > Hi soot-list,
> >
> > I am embedding Soot in host program that batch-processes incoming binary
> samples.
> >
> > However, in some if not all cases, the behavior that Soot/Dexpler in
> handling malformed samples is System.exit() (example:
> https://github.com/Sable/soot/blob/596be7d399df3226249288ec624a02f34237170d/src/soot/dexpler/DexNullTransformer.java#L283).
> This would take down the host program along with it.
> >
> > I understand that stopping analysis to prevent unsound results is
> correct behavior; however, I would argue that using "System.exit()" instead
> of catchable/recoverable Exception in these cases is too drastic.
> >
> > Of course, System.exit has legitimate uses within the driver "main"
> methods. But I would propose changing the ones deep within the analysis
> procedures. Even a general Java Exception such as
> "java.lang.IllegalArgumentException" would be nicer.
> >
> > There are 30 such places found by Github:
> >
> https://github.com/Sable/soot/search?q=%22System+exit%22+language%3Ajava+extension%3Ajava+path%3Asrc%2Fsoot&type=Code
> >
> > ... and the 85 places I find with
> > git grep -n -P 'System\.exit\(' src/soot/ | perl -wnl -e 'print if
> !m|//.*System\.exit|' | tee ~/soot-system-exit.txt
> >
> >
> > src/soot/PackManager.java:471: System.exit(0);
> > src/soot/dava/toolkits/base/DavaMonitor/DavaMonitor.java:72:
> System.exit(0);
> > src/soot/dexpler/DexIfTransformer.java:322:
> System.exit(-1);
> > src/soot/dexpler/DexIfTransformer.java:359:
> System.exit(-1);
> > src/soot/dexpler/DexNullTransformer.java:283:
> System.exit(-1);
> > src/soot/dexpler/DexNullTransformer.java:317:
> System.exit(-1);
> > src/soot/dexpler/DexTransformer.java:144:
> System.exit(-1);
> > src/soot/dexpler/DexTransformer.java:155:
> System.exit(-1);
> > src/soot/dexpler/Util.java:178: System.exit(-1);
> > src/soot/dexpler/instructions/CmpInstruction.java:102:
> System.exit(-1);
> > src/soot/dexpler/instructions/TaggedInstruction.java:43:
> System.exit(-1);
> > src/soot/jbco/Main.java:81: System.exit(0);
> > src/soot/jbco/Main.java:102: System.exit(1);
> > src/soot/jbco/Main.java:137: System.exit(1);
> > src/soot/jbco/Main.java:141: System.exit(1);
> > src/soot/jbco/Main.java:149: System.exit(1);
> > src/soot/jbco/Main.java:161: System.exit(1);
> > src/soot/jbco/Main.java:198: System.exit(0);
> > src/soot/jbco/bafTransformations/IndirectIfJumpsToCaughtGotos.java:88:
> System.exit(1);
> > src/soot/jbco/bafTransformations/StackTypeHeightCalculator.java:513:
> System.exit(1);
> > src/soot/jbco/gui/JBCOViewer.java:746: System.exit(0);
> > src/soot/jbco/jimpleTransformations/FieldRenamer.java:175:
> System.exit(1);
> > src/soot/jimple/parser/Parse.java:97: System.exit(0);
> > src/soot/jimple/spark/geom/geomE/FullSensitiveNodeGenerator.java:205:
> System.exit(-1);
> > src/soot/jimple/spark/geom/geomPA/GeomPointsTo.java:281:
> System.exit(-1);
> > src/soot/jimple/spark/geom/heapinsE/HeapInsNodeGenerator.java:189:
> System.exit(-1);
> > src/soot/jimple/spark/geom/ptinsE/PtInsNodeGenerator.java:186:
> System.exit(-1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:42:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:50:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:58:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:63:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:74:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:104:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:108:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:116:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:120:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/CheckMSet.java:130:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/DominatorsFinder.java:51:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/MethodInliner.java:51:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/MhpAnalysis.java:1056:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegChain.java:234:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegChain.java:297:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegChain.java:473:
>
> System.exit(1); // What SHOULD be done is that all possible targets are
> inlined
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:314:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:626:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:653:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:706:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:736:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:753:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:757:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:877:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:943:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:952:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:958:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:976:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:983:
> System.exit(1);
> > src/soot/jimple/toolkits/thread/mhp/PegGraph.java:991:
> System.exit(1);
> >
> src/soot/jimple/toolkits/thread/mhp/pegcallgraph/CheckRecursiveCalls.java:62:
> System.exit(1);
> > src/soot/jimple/toolkits/typing/fast/UseChecker.java:125:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:81:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:86:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:128:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:141:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:151:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:162:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:199:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:342:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:368:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:587:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:595:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:604:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:615:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:625:
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:662:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:676:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:691:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:706:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:716:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:751:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:765:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:780:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:795:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:805:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:817:
>
> System.exit(1);
> >
> src/soot/toolkits/astmetrics/DataHandlingApplication/ProcessData.java:874:
> System.exit(1);
> >
> > Wei.
> >
> > Wei Peng
> > Department of Computer and Information Science
> > Indiana University-Purdue University, Indianapolis (IUPUI)
> > pengw at iupui.edu | www.cs.iupui.edu/~pengw/
> >
> > _______________________________________________
> > Soot-list mailing list
> > Soot-list at CS.McGill.CA
> > https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20141231/efcaabb6/attachment-0001.html
More information about the Soot-list
mailing list