[Soot-list] Requiring main method for doing inter-procedural analysis Heros/Soot

Bodden, Eric eric.bodden at sit.fraunhofer.de
Mon Jan 20 03:13:40 EST 2014 

Hi.

DefaultSeeds is for configuring the abstract values that should be used at your analysis' entry points. But this is only useful assuming you already have a reliable call graph and reliable points-to sets if you need them. To get _those_ you will have to have a static "dummy main" method that Soot's call-graph analysis can use as an entry point, just like it is done in FlowDroid.

Eric

On 15.01.2014, at 19:48, Guru Devanla <gdevan2 at uic.edu> wrote:

> Hi,
> 
> My primary need is to do inter-procedural analysis and capture data flow
> between pair-wise methods in different classes. I have not gotten to trying
> this yet, but I believe I will have to initialize the DefaultSeeds object
> used by Hero's to help it do analysis for all pair-wise methods. It's
> possible I might hit some hurdles doing this and thats something I might
> have to work on in the coming weeks!
> 
> So, since you mentioned I might have have to take the same approach as
> Flowdroid, where I do a pass of all the public methods and then seed that
> into the DefaultSeeds object. But, is there any need for entry points to he
> static? I am not able to see any reason at least for my purpose.
> 
> As always thanks for your informative emails!
> 
> Thanks
> 
> 
> On Wed, Jan 15, 2014 at 10:44 AM, Guru Devanla <gurudev.devanla at gmail.com>wrote:
> 
>> Hi,
>> 
>> My primary need is to do inter-procedural analysis and capture data flow
>> between pair-wise methods in different classes. I have not gotten to trying
>> this yet, but I believe I will have to initialize the DefaultSeeds object
>> used by Hero's to help it do analysis for all pair-wise methods. It's
>> possible I might hit some hurdles doing this and thats something I might
>> have to work on in the coming weeks!
>> 
>> So, since you mentioned I might have have to take the same approach as
>> Flowdroid, where I do a pass of all the public methods and then seed that
>> into the DefaultSeeds object. But, is there any need for entry points to he
>> static? I am not able to see any reason at least for my purpose.
>> 
>> As always thanks for your informative emails!
>> 
>> Thanks
>> Guru
>> 
>> 
>> 
>> On Wed, Jan 15, 2014 at 7:12 AM, Marc-André Laverdière <
>> marc-andre.laverdiere-papineau at polymtl.ca> wrote:
>> 
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>> 
>>> Hello,
>>> 
>>> Another factor that bears repeating is that you need static entry
>>> points to get things rolling.
>>> 
>>> What kind of stuff do you want to analyze?
>>> 
>>> Flowdroid has an entry point generator that works for Android, but
>>> requires an a-priori list of things you want to call, and so needs two
>>> passes.
>>> 
>>> Bernhard and I have developed an entry point generator that works for
>>> JEE and will eventually be published :)
>>> 
>>> Marc-André Laverdière-Papineau
>>> Doctorant - PhD Candidate
>>> 
>>> On 01/13/2014 01:52 AM, Bodden, Eric wrote:
>>>> Hello.
>>>> 
>>>> Yes, this is possible as documented here:
>>>> http://www.bodden.de/2012/07/26/soot-custom-entry-points/
>>>> 
>>>> The API is not great but it works ;-)
>>>> 
>>>> @Mustafa: We should add this documentation to the wiki.
>>>> 
>>>> Best wishes, Eric
>>>> 
>>>> 
>>>> 
>>>> 
>>>> On 11.01.2014, at 20:41, Guru Devanla <gdevan2 at uic.edu> wrote:
>>>> 
>>>>> Hello  Sooters,
>>>>> 
>>>>> While doing inter-procedural analysis I see that the Heros/Soot
>>>>> api always needs an 'main' function. While I do understand this
>>>>> helps build the graph for the ensuing analysis, isn't there a way
>>>>> to start from different points if a 'main' method is not
>>>>> available.  I am wondering if this is somehow intractable and if
>>>>> any solutions exist.
>>>>> 
>>>>> Any pointers to this would be great, since when I try to analyze
>>>>> very many libraries I end up with an error.
>>>>> 
>>>>> Also, if there are any suggestion I would love to extend this
>>>>> functionality into Soot/Heros as it would immensely benefit me
>>>>> and hopeful a lot others right away.
>>>>> 
>>>>> Thanks _______________________________________________ Soot-list
>>>>> mailing list Soot-list at sable.mcgill.ca
>>>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>> 
>>>> -- Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/
>>>> http://bodden.de/ Head of Secure Software Engineering  at
>>>> Fraunhofer SIT, TU Darmstadt and EC SPRIDE Tel: +49 6151 16-75422
>>>> Fax: +49 6151 16-72051 Room 3.2.14, Mornewegstr. 30, 64293
>>>> Darmstadt
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________ Soot-list mailing
>>>> list Soot-list at sable.mcgill.ca
>>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>> 
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1
>>> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>>> 
>>> iQEcBAEBAgAGBQJS1qUxAAoJEGELVLHCizSf5wwH+wUgF+wRcUrBXQ0VQLRdEY1j
>>> GKuldV36pmGYgImrz41QM6AHNMnjOy0yYoUtqWbF1DRJ3vvatqdoeKjUay+fP37i
>>> rQ9x+6baVH5oadqnFwivjkoQ7lgz66TZ9rp8aFcTPkPoIRQEaIdFJdvZAeOCcR6K
>>> o+oUAwJ7n+UZMCcoXKy/JtTEiKMZfkzQgsNiZn0RWeGAgx5Nr0J1R92Es/E1Z30K
>>> NGGSjyn4gcYhNwG6mWoyemOUSD+J8uNADPH56XAFJYtQVZzw5/TIK63hEME2yIJw
>>> +v9+cJsJCRrwimeYcrMFtu70sjqDHSRbhZsQW/tPBzsGvyfgaUl4GsTXGtKOQT4=
>>> =dqas
>>> -----END PGP SIGNATURE-----
>>> _______________________________________________
>>> Soot-list mailing list
>>> Soot-list at sable.mcgill.ca
>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>> 
>> 
>> 
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list

--
Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
Head of Secure Software Engineering  at Fraunhofer SIT, TU Darmstadt and EC SPRIDE
Tel: +49 6151 16-75422    Fax: +49 6151 16-72051
Room 3.2.14, Mornewegstr. 30, 64293 Darmstadt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20140120/3ef5535d/attachment.bin

More information about the Soot-list mailing list