[Soot-list] Requiring main method for doing inter-procedural analysis Heros/Soot
Bodden, Eric
eric.bodden at sit.fraunhofer.de
Mon Jan 20 03:13:40 EST 2014
Hi.
DefaultSeeds is for configuring the abstract values that should be used at your analysis' entry points. But this is only useful assuming you already have a reliable call graph and reliable points-to sets if you need them. To get _those_ you will have to have a static "dummy main" method that Soot's call-graph analysis can use as an entry point, just like it is done in FlowDroid.
Eric
On 15.01.2014, at 19:48, Guru Devanla <gdevan2 at uic.edu> wrote:
> Hi,
>
> My primary need is to do inter-procedural analysis and capture data flow
> between pair-wise methods in different classes. I have not gotten to trying
> this yet, but I believe I will have to initialize the DefaultSeeds object
> used by Hero's to help it do analysis for all pair-wise methods. It's
> possible I might hit some hurdles doing this and thats something I might
> have to work on in the coming weeks!
>
> So, since you mentioned I might have have to take the same approach as
> Flowdroid, where I do a pass of all the public methods and then seed that
> into the DefaultSeeds object. But, is there any need for entry points to he
> static? I am not able to see any reason at least for my purpose.
>
> As always thanks for your informative emails!
>
> Thanks
>
>
> On Wed, Jan 15, 2014 at 10:44 AM, Guru Devanla <gurudev.devanla at gmail.com>wrote:
>
>> Hi,
>>
>> My primary need is to do inter-procedural analysis and capture data flow
>> between pair-wise methods in different classes. I have not gotten to trying
>> this yet, but I believe I will have to initialize the DefaultSeeds object
>> used by Hero's to help it do analysis for all pair-wise methods. It's
>> possible I might hit some hurdles doing this and thats something I might
>> have to work on in the coming weeks!
>>
>> So, since you mentioned I might have have to take the same approach as
>> Flowdroid, where I do a pass of all the public methods and then seed that
>> into the DefaultSeeds object. But, is there any need for entry points to he
>> static? I am not able to see any reason at least for my purpose.
>>
>> As always thanks for your informative emails!
>>
>> Thanks
>> Guru
>>
>>
>>
>> On Wed, Jan 15, 2014 at 7:12 AM, Marc-André Laverdière <
>> marc-andre.laverdiere-papineau at polymtl.ca> wrote:
>>
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Hello,
>>>
>>> Another factor that bears repeating is that you need static entry
>>> points to get things rolling.
>>>
>>> What kind of stuff do you want to analyze?
>>>
>>> Flowdroid has an entry point generator that works for Android, but
>>> requires an a-priori list of things you want to call, and so needs two
>>> passes.
>>>
>>> Bernhard and I have developed an entry point generator that works for
>>> JEE and will eventually be published :)
>>>
>>> Marc-André Laverdière-Papineau
>>> Doctorant - PhD Candidate
>>>
>>> On 01/13/2014 01:52 AM, Bodden, Eric wrote:
>>>> Hello.
>>>>
>>>> Yes, this is possible as documented here:
>>>> http://www.bodden.de/2012/07/26/soot-custom-entry-points/
>>>>
>>>> The API is not great but it works ;-)
>>>>
>>>> @Mustafa: We should add this documentation to the wiki.
>>>>
>>>> Best wishes, Eric
>>>>
>>>>
>>>>
>>>>
>>>> On 11.01.2014, at 20:41, Guru Devanla <gdevan2 at uic.edu> wrote:
>>>>
>>>>> Hello Sooters,
>>>>>
>>>>> While doing inter-procedural analysis I see that the Heros/Soot
>>>>> api always needs an 'main' function. While I do understand this
>>>>> helps build the graph for the ensuing analysis, isn't there a way
>>>>> to start from different points if a 'main' method is not
>>>>> available. I am wondering if this is somehow intractable and if
>>>>> any solutions exist.
>>>>>
>>>>> Any pointers to this would be great, since when I try to analyze
>>>>> very many libraries I end up with an error.
>>>>>
>>>>> Also, if there are any suggestion I would love to extend this
>>>>> functionality into Soot/Heros as it would immensely benefit me
>>>>> and hopeful a lot others right away.
>>>>>
>>>>> Thanks _______________________________________________ Soot-list
>>>>> mailing list Soot-list at sable.mcgill.ca
>>>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>>
>>>> -- Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/
>>>> http://bodden.de/ Head of Secure Software Engineering at
>>>> Fraunhofer SIT, TU Darmstadt and EC SPRIDE Tel: +49 6151 16-75422
>>>> Fax: +49 6151 16-72051 Room 3.2.14, Mornewegstr. 30, 64293
>>>> Darmstadt
>>>>
>>>>
>>>>
>>>> _______________________________________________ Soot-list mailing
>>>> list Soot-list at sable.mcgill.ca
>>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>>
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1
>>> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>>>
>>> iQEcBAEBAgAGBQJS1qUxAAoJEGELVLHCizSf5wwH+wUgF+wRcUrBXQ0VQLRdEY1j
>>> GKuldV36pmGYgImrz41QM6AHNMnjOy0yYoUtqWbF1DRJ3vvatqdoeKjUay+fP37i
>>> rQ9x+6baVH5oadqnFwivjkoQ7lgz66TZ9rp8aFcTPkPoIRQEaIdFJdvZAeOCcR6K
>>> o+oUAwJ7n+UZMCcoXKy/JtTEiKMZfkzQgsNiZn0RWeGAgx5Nr0J1R92Es/E1Z30K
>>> NGGSjyn4gcYhNwG6mWoyemOUSD+J8uNADPH56XAFJYtQVZzw5/TIK63hEME2yIJw
>>> +v9+cJsJCRrwimeYcrMFtu70sjqDHSRbhZsQW/tPBzsGvyfgaUl4GsTXGtKOQT4=
>>> =dqas
>>> -----END PGP SIGNATURE-----
>>> _______________________________________________
>>> Soot-list mailing list
>>> Soot-list at sable.mcgill.ca
>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>
>>
>>
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
--
Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
Head of Secure Software Engineering at Fraunhofer SIT, TU Darmstadt and EC SPRIDE
Tel: +49 6151 16-75422 Fax: +49 6151 16-72051
Room 3.2.14, Mornewegstr. 30, 64293 Darmstadt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20140120/3ef5535d/attachment.bin
More information about the Soot-list
mailing list