[Soot-list] Problem in Making Call Flow Graph
Vishal K4
vishal.k4 at tcs.com
Mon Jun 2 06:42:34 EDT 2014
Hi steven,
I made a new java project in which i included both project which you told to do for entry point. And then i wrote a class with your java codes which you gave me. When i am running the project it is saying some error:-
Exception in thread "main" java.lang.RuntimeException: Callback definition file not found
at soot.jimple.infoflow.android.AnalyzeJimpleClass.loadAndroidCallbacks(Unknown Source)
at soot.jimple.infoflow.android.AnalyzeJimpleClass.<init>(Unknown Source)
at soot.jimple.infoflow.android.SetupApplication.calculateCallbackMethods(Unknown Source)
at soot.jimple.infoflow.android.SetupApplication.calculateSourcesSinksEntrypoints(Unknown Source)
at soot.jimple.infoflow.android.SetupApplication.calculateSourcesSinksEntrypoints(Unknown Source)
at com.vishal.Check.main(Check.java:27).
You can check the code given by you in mail trail. So please revert me back as soon as possible.
Thanks & Regards,
Vishal Kumar
Mobility Security- DESS
Tata Consultancy Services
VYDEHI RC-1 BLOCK
82,EPIP,Whitefield,
Bangalore - 560066,Karnataka
India
Mailto: vishal.k4 at tcs.com
Website: http://www.tcs.com
____________________________________________
Experience certainty. IT Services
Business Solutions
Consulting
____________________________________________
-----"Steven Arzt" <Steven.Arzt at cased.de> wrote: -----
To: "'Vishal K4'" <vishal.k4 at tcs.com>
From: "Steven Arzt" <Steven.Arzt at cased.de>
Date: 05/24/2014 09:01PM
Cc: <soot-list at CS.McGill.CA>
Subject: AW: [Soot-list] Problem in Making Call Flow Graph from Class or Java files.
Hi Vishal,
As I explained, you first need to create an artificial main method that emulates the Android lifecycle before you can create a callgraph from an APK file. For this, you can use the AndroidEntryPointCreator component from FlowDroid. You need the following two projects:
https://github.com/secure-software-engineering/soot-infoflow
https://github.com/secure-software-engineering/soot-infoflow-android
You can then use the following code to create a callgraph:
SetupApplication app = new SetupApplication
("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms",
"D:/Temp/com.tweakersoft.aroundme-1.apk");
app.calculateSourcesSinksEntrypoints("D:/Arbeit/Android Analyse/soot-infoflow-android/SourcesAndSinks.txt");
soot.G.reset();
Options.v().set_src_prec(Options.src_prec_apk);
Options.v().set_process_dir(Collections.singletonList("D:/Temp/com.tweakersoft.aroundme-1.apk"));
Options.v().set_android_jars("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms");
Options.v().set_whole_program(true);
Options.v().set_allow_phantom_refs(true);
Options.v().set_output_format(Options.output_format_none);
Options.v().setPhaseOption("cg.spark", "on");
Scene.v().loadNecessaryClasses();
SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();
Options.v().set_main_class(entryPoint.getSignature());
Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
System.out.println(entryPoint.getActiveBody());
PackManager.v().runPacks();
System.out.println(Scene.v().getCallGraph().size());
This example program just prints out the size of the callgraph, but you can use the CG as you lilke.
If you use our technology in a research project, please cite the FlowDroid paper which you can find together with lots of other information on the tool at: http://sseblog.ec-spride.de/tools/flowdroid/
Best regards,
Steven
Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Vishal K4
Gesendet: Samstag, 24. Mai 2014 14:37
An: Steven Arzt
Cc: soot-list at CS.McGill.CA
Betreff: Re: [Soot-list] Problem in Making Call Flow Graph from Class or Java files.
Hi,
Thanks for your fast reply. You got me correctly, actually i need to make a call graph from the apk file. I need to check all the flow of methods and classes from tha apk file. So please give some idea to make it from apk file step by step.
Waiting......
Thanks & Regards,
Vishal Kumar
Mobility Security- DESS
Tata Consultancy Services
VYDEHI RC-1 BLOCK
82,EPIP,Whitefield,
Bangalore - 560066,Karnataka
India
Mailto: vishal.k4 at tcs.com
Website: http://www.tcs.com
____________________________________________
Experience certainty. IT Services
Business Solutions
Consulting
____________________________________________
-----soot-list-bounces at CS.McGill.CA wrote: -----
To: "'Marc-André Laverdière'" <marc-andre.laverdiere-papineau at polymtl.ca>, <soot-list at CS.McGill.CA>
From: "Steven Arzt"
Sent by: soot-list-bounces at CS.McGill.CA
Date: 05/23/2014 08:47PM
Subject: Re: [Soot-list] Problem in Making Call Flow Graph from Class or Java files.
Hi Vishal,
Are you trying to create a callgraph from a Java file, a Class file or an
APK file? You mention all three sources in your e-mail. Java and Class file
work out-of-the-box just as Marc-André wrote.
For APK files, you need to do some extra work since the Soot callgraph
creator needs an entry point, i.e. a main method. In Android applications,
such a main method does not exist since Android instead tightly integrates
applications into the OS using a lifecycle. Android applications implement
classes inherited from OS classes and then overwrite the lifecycle methods.
There are ways to handle this (AndroidEntryPointCreator in FlowDroid), so
feel free to ask if you need it.
Best regards,
ÿÿSteven
-----Ursprngliche Nachricht-----
Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA]
Im Auftrag von Marc-Andr‚ LaverdiŠre
Gesendet: Freitag, 23. Mai 2014 15:27
An: soot-list at CS.McGill.CA
Betreff: Re: [Soot-list] Problem in Making Call Flow Graph from Class or
Java files.
Hello Vishal,
One can build a call graph by running Soot from the command-line with the -w
option. In order to export and visualize the call graph, I recommend using
ProBe (http://plg.uwaterloo.ca/~olhotak/probe/)
Regards,
Marc-Andr‚ LaverdiŠre-Papineau
Doctorant - PhD Candidate
On 05/23/2014 02:03 AM, Vishal K4 wrote:
> Hi,
>
> I am facing a problem in soot. I have an android apk file and i have
> to make a call graph from the class files or apk files. So can you
> just give me an example that how can we make a CFG from java files.
> Please give me some idea about it. I will be waiting for your reply soon.
>
> I request you to please give an example step by step. Hoping for your
> response soon.
>
> Thanks & Regards,
>
> Vishal Kumar
>
>
> =====-----=====-----=====
> Notice: The information contained in this e-mail message and/or
> attachments to it may contain confidential or privileged information.
> If you are not the intended recipient, any dissemination, use, review,
> distribution, printing or copying of the information contained in this
> e-mail message and/or attachments to it are strictly prohibited. If
> you have received this communication in error, please notify us by
> reply e-mail or telephone and immediately and permanently delete the
> message and any attachments. Thank you
>
>
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>
_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20140602/8e57f835/attachment-0001.html
More information about the Soot-list
mailing list