[Soot-list] Missing Nodes in CFG
Dennis Titze
dennis.titze at googlemail.com
Fri Mar 7 03:00:59 EST 2014
Hi Marc-André, hi Steven,
thank you for your reply!
@Marc-André: I get the same results when looking at the CFG using the
default android-infoflow setup.
@Steven: Actually I did not know about any stub implementations, are
these in the git, or where can I find them?
Currently I am using the original Android jars, and the Telephonymanager
looks quite good in soot (see attachment)
What is quite strange, that although the getLine1Number does not appear
in the CFG, a data flow from getLine1Number e.g. to a Log statement is
found. Any idea why this could be?
Best regards,
Dennis
On 06.03.2014 18:15, Steven Arzt wrote:
> Hi Dennis and Marc-André,
>
> I don't think the stub JAR is a problem here. If you cann getLine1Number(),
> this is an existing method in the Android stub JAR and thus there will be a
> call edge in the CFG. We always tell people to use FlowDroid with the stub
> JARs since it's quite a lot faster and consumes way less memory - and our
> call edges to API functions are all there. Maybe your Android JAR file is
> not only a stub, but incomplete (i.e., broken)? Which one do you use and
> where did you get it from?
>
> It would also be good to look at the Android classes such as
> TelephonyManager? Do they look ok or are these phantom classes that Soot
> could not resolve at all? If the latter is the case, there's something wrong
> with your classpath. If you have set a custom classpath, be sure to add your
> Android JAR file on the new classpath - otherwise you'll exactly see the
> issues you have described.
>
> Best regards,
> Steven
>
> -----Ursprüngliche Nachricht-----
> Von: soot-list-bounces at sable.mcgill.ca
> [mailto:soot-list-bounces at sable.mcgill.ca] Im Auftrag von Marc-André
> Laverdière
> Gesendet: Donnerstag, 6. März 2014 15:50
> An: soot-list at sable.mcgill.ca
> Betreff: Re: [Soot-list] Missing Nodes in CFG
>
> Hallo Dennis,
>
> Disclaimer: I haven't tried on Android yet.
>
> Have you tried with plain Spark settings? Is there a difference?
>
> IIRC, VTA relies on new XYZ statements. If you use an Android jar stub that
> lacks the object creation statements, then you will have some parts missing
> for sure. That being said, I'd have expected Spark to default to CHA.
>
> Marc-André Laverdière-Papineau
> Doctorant - PhD Candidate
>
> On 03/06/2014 03:02 AM, Dennis Titze wrote:
>> Hi,
>>
>> I stumbled over the following problem, but I am not sure if I am doing
>> something wrong:
>>
>> After running an Android-Infoflow Analysis, I want to look at the
>> generated CFG (using VTA). But it seems as if some nodes are missing.
>> E.g. for the following jimple:
>>
>> private java.lang.String get_phone()
>> {
>> com.example.android.skeletonapp.SkeletonActivity $r0;
>> java.lang.Object $r1;
>> java.lang.String $r2;
>> android.telephony.TelephonyManager $r3;
>>
>> $r0 := @this: com.example.android.skeletonapp.SkeletonActivity;
>> $r1 = virtualinvoke
>> $r0.<com.example.android.skeletonapp.SkeletonActivity:
>> java.lang.Object getSystemService(java.lang.String)>("phone");
>> $r3 = (android.telephony.TelephonyManager) $r1;
>> $r2 = virtualinvoke $r3.<android.telephony.TelephonyManager:
>> java.lang.String getLine1Number()>();
>> return $r2;
>> }
>>
>> the call to getLine1Number does not appear in the CFG.
>>
>> When looking at the Sparktransformer, the CFG looks quite fine after
>> final PAG pag = b.setup( opts );
>> b.build();
>>
>> But once the CFG is built again using the pag
>> CallGraphBuilder cgb = new CallGraphBuilder( pag );
>> cgb.build();
>>
>> the mentioned node is not in the CFG anymore.
>>
>> Problem seems to be, that p2set for this line in public void build()
>> is empty. If I add something like if (p2set.isEmpty()) {
>> ofcgb.addType( receiver, momc.context(), receiver.getType(), null
>> ); }
>>
>> the node appears in the CFG.
>>
>>
>> Could you explain a bit, what the PointsToSet is in that context, and
>> why it is needed?
>>
>> Can you think of some configuration I missed, which results in this
> problem?
>>
>>
>> Thank you very much in advance!
>>
>> Dennis Titze
>> _______________________________________________
>> Soot-list mailing list
>> Soot-list at sable.mcgill.ca
>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>
-------------- next part --------------
public class android.telephony.TelephonyManager extends java.lang.Object
{
public static final java.lang.String ACTION_PHONE_STATE_CHANGED;
public static final java.lang.String EXTRA_STATE;
public static final java.lang.String EXTRA_STATE_IDLE;
public static final java.lang.String EXTRA_STATE_RINGING;
public static final java.lang.String EXTRA_STATE_OFFHOOK;
public static final java.lang.String EXTRA_INCOMING_NUMBER;
public static final int PHONE_TYPE_NONE;
public static final int PHONE_TYPE_GSM;
public static final int PHONE_TYPE_CDMA;
public static final int PHONE_TYPE_SIP;
public static final int NETWORK_TYPE_UNKNOWN;
public static final int NETWORK_TYPE_GPRS;
public static final int NETWORK_TYPE_EDGE;
public static final int NETWORK_TYPE_UMTS;
public static final int NETWORK_TYPE_CDMA;
public static final int NETWORK_TYPE_EVDO_0;
public static final int NETWORK_TYPE_EVDO_A;
public static final int NETWORK_TYPE_1xRTT;
public static final int NETWORK_TYPE_HSDPA;
public static final int NETWORK_TYPE_HSUPA;
public static final int NETWORK_TYPE_HSPA;
public static final int NETWORK_TYPE_IDEN;
public static final int NETWORK_TYPE_EVDO_B;
public static final int NETWORK_TYPE_LTE;
public static final int NETWORK_TYPE_EHRPD;
public static final int SIM_STATE_UNKNOWN;
public static final int SIM_STATE_ABSENT;
public static final int SIM_STATE_PIN_REQUIRED;
public static final int SIM_STATE_PUK_REQUIRED;
public static final int SIM_STATE_NETWORK_LOCKED;
public static final int SIM_STATE_READY;
public static final int CALL_STATE_IDLE;
public static final int CALL_STATE_RINGING;
public static final int CALL_STATE_OFFHOOK;
public static final int DATA_ACTIVITY_NONE;
public static final int DATA_ACTIVITY_IN;
public static final int DATA_ACTIVITY_OUT;
public static final int DATA_ACTIVITY_INOUT;
public static final int DATA_ACTIVITY_DORMANT;
public static final int DATA_DISCONNECTED;
public static final int DATA_CONNECTING;
public static final int DATA_CONNECTED;
public static final int DATA_SUSPENDED;
void <init>()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
specialinvoke r0.<java.lang.Object: void <init>()>();
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getDeviceSoftwareVersion()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getDeviceId()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public android.telephony.CellLocation getCellLocation()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.util.List getNeighboringCellInfo()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public int getPhoneType()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getNetworkOperatorName()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getNetworkOperator()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public boolean isNetworkRoaming()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getNetworkCountryIso()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public int getNetworkType()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public boolean hasIccCard()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public int getSimState()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getSimOperator()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getSimOperatorName()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getSimCountryIso()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getSimSerialNumber()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getSubscriberId()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getLine1Number()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getVoiceMailNumber()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public java.lang.String getVoiceMailAlphaTag()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public int getCallState()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public int getDataActivity()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public int getDataState()
{
android.telephony.TelephonyManager r0;
java.lang.RuntimeException $r1;
r0 := @this: android.telephony.TelephonyManager;
$r1 = new java.lang.RuntimeException;
specialinvoke $r1.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r1;
}
public void listen(android.telephony.PhoneStateListener, int)
{
android.telephony.TelephonyManager r0;
android.telephony.PhoneStateListener r1;
int i0;
java.lang.RuntimeException $r2;
r0 := @this: android.telephony.TelephonyManager;
r1 := @parameter0: android.telephony.PhoneStateListener;
i0 := @parameter1: int;
$r2 = new java.lang.RuntimeException;
specialinvoke $r2.<java.lang.RuntimeException: void <init>(java.lang.String)>("Stub!");
throw $r2;
}
static void <clinit>()
{
<android.telephony.TelephonyManager: java.lang.String EXTRA_STATE_IDLE> = null;
<android.telephony.TelephonyManager: java.lang.String EXTRA_STATE_RINGING> = null;
<android.telephony.TelephonyManager: java.lang.String EXTRA_STATE_OFFHOOK> = null;
return;
}
}
More information about the Soot-list
mailing list