[Soot-list] relevance analysis
Marc-André Laverdière
marc-andre.laverdiere-papineau at polymtl.ca
Sun May 4 17:49:41 EDT 2014
Hi Mohammad,
Knowing read/write is trivial. Just look at the AssignStmt left and
right ops. If the FieldRef is on the left, that's a write, if it is in
the right, that's a read.
The only trick you need to be careful with is that Jimple requires local
variables to store field references, so an operation that is
obj.field1 = obj.field2 is two operations in Jimple:
tmp = obj.field2
obj.field1 = tmp
As for flowdroid, you can have a look in the code on stuff related to
taint wrappers, https://github.com/secure-software-engineering/soot-infoflow
Marc-André Laverdière-Papineau
Doctorant - PhD Candidate
On 05/04/2014 05:42 PM, Mohammad Ghafari wrote:
>
> Hi Marc-André,
>
> Yes, the bytecode is available at the end. Given that example, I wanted
> to ask whether I should dive into the implementation of an ArrayList to
> know if there is a read or write (please note that knowing filed-access
> is not enough to me and should know whether it is a read or write)?
> For example, if I do a linear pass over jimple representation of Method1
> will that show there is a _write_ operation to col field?
>
> p.s., Where can I find more info about "domain knowledge" in flowdroid?
>
>
>
>
> On Sun, May 4, 2014 at 10:52 PM, Marc-André Laverdière
> <marc-andre.laverdiere-papineau at polymtl.ca
> <mailto:marc-andre.laverdiere-papineau at polymtl.ca>> wrote:
>
> Hi Mohammad,
>
> I am not sure I understand your question.
> We totally have the source code for those methods. Its called OpenJDK.
> But even if we didn't, Soot can read bytecode pretty decently and allow
> you to do whatever you want.
>
> But you may still take a short-cut by using 'domain knowledge', as we
> have been doing in flowdroid. You can have a look a the taint
> wrappers :)
>
> As a general thing, in order to do what you want, you just need to do a
> linear pass over your program to record field access. Or you can query
> Spark, but you're not necessarily required to get a call graph to do
> this.
>
> Marc-André Laverdière-Papineau
> Doctorant - PhD Candidate
>
> On 05/04/2014 07:15 AM, Mohammad Ghafari wrote:
> >
> > Hello everybody,
> >
> > I want to find if two methods are related, i.e., they read
> from/write to
> > the same field. For example:
> >
> > List<String> col = new ArrayList<String>();
> >
> > Method1(){
> > col.put("item");
> > }
> >
> > Method2(){
> > col.get();
> > }
> >
> > Intuitively, these two methods are related because the first method
> > write to a list from which the second method reads. However, as we
> don't
> > have the source code of java libraries like List, how can I use
> Soot to
> > know that col.put() writes to col while col.get() reads from this
> list?
> >
> > Thnaks
> >
> >
> >
> > _______________________________________________
> > Soot-list mailing list
> > Soot-list at CS.McGill.CA <mailto:Soot-list at CS.McGill.CA>
> > https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
> >
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA <mailto:Soot-list at CS.McGill.CA>
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>
>
>
>
> --
> Mohammad Ghafari
>
> DeepSE group @ DEIB - Politecnico di Milano
> http://home.deib.polimi.it/ghafari
More information about the Soot-list
mailing list