[Soot-list] relevance analysis

Mohammad Ghafari ghafari.ir at gmail.com
Sun May 4 18:01:21 EDT 2014 

Yes, but in the given example in my first post, there is *no assignment* in
general form, i.e., there is not any assignment operator but there are
method calls in which those assignments should happen finally (lets say the
implementation of an ArrayList in the given example). So, does Soot manage
this automatically? I mean, when I do linear parsing of Method1, does it
show
*col.put("item")* as an assignment statement?


On Sun, May 4, 2014 at 11:49 PM, Marc-André Laverdière <
marc-andre.laverdiere-papineau at polymtl.ca> wrote:

> Hi Mohammad,
>
> Knowing read/write is trivial. Just look at the AssignStmt left and
> right ops. If the FieldRef is on the left, that's a write, if it is in
> the right, that's a read.
>
> The only trick you need to be careful with is that Jimple requires local
> variables to store field references, so an operation that is
> obj.field1 = obj.field2 is two operations in Jimple:
>
> tmp = obj.field2
> obj.field1 = tmp
>
> As for flowdroid, you can have a look in the code on stuff related to
> taint wrappers,
> https://github.com/secure-software-engineering/soot-infoflow
>
> Marc-André Laverdière-Papineau
> Doctorant - PhD Candidate
>
> On 05/04/2014 05:42 PM, Mohammad Ghafari wrote:
> >
> > Hi Marc-André,
> >
> > Yes, the bytecode is available at the end. Given that example, I wanted
> > to ask whether I should dive into the implementation of an ArrayList to
> > know if there is a read or write (please note that knowing filed-access
> > is not enough to me and should know whether it is a read or write)?
> > For example, if I do a linear pass over jimple representation of Method1
> > will that show there is a _write_ operation to col field?
> >
> > p.s., Where can I find more info about "domain knowledge" in flowdroid?
> >
> >
> >
> >
> > On Sun, May 4, 2014 at 10:52 PM, Marc-André Laverdière
> > <marc-andre.laverdiere-papineau at polymtl.ca
> > <mailto:marc-andre.laverdiere-papineau at polymtl.ca>> wrote:
> >
> >     Hi Mohammad,
> >
> >     I am not sure I understand your question.
> >     We totally have the source code for those methods. Its called
> OpenJDK.
> >     But even if we didn't, Soot can read bytecode pretty decently and
> allow
> >     you to do whatever you want.
> >
> >     But you may still take a short-cut by using 'domain knowledge', as we
> >     have been doing in flowdroid. You can have a look a the taint
> >     wrappers :)
> >
> >     As a general thing, in order to do what you want, you just need to
> do a
> >     linear pass over your program to record field access. Or you can
> query
> >     Spark, but you're not necessarily required to get a call graph to do
> >     this.
> >
> >     Marc-André Laverdière-Papineau
> >     Doctorant - PhD Candidate
> >
> >     On 05/04/2014 07:15 AM, Mohammad Ghafari wrote:
> >     >
> >     > Hello everybody,
> >     >
> >     > I want to find if two methods are related, i.e., they read
> >     from/write to
> >     > the same field. For example:
> >     >
> >     >  List<String> col = new ArrayList<String>();
> >     >
> >     >  Method1(){
> >     >   col.put("item");
> >     >  }
> >     >
> >     >  Method2(){
> >     >   col.get();
> >     >  }
> >     >
> >     > Intuitively, these two methods are related because the first method
> >     > write to a list from which the second method reads. However, as we
> >     don't
> >     > have the source code of java libraries like List, how can I use
> >     Soot to
> >     > know that col.put() writes to col while col.get() reads from this
> >     list?
> >     >
> >     > Thnaks
> >     >
> >     >
> >     >
> >     > _______________________________________________
> >     > Soot-list mailing list
> >     > Soot-list at CS.McGill.CA <mailto:Soot-list at CS.McGill.CA>
> >     > https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
> >     >
> >     _______________________________________________
> >     Soot-list mailing list
> >     Soot-list at CS.McGill.CA <mailto:Soot-list at CS.McGill.CA>
> >     https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
> >
> >
> >
> >
> > --
> > Mohammad Ghafari
> >
> > DeepSE group @ DEIB - Politecnico di Milano
> > http://home.deib.polimi.it/ghafari
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>



-- 
Mohammad Ghafari

DeepSE group @ DEIB - Politecnico di Milano
http://home.deib.polimi.it/ghafari
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20140505/edaa6c7b/attachment-0001.html

More information about the Soot-list mailing list