[Soot-list] Why the version of android.jar is changed during the processing of FlowDroid on the same app?
Jin Li
lijin1988 at gmail.com
Wed Nov 5 20:29:29 EST 2014
Hi Steven,
The apk is really simple. As it attached. download apk
<https://www.dropbox.com/s/yj0c7wyo2xbf0uo/AsyncLeakDemo.apk?dl=0>
It is strange that it is ok when I run it from command line
java -cp
soot-trunk.jar;soot-infoflow.jar;soot-infoflow-android.jar;slf4j-api-1.7.5.jar;slf4j-simple-1.7.5.jar;axml-2.0.jar
soot.jimple.infoflow.android.TestApps.Test AsyncLeakDemo
D:\Android\adt-bundle-windows-x86_64-20131030\sdk\platforms
However, When I port the runAnalysis() method from FlowDroid project to my
project, the problem I mentioned appeared.
private static InfoflowResults runAnalysis(final String fileName, final
String androidJar)throws IOException, InterruptedException{
try {
final long beforeRun = System.nanoTime();
final SetupApplication app;
if (null == ipcManager)
{
app = new SetupApplication(androidJar, fileName);
}
else
{
app = new SetupApplication(androidJar, fileName,
ipcManager);
}
app.setStopAfterFirstFlow(
stopAfterFirstFlow);
app.setEnableImplicitFlows(implicitFlows);
app.setEnableStaticFieldTracking(staticTracking);
app.setEnableCallbacks(enableCallbacks);
app.setEnableExceptionTracking(enableExceptions);
app.setAccessPathLength(accessPathLength);
app.setLayoutMatchingMode(layoutMatchingMode);
app.setFlowSensitiveAliasing(flowSensitiveAliasing);
app.setSootConfig(new SetConfigForInstrument());
final ITaintPropagationWrapper taintWrapper;
if (librarySummaryTaintWrapper) {
taintWrapper = createLibrarySummaryTW();
}
else {
final EasyTaintWrapper easyTaintWrapper;
if (new
File("../soot-infoflow/EasyTaintWrapperSource.txt").exists())
easyTaintWrapper = new
EasyTaintWrapper("../soot-infoflow/EasyTaintWrapperSource.txt");
else
easyTaintWrapper = new
EasyTaintWrapper("EasyTaintWrapperSource.txt");
easyTaintWrapper.setAggressiveMode(aggressiveTaintWrapper);
taintWrapper = easyTaintWrapper;
}
app.setTaintWrapper(taintWrapper);
app.calculateSourcesSinksEntrypoints("SourcesAndSinks.txt");
if (DEBUG) {
app.printEntrypoints();
app.printSinks();
app.printSources();
}
System.out.println("Running data flow analysis...");
final InfoflowResults res = app.runInfoflow(new
MyResultsAvailableHandler());
System.out.println("Analysis has run for " + (System.nanoTime()
- beforeRun) / 1E9 + " seconds");
return res;
} catch (IOException ex) {
System.err.println("Could not read file: " + ex.getMessage());
ex.printStackTrace();
throw new RuntimeException(ex);
} catch (XmlPullParserException ex) {
System.err.println("Could not read Android manifest file: " +
ex.getMessage());
ex.printStackTrace();
throw new RuntimeException(ex);
}
}
Best Regards,
Jin
2014-11-05 23:50 GMT+08:00 Steven Arzt <Steven.Arzt at cased.de>:
> Hi Jin,
>
>
>
> Please send me the APK file on which you encountered the problem.
>
>
>
> Best regards,
>
> Steven
>
>
>
> *Von:* soot-list-bounces at CS.McGill.CA [mailto:
> soot-list-bounces at CS.McGill.CA] *Im Auftrag von *Jin Li
> *Gesendet:* Mittwoch, 5. November 2014 16:10
> *An:* soot-list at CS.McGill.CA
> *Betreff:* [Soot-list] Why the version of android.jar is changed during
> the processing of FlowDroid on the same app?
>
>
>
> Hi, All
>
>
>
> I found a very strange error that the version of android.jar that needed
> in the analysis is changed.
>
> The apk use android-18 as target sdk
> <uses-sdk
> android:minSdkVersion="8"
> android:targetSdkVersion="18" />
>
>
>
> The corresponding output as follows. FlowDroid use ...\android-18\android.jar
> as android.jar in the previous analysis, however it use
> ...\android-17\android.jar' as android.jar in the last analysis, which
> reslults an error.
>
>
> com.example.asyncleakdemo.MainActivity
> SLF4J: Class path contains multiple SLF4J bindings.
> SLF4J: Found binding in
> [jar:file:/D:/Android/Soot/FlowDroidResult/soot-trunk.jar!/org/slf4j/impl/StaticLoggerBinder.class]
> SLF4J: Found binding in
> [jar:file:/D:/Android/Soot/FlowDroidResult/slf4j-simple-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class]
> SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an
> explanation.
> SLF4J: Actual binding is of type [org.slf4j.impl.SimpleLoggerFactory]
> [main] INFO soot.jimple.infoflow.taintWrappers.EasyTaintWrapper - Loaded
> wrapper entries for 53 classes and 4 exclusions.
> [main] INFO soot.jimple.infoflow.android.SetupApplication - ARSC file
> parsing took 0.011459503 seconds
> Using
> 'D:\Android\adt-bundle-windows-x86_64-20131030\sdk\platforms\android-18\android.jar'
> as android.jar
> Warning: java.lang.ref.Finalizer is a phantom class!
> Warning: android.graphics.pdf.PdfDocument$Page is a phantom class!
> Warning: android.graphics.pdf.PdfDocument$PageInfo is a phantom class!
> ......
> ......
>
> Using
> 'D:\Android\adt-bundle-windows-x86_64-20131030\sdk\platforms\android-18\android.jar'
> as android.jar
> Warning: java.lang.ref.Finalizer is a phantom class!
> Warning: android.graphics.pdf.PdfDocument$Page is a phantom class!
> Warning: android.graphics.pdf.PdfDocument$PageInfo is a phantom class!
> ......
> ......
> [Call Graph] For information on where the call graph may be incomplete,
> use the verbose option to the cg phase.
> [Spark] Pointer Assignment Graph in 0.0 seconds.
> [Spark] Type masks in 0.0 seconds.
> [Spark] Pointer Graph simplified in 0.0 seconds.
> [Spark] Propagation in 0.0 seconds.
> [Spark] Solution found in 0.0 seconds.
> Running incremental callback analysis for 1 components...
> Incremental callback analysis done.
> Found 0 layout controls
> Found 2 callback methods for 1 components
> Entry point calculation done.
> Created a SourceSinkManager with 92 sources, 125 sinks, and 2 callback
> methods.
> Running data flow analysis...
> Running data flow analysis on D:\Android\TestApk\Benign\AsyncLeakDemo.apk
> with 92 sources and 125 sinks...
> Starting infoflow computation...
> [main] INFO soot.jimple.infoflow.Infoflow - Resetting Soot...
> Using
> 'D:\Android\adt-bundle-windows-x86_64-20131030\sdk\platforms\android-17\android.jar'
> as android.jar
> Warning: java.lang.ref.Finalizer is a phantom class!
> [main] INFO soot.jimple.infoflow.Infoflow - Basic class loading done.
> [main] ERROR soot.jimple.infoflow.Infoflow - Only phantom classes loaded,
> skipping analysis...
> Warning: com.example.asyncleakdemo.MainActivity is a phantom class!
> [main] INFO
> soot.jimple.infoflow.entryPointCreators.AndroidEntryPointCreator -
> Generated main method:
> public static void dummyMainMethod()
> {
> int $i0;
>
> $i0 = 0;
>
> label1:
> if $i0 == 2 goto label1;
>
> return;
> }
>
> [Call Graph] For information on where the call graph may be incomplete,
> use the verbose option to the cg phase.
> [Spark] Pointer Assignment Graph in 0.0 seconds.
> [Spark] Type masks in 0.0 seconds.
> [Spark] Pointer Graph simplified in 0.0 seconds.
> [Spark] Propagation in 0.0 seconds.
> [Spark] Solution found in 0.0 seconds.
> [main] INFO soot.jimple.infoflow.Infoflow - Callgraph has 0 edges
> [main] INFO soot.jimple.infoflow.Infoflow - Looking for sources and
> sinks...
> [main] ERROR soot.jimple.infoflow.Infoflow - No sources or sinks found,
> aborting analysis
> Analysis has run for 6.351183831 seconds
>
> Could anyone give me some instructions?
>
>
>
> Best Regards,
>
> Jin
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20141106/77bb15a7/attachment.html
More information about the Soot-list
mailing list