[Soot-list] Instrumenting Android apps using a helper class

Aniya Aggarwal aniya1234 at iiitd.ac.in
Fri Oct 17 08:48:54 EDT 2014 

Hi All,
Sorry to bug you again. In the previous mail, I found that the code lost
all its formatting which makes it difficult to read.

I am trying to instrument an Android application (ie apk) using a Helper
Class named "HelloWorld.java". I am using FlowDroid to generate a call
graph for the app and then after performing some analysis, trying to
instrument the app using "HelloWorld". Since while using FlowDroid,
PackManager.v().runPacks() is executed instead of Soot.Main.main(args),
therefore I have called Scene.v().addBasicClass("HelloWorld") before
PackManager.v().runPacks(). However, when I try to access the methods
defined in "HelloWorld" class during instrumentation phase using
Scene.v().getSootClass("HelloWorld").getMethods(), it returns an empty
list. Please note that HelloWorld.java has two methods defined in it.
I am sharing the code snippet for the main() of my Driver Class for your
reference.

Please let me know in case I am trying to access the helper class
incorrectly using FlowDroid and suggest an alternative.

*//Main Method of Driver Class*
public static void main(String[] args) {
           SetupApplication app = new SetupApplication("C:\\Program Files
(x86)\\Android\\android-sdk\\platforms","C:\\Users\\Ani\\Desktop\\new
try\\ToyExample.apk");
           try {
  app.calculateSourcesSinksEntrypoints("E:\\Program Analysis
Workspace\\Flowdroid_Test\\SourcesAndSinks.txt");
  }
           catch (IOException e) {
  e.printStackTrace();
           }
  catch (XmlPullParserException e) {
  e.printStackTrace();
           }
  soot.G.reset();
  Options.v().set_src_prec(Options.src_prec_apk);
  Options.v().set_process_dir(Collections.singletonList("C:\\Users\\Ani\\Desktop\\new
try\\ToyExample.apk"));
           Options.v().set_android_jars("C:\\Program Files
(x86)\\Android\\android-sdk\\platforms");
  Options.v().set_whole_program(true);
  Options.v().set_allow_phantom_refs(true);
           Options.v().set_output_dir("E:\\Program Analysis
Workspace\\Flowdroid_Test\\sootOutput\\");
           Options.v().set_output_format(Options.output_format_jimple);
  Options.v().setPhaseOption("cg.spark", "on");
           Options.v().set_whole_program(true);
           Scene.v().loadNecessaryClasses();

           Scene.v().addBasicClass("HelloWorld");     //Adding helper class
into scene
           SootMethod entryPoint =
app.getEntryPointCreator().createDummyMain();
  Options.v().set_main_class(entryPoint.getSignature());
  Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
  PackManager.v().runPacks();
  CallGraph cg = Scene.v().getCallGraph();
           Map options = new HashMap();
           PurityOptions opt = new PurityOptions(options);
           EscapeInterProc p = new EscapeInterProc(cg,
Scene.v().getEntryPoints().iterator(), opt);     //Executing analysis
map = p.loop_reset;
           for(SootMethod method : map.keySet()){
                     AndroidAnalysis a = new
AndroidAnalysis(Scene.v().getMethod(method.getSignature())); //Calling
instrumentation module
           }
           PackManager.v().writeOutput();
}


Thanks and Regards
Aniya




Thanks & Regards,
Aniya Aggarwal
MT-12034
M.Tech CSE (Data Engineering)

On Fri, Oct 17, 2014 at 5:46 PM, Aniya Aggarwal <aniya1234 at iiitd.ac.in>
wrote:

> Hi All,
> I am trying to instrument an Android application (ie apk) using a Helper
> Class named "HelloWorld.java". I am using FlowDroid to generate a call
> graph for the app and then after performing some analysis, trying to
> instrument the app using "HelloWorld". Since while using FlowDroid,
> PackManager.v().runPacks() is executed instead of Soot.Main.main(args),
> therefore I have called Scene.v().addBasicClass("HelloWorld") before
> PackManager.v().runPacks(). However, when I try to access the methods
> defined in "HelloWorld" class during instrumentation phase using
> Scene.v().getSootClass("HelloWorld").getMethods(), it returns an empty
> list. Please note that HelloWorld.java has two methods defined in it.
> I am sharing the code snippet for the main() of my Driver Class for your
> reference.
>
> Please let me know in case I am trying to access the helper class
> incorrectly using FlowDroid and suggest an alternative.
>
> *//Main method of Driver Class*
> public static void main(String[] args) { SetupApplication app = new
> SetupApplication("C:\\Program Files
> (x86)\\Android\\android-sdk\\platforms","C:\\Users\\Ani\\Desktop\\new
> try\\ToyExample.apk"); try {
> app.calculateSourcesSinksEntrypoints("E:\\Program Analysis
> Workspace\\Flowdroid_Test\\SourcesAndSinks.txt"); } catch (IOException e) {
> e.printStackTrace(); } catch (XmlPullParserException e) {
> e.printStackTrace(); } soot.G.reset();
> Options.v().set_src_prec(Options.src_prec_apk);
> Options.v().set_process_dir(Collections.singletonList("C:\\Users\\Ani\\Desktop\\new
> try\\ToyExample.apk"));
> Options.v().set_android_jars("C:\\Program Files
> (x86)\\Android\\android-sdk\\platforms");
> Options.v().set_whole_program(true);
> Options.v().set_allow_phantom_refs(true);
> Options.v().set_output_dir("E:\\Program Analysis
> Workspace\\Flowdroid_Test\\sootOutput\\");
> Options.v().set_output_format(Options.output_format_jimple);
> Options.v().setPhaseOption("cg.spark", "on");
> Options.v().set_whole_program(true);
>
>
>
>
> *Scene.v().addBasicClass("HelloWorld"); //Adding helper class into scene* Scene.v().loadNecessaryClasses();
> SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();
> Options.v().set_main_class(entryPoint.getSignature());
> Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
> System.out.println(entryPoint.getActiveBody()); PackManager.v().runPacks();
> CallGraph cg = Scene.v().getCallGraph(); Map options = new HashMap();
> PurityOptions opt = new PurityOptions(options); EscapeInterProc p = new
> EscapeInterProc(cg, Scene.v().getEntryPoints().iterator(), opt);
> //Executing the analysis map = p.loop_reset; for(SootMethod method :
> map.keySet()){ AndroidInstrumentation a = new
> AndroidInstrumentation(Scene.v().getMethod(method.getSignature()));
> //Executing bytecode instrumentation module }
> PackManager.v().writeOutput(); }
>
>
>
>
>
>
> Thanks & Regards,
> Aniya Aggarwal
> MT-12034
> M.Tech CSE (Data Engineering)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20141017/364f492b/attachment-0003.html

More information about the Soot-list mailing list