[Soot-list] Instrumenting Android apps using a helper class
Steven Arzt
Steven.Arzt at cased.de
Fri Oct 17 11:29:17 EDT 2014
Hi Aniya,
Note that Soot has its own classpath which is not identical to your Java classpath that you use to run your program. If the test class is located where your program resides, it is not on the Soot classpath with the code you have given me as you never set the soot classpath.
Best regards,
Steven
Von: Aniya Aggarwal [mailto:aniya1234 at iiitd.ac.in]
Gesendet: Freitag, 17. Oktober 2014 16:34
An: Steven Arzt
Cc: soot-list at cs.mcgill.ca; soot-list at sable.mcgill.ca
Betreff: Re: Instrumenting Android apps using a helper class
Hi Steven,
Thanks a lot for a quick response.
I tried registering helper class before calling "loadNecessaryClasses" as suggested by you, but still the class is not detected. SootClass.isPhantom() returns true for the helper class.
"HelloWorld" class is the correct fully qualified classname as it is not contained in any package. It is located in my project's root directory which is the default classpath for my project. Therefore, I think that specifying "HelloWorld" as an argument to addBasicClass() should suffice. Additionally, even if I provide the fully qualified path name (starting from the drive) for this class, still it is being replaced by a phantom.
Regards
Aniya
Thanks & Regards,
Aniya Aggarwal
MT-12034
M.Tech CSE (Data Engineering)
On Fri, Oct 17, 2014 at 6:49 PM, Steven Arzt <Steven.Arzt at cased.de> wrote:
Hi Aniya,
If you want to load a basic class, you must register it before you call “loadNecessaryClasses”:
Scene.v().addBasicClass("HelloWorld"); //Adding helper class into scene
Scene.v().loadNecessaryClasses();
Additionally, are you sure that the “Hello World” class is not contained in any package, so “HelloWorld” is really the correct fully-qualified class name? You can check by evaluating SootClass.isPhantom(). If this method returns “true”, you class could not be found and has been replaced by a phantom.
Best regards,
Steven
Von: Aniya Aggarwal [mailto:aniya1234 at iiitd.ac.in]
Gesendet: Freitag, 17. Oktober 2014 14:49
An: soot-list at cs.mcgill.ca; soot-list at sable.mcgill.ca
Cc: steven.arzt at ec-spride.de
Betreff: Re: Instrumenting Android apps using a helper class
Hi All,
Sorry to bug you again. In the previous mail, I found that the code lost all its formatting which makes it difficult to read.
I am trying to instrument an Android application (ie apk) using a Helper Class named "HelloWorld.java". I am using FlowDroid to generate a call graph for the app and then after performing some analysis, trying to instrument the app using "HelloWorld". Since while using FlowDroid, PackManager.v().runPacks() is executed instead of Soot.Main.main(args), therefore I have called Scene.v().addBasicClass("HelloWorld") before PackManager.v().runPacks(). However, when I try to access the methods defined in "HelloWorld" class during instrumentation phase using Scene.v().getSootClass("HelloWorld").getMethods(), it returns an empty list. Please note that HelloWorld.java has two methods defined in it.
I am sharing the code snippet for the main() of my Driver Class for your reference.
Please let me know in case I am trying to access the helper class incorrectly using FlowDroid and suggest an alternative.
//Main Method of Driver Class
public static void main(String[] args) {
SetupApplication app = new SetupApplication("C:\\Program Files (x86)\\Android\\android-sdk\\platforms <file:///\\Android\android-sdk\platforms%22,%22C:\Users\Ani\Desktop\new> ","C:\\Users\\Ani\\Desktop\\new try\\ToyExample.apk");
try {
app.calculateSourcesSinksEntrypoints("E:\\Program Analysis Workspace\\Flowdroid_Test\\SourcesAndSinks.txt");
}
catch (IOException e) {
e.printStackTrace();
}
catch (XmlPullParserException e) {
e.printStackTrace();
}
soot.G.reset();
Options.v().set_src_prec(Options.src_prec_apk);
Options.v().set_process_dir(Collections.singletonList("C:\\Users\\Ani\\Desktop\\new try\\ToyExample.apk"));
Options.v().set_android_jars("C:\\Program Files (x86)\\Android\\android-sdk\\platforms <file:///\\Android\android-sdk\platforms> ");
Options.v().set_whole_program(true);
Options.v().set_allow_phantom_refs(true);
Options.v().set_output_dir("E:\\Program Analysis Workspace\\Flowdroid_Test\\sootOutput\\");
Options.v().set_output_format(Options.output_format_jimple);
Options.v().setPhaseOption("cg.spark", "on");
Options.v().set_whole_program(true);
Scene.v().loadNecessaryClasses();
Scene.v().addBasicClass("HelloWorld"); //Adding helper class into scene
SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();
Options.v().set_main_class(entryPoint.getSignature());
Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
PackManager.v().runPacks();
CallGraph cg = Scene.v().getCallGraph();
Map options = new HashMap();
PurityOptions opt = new PurityOptions(options);
EscapeInterProc p = new EscapeInterProc(cg, Scene.v().getEntryPoints().iterator(), opt); //Executing analysis
map = p.loop_reset;
for(SootMethod method : map.keySet()){
AndroidAnalysis a = new AndroidAnalysis(Scene.v().getMethod(method.getSignature())); //Calling instrumentation module
}
PackManager.v().writeOutput();
}
Thanks and Regards
Aniya
Thanks & Regards,
Aniya Aggarwal
MT-12034
M.Tech CSE (Data Engineering)
On Fri, Oct 17, 2014 at 5:46 PM, Aniya Aggarwal <aniya1234 at iiitd.ac.in> wrote:
Hi All,
I am trying to instrument an Android application (ie apk) using a Helper Class named "HelloWorld.java". I am using FlowDroid to generate a call graph for the app and then after performing some analysis, trying to instrument the app using "HelloWorld". Since while using FlowDroid, PackManager.v().runPacks() is executed instead of Soot.Main.main(args), therefore I have called Scene.v().addBasicClass("HelloWorld") before PackManager.v().runPacks(). However, when I try to access the methods defined in "HelloWorld" class during instrumentation phase using Scene.v().getSootClass("HelloWorld").getMethods(), it returns an empty list. Please note that HelloWorld.java has two methods defined in it.
I am sharing the code snippet for the main() of my Driver Class for your reference.
Please let me know in case I am trying to access the helper class incorrectly using FlowDroid and suggest an alternative.
//Main method of Driver Class
public static void main(String[] args) { SetupApplication app = new SetupApplication("C:\\Program Files (x86)\\Android\\android-sdk\\platforms <file:///\\Android\android-sdk\platforms%22,%22C:\Users\Ani\Desktop\new> ","C:\\Users\\Ani\\Desktop\\new try\\ToyExample.apk"); try { app.calculateSourcesSinksEntrypoints("E:\\Program Analysis Workspace\\Flowdroid_Test\\SourcesAndSinks.txt"); } catch (IOException e) { e.printStackTrace(); } catch (XmlPullParserException e) { e.printStackTrace(); } soot.G.reset(); Options.v().set_src_prec(Options.src_prec_apk); Options.v().set_process_dir(Collections.singletonList("C:\\Users\\Ani\\Desktop\\new try\\ToyExample.apk"));
Options.v().set_android_jars("C:\\Program Files (x86)\\Android\\android-sdk\\platforms <file:///\\Android\android-sdk\platforms> "); Options.v().set_whole_program(true); Options.v().set_allow_phantom_refs(true); Options.v().set_output_dir("E:\\Program Analysis Workspace\\Flowdroid_Test\\sootOutput\\"); Options.v().set_output_format(Options.output_format_jimple); Options.v().setPhaseOption("cg.spark", "on"); Options.v().set_whole_program(true);
Scene.v().addBasicClass("HelloWorld"); //Adding helper class into scene Scene.v().loadNecessaryClasses(); SootMethod entryPoint = app.getEntryPointCreator().createDummyMain(); Options.v().set_main_class(entryPoint.getSignature()); Scene.v().setEntryPoints(Collections.singletonList(entryPoint)); System.out.println(entryPoint.getActiveBody()); PackManager.v().runPacks(); CallGraph cg = Scene.v().getCallGraph(); Map options = new HashMap(); PurityOptions opt = new PurityOptions(options); EscapeInterProc p = new EscapeInterProc(cg, Scene.v().getEntryPoints().iterator(), opt); //Executing the analysis map = p.loop_reset; for(SootMethod method : map.keySet()){ AndroidInstrumentation a = new AndroidInstrumentation(Scene.v().getMethod(method.getSignature())); //Executing bytecode instrumentation module } PackManager.v().writeOutput(); }
Thanks & Regards,
Aniya Aggarwal
MT-12034
M.Tech CSE (Data Engineering)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20141017/794bfa52/attachment-0003.html
More information about the Soot-list
mailing list