[Soot-list] How to automaticly instrument the results of FlowDroid with the same Soot scene?
Steven Arzt
Steven.Arzt at cased.de
Tue Oct 21 05:14:46 EDT 2014
Hi Jin,
In such a case, you need to directly start FlowDroid with the correct options for instrumentation. The Infoflow and SetupApplication classes support a method called setSootConfig which accepts an object of type IInfoflowConfig. In the callback method contained this interface, you can overwrite the Soot options you need. This way, you can have FlowDroid use Soot with the correct output format, output directory, etc.
Pass an object implementing the ResultsAvailableHandler interface to runInfoflow(). The callback method in this interface will be called once FlowDroid is done, but Soot is still running. This is the optimal position to do your instrumentation work.
Best regards,
Steven
Von: Jin Li [mailto:lijin1988 at gmail.com]
Gesendet: Dienstag, 21. Oktober 2014 10:20
An: soot-list at CS.McGill.CA; Steven Arzt
Betreff: How to automaticly instrument the results of FlowDroid with the same Soot scene?
Hi All,
I want to instrument the resutls of FlowDroid as soon as the results being available.
I use runAnalysis(fileName, androidJar) to get the InfoFlowResults.
After that, I reset the soot and set options for instrumenting. But I can't find the stmt resutls that I reserved from FlowDroid.
some code snippets:
public class TaintFlowInstrumentDriver {
public static InfoflowResults infoflowResults;
/**
* @param args[0] = path to apk-file
* @param args[1] = path to android-dir (path/android-platforms)
* @throws InterruptedException
* @throws IOException
*/
public static void main(String[] args) throws IOException, InterruptedException {
//insert some code for getting flowdroid results which represents the taintgraph
if(args.length < 2){
printUsage();
return;
}
String filePath = args[0];
String androidJarPath = args[1];
infoflowResults = runAnalysis(filePath, androidJarPath);
soot.G.reset();
//prefer Android APK files// -src-prec apk
Options.v().set_src_prec(
Options.src_prec_apk);
//output as APK, too//-f J
Options.v().set_output_format(Options.output_format_dex);
Options.v().set_output_dir("D:\\Android\\sootOutput");
Options.v().set_process_dir(Collections.singletonList("D:\\Android\\TestApk\\Benign\\Callbacks_LocationLeak3.apk"));
Options.v().set_allow_phantom_refs(true);
Options.v().set_whole_program(true);
Options.v().set_soot_classpath(".;D:\\Android\\adt-bundle-windows-x86_64-20131030\\sdk\\platforms\\android-19\\android.jar");
Options.v().set_android_jars("D:\\Android\\adt-bundle-windows-x86_64-20131030\\sdk\\platforms");
Scene.v().addBasicClass("java.io.PrintStream",SootClass.SIGNATURES);
Scene.v().addBasicClass("java.lang.System",SootClass.SIGNATURES);
Scene.v().addBasicClass("InstrumentHelper",SootClass.SIGNATURES);
Scene.v().loadNecessaryClasses();
PackManager.v().getPack("jtp").add(new Transform("jtp.myInstrumenter", new TaintFlowInstrument()));
PackManager.v().runPacks();
PackManager.v().writeOutput();
}
If I use soot.G.reset(), I can't find the Soot stmt objects produced by FlowDroid in my bodytransformer.
If I don't use soot.G.reset(), I can't set the instrumenting options.
How can I correctly instrument the retults of the FlowDroid?
Best regards,
Jin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20141021/618b653a/attachment.html
More information about the Soot-list
mailing list