[Soot-list] Instrumenting Android library classes

Gianluca Mezzetti mezzetti at cs.au.dk
Tue Sep 16 16:39:32 EDT 2014 

Hi Peter,
i'm not a soot guru, I hope that someone will correct me if i'm wrong.

The include-all option only concern java, javax, sun, packages, so it should be not necessary for the framework.
The core libraries are in the core.jar

With the following settings, as suggested by Steven, it seems to load the bodies to me (faking the jar is an apk).
However right now i'm getting an out of memory exception...but you can try with the latest soot build.

Where have you taken the android.jar ?
It is the complete one or the one that only contains stubs ?


    Options.v().set_src_prec(Options.src_prec_apk)
    Options.v().set_output_format(Options.output_format_dex)

    // android jars folder
    soot.options.Options.v().set_android_jars("android-platforms")
    Options.v().set_allow_phantom_refs(true)

    val procDir = new util.ArrayList[String]()
    procDir.add("./res/framework.apk");

    Options.v().set_output_dir("./res")

    Options.v().set_process_dir(procDir)

    Scene.v().loadNecessaryClasses()
    Scene.v().loadBasicClasses()

    PackManager.v().runPacks()

    if(!Options.v().oaat())
      PackManager.v().writeOutput()



Il giorno 16/set/2014, alle ore 19:38, Peter Kim <chpkim at gmail.com<mailto:chpkim at gmail.com>> ha scritto:

Hi Gianluca,

Thank you for your message. I wasn't sure what to do with your config, but I am interested in how you were even able to instrument android.os and android.app classes. I am doing the following:

- Using "-include-all" flag to pull in library classes
- Using "-include" flag to specify package to pull in (but this seems to be redundant to the option above)
- Using "-dynamic-package" flag to specify package to pull in

Using these options, I am able to pull in some classes of a library package, but not all. Do you know how to ensure that *ALL* classes of a package are pulled in? I also tried calling "Scene.v().addBasicClass("android.library.LibraryClass", SootClass.SIGNATURES);" and "SootClass.setApplicationClass()" on the classes that were not being transformed to see if this would pull them in, but it does not. The ones that are not being pulled in are marked as phantom.

Thank you.

On Tue, Sep 16, 2014 at 12:04 AM, Gianluca Mezzetti <mezzetti at cs.au.dk<mailto:mezzetti at cs.au.dk>> wrote:
Peter,
i'm on that too, and it seems not very easy.
I suggest you to look at my config https://github.com/algobardo/sootReproduce to start making some experiments.


So far i'm able to run an instrumented framework, but only instrumenting android.os, android.app, excluding annotation classes (https://github.com/Sable/soot/issues/264) and the package andoid.util (that makes soot crash) https://github.com/Sable/soot/issues/262, and circumventing some bad behavior https://github.com/Sable/soot/issues/263.

To do that I needed to work on class files because i can instrument class files individually, keeping untouched the others.



If you want to experiment with dex to dex  instrumentation instead (i was unable to do that)...take a look at this little modification to the SourceLocator
https://github.com/algobardo/soot/commit/afcf833efa424218a84bd6a48cfed845968d934c

even though Steven suggests

"I'm not really sure why you don't want to specify an android.jar file. This has nothing to do with whether you instrument apk files or single dex files. Unless the same issue also occurs when using a proper android. jar file, I would not call it a bug."

Best regards,
Gianluca


Il giorno 15/set/2014, alle ore 22:56, Peter Kim <chpkim at gmail.com<mailto:chpkim at gmail.com>> ha scritto:

Hi,

I'm trying to get Soot to instrument Android library classes, such as those in android.* packages, but such classes are not being picked up by Soot. I tried including "android.jar" and "uiautomator.jar" in "soot-classpath" option, but the library classes are still being skipped. Could you please tell me how to instrument them? Thank you.
_______________________________________________
Soot-list mailing list
Soot-list at CS.McGill.CA<mailto:Soot-list at CS.McGill.CA>
https://mailman.CS.McGill.CA/mailman/listinfo/soot-list<https://mailman.cs.mcgill.ca/mailman/listinfo/soot-list>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20140916/dfd7e690/attachment-0001.html

More information about the Soot-list mailing list