[Soot-list] Soot Body.getUnits() does not get ALL units

Xinxin Jin xinxinjin89 at gmail.com
Wed Apr 8 13:10:32 EDT 2015 

​Thank you for the explanation !  But the problem still remains ... To make
it concrete, I put the whole analysis of the problematic method in the
following:

*​(a). Source code : ​*
 protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
​        BasicHttpClient basicClient = new BasicHttpClient();
        HttpResponse response = basicClient.get("http://www.google.com",
null);
}​

*(b). Jimple of method onCreate() : *
 protected void onCreate(android.os.Bundle)
    {
        edu.ucsd.mytest.BasicActivity $r0;
        android.os.Bundle $r1;
        com.turbomanage.httpclient.BasicHttpClient $r2;
        $r0 := @this: edu.ucsd.mytest.BasicActivity;
        $r1 := @parameter0: android.os.Bundle;

        specialinvoke $r0.<android.support.v7.app.ActionBarActivity: void
onCreate(android.os.Bundle)>($r1);
        $r2 = new com.turbomanage.httpclient.BasicHttpClient;
​ // Do not appear in getUnits()​
        specialinvoke $r2.<com.turbomanage.httpclient.BasicHttpClient: void
<init>()>();
        virtualinvoke $r2.<com.turbomanage.httpclient.BasicHttpClient:
com.turbomanage.httpclient.HttpResponse
get(java.lang.String,com.turbomanage.httpclient.ParameterMap)>("
http://www.google.com", null);
        return;
    }

*​(c). Output of m.retrieveActiveBody().getUnits(): ​*
$r0 := @this: edu.ucsd.mytest.BasicActivity
$r1 := @parameter0: android.os.Bundle
specialinvoke $r0.<android.support.v7.app.ActionBarActivity: void
onCreate(android.os.Bundle)>($r1)
specialinvoke $r2.<com.turbomanage.httpclient.BasicHttpClient: void
<init>()>() //No def on $r2!
virtualinvoke $r2.<com.turbomanage.httpclient.BasicHttpClient:
com.turbomanage.httpclient.HttpResponse
get(java.lang.String,com.turbomanage.httpclient.ParameterMap)>("
http://www.google.com", null)
return


So you can see the statement "$r2 = new
com.turbomanage.httpclient.BasicHttpClient" does not appear in the output
of getUnits().
Particularly, the statement marked in blue refers to the local $r2,
however, there is no def on $r2 in getUnits() !

Any suggestion is appreciated !


On Wed, Apr 8, 2015 at 1:00 AM, Steven Arzt <Steven.Arzt at cased.de> wrote:

> Hi Xinxin,
>
>
>
> Then I have to agree with Eric that such a behavior is completely
> impossible: Soot reads in the APK file, and stores the unit in the units
> collections of the respective SootMethods. This is also the only source
> from which the units are then written out to Jimples files. If the Jimple
> files on disk are complete, the unit collections must have been as well.
> The output writer does not inference any new units.
>
>
>
> Best regards,
>
>   Steven
>
>
>
> *Von:* Xinxin Jin [mailto:xinxinjin89 at gmail.com]
> *Gesendet:* Mittwoch, 8. April 2015 09:57
> *An:* Steven Arzt
> *Cc:* Bodden, Eric; soot-list at cs.mcgill.ca
>
> *Betreff:* Re: [Soot-list] Soot Body.getUnits() does not get ALL units
>
>
>
> Hi Steven,
>
>
>
> My code is from an Android app. I use Dexpler to transform the apk to
> jimple files.
>
>
>
> Thanks,
>
>
>
> On Wed, Apr 8, 2015 at 12:54 AM, Steven Arzt <Steven.Arzt at cased.de> wrote:
>
> Hi Xinxin,
>
>
>
> Can you provide a complete test case? From where did you read in your
> Jimple code?  Did you parse jimple files on disk or Java class files, or an
> Android APK?
>
>
>
> Best regards,
>
>   Steven
>
>
>
> *Von:* soot-list-bounces at CS.McGill.CA [mailto:
> soot-list-bounces at CS.McGill.CA] *Im Auftrag von *Xinxin Jin
> *Gesendet:* Mittwoch, 8. April 2015 09:07
> *An:* Bodden, Eric
> *Cc:* soot-list at cs.mcgill.ca
> *Betreff:* Re: [Soot-list] Soot Body.getUnits() does not get ALL units
>
>
>
> It sounds unreasonable to me too, but that is indeed the problem I
> encountered ... So I'm just wondering if there are some corner cases not
> handled by Soot or not ?
>
>
>
> On Tue, Apr 7, 2015 at 11:40 PM, Bodden, Eric <
> eric.bodden at sit.fraunhofer.de> wrote:
>
> Hi Xinxin.
>
> I am afraid that does not make much sense. By definition, the units of a
> body are the ones returned by getUnits(). This is a very strong invariant
> that should never be broken by Soot.
>
> Cheers,
> Eric
>
>
> > On 08.04.2015, at 08:02, Xinxin Jin <xinxinjin89 at gmail.com> wrote:
> >
> > Hi there,
> >
> > I got a weird problem: Sometimes Body.getUnits() does not list all the
> units of a method. The following is one example:
> >
> > Simplified code snippet:
> >
> > void foo() {
> >     ...
> >     BasicHttpClient basicClient = new BasicHttpClient();
> >     ...
> > }
> >
> > ​And in the Jimple file, there are two statements related with "new
> BasicHttpClient()" :
> >
> > $r5 = new com.turbomanage.httpclient.BasicHttpClient;
> > specialinvoke $r5.<com.turbomanage.httpclient.BasicHttpClient: void
> <init>()>(); ​
> >
> > ​However, when I use retriveActiveBody().getUnits() to print out all the
> units of foo(), I can only see one statement:
> > specialinvoke $r5.<com.turbomanage.httpclient.BasicHttpClient: void
> <init>()>()​
> >
> > I don't know why getUnits() cannot obtain "$r5 = new
> com.turbomanage.httpclient.BasicHttpClient" ?
> > ​What kind of units are ignored by Soot ?​
> >
> > ​Thanks a lot for any advices !​
> >
> >
> >
> > --
> > Xinxin
>
> > _______________________________________________
> > Soot-list mailing list
> > Soot-list at CS.McGill.CA
> > https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>
> --
> Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
> Head of Secure Software Engineering at Fraunhofer SIT, TU Darmstadt and EC
> SPRIDE
> Tel: +49 6151 16-75422    Fax: +49 6151 869-127
> Room B5.11, Fraunhofer SIT, Rheinstraße 75, 64295 Darmstadt
>
>
>
>
>
> --
>
> Xinxin
>
>
>
>
>
> --
>
> Xinxin
>



-- 
Xinxin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150408/26ea1eb9/attachment-0001.html

More information about the Soot-list mailing list