[Soot-list] Help Regarding Intra and Inter Procedural Analysis
Bodden, Eric
eric.bodden at sit.fraunhofer.de
Mon Feb 9 02:18:58 EST 2015
Best use a shell script to do so. But 4GB RAM likely won't be sufficient, let me say that upfront. We have done many improvements but apps using 16GB are still quite common.
Cheers,
Eric
> On 08.02.2015, at 23:03, LOKESH JAIN <lokeshjain92 at gmail.com> wrote:
>
> Hi,
>
> Any response regarding the question in last mail ?
>
> Thanks & Regards
> Lokesh Jain
>
> On Sat, Feb 7, 2015 at 4:19 PM, LOKESH JAIN <lokeshjain92 at gmail.com> wrote:
> Hi Steven,
>
> Thanks a lot for all the help. I really appreciate it.
>
> I have 1 more question
> Since flowdroid has tendency to give memory error and it could be resolved by using additional options.
> My question is, i want to run flowdroid on multiple apk's of different sizes varying from low size to big size. Do i need to run flowdroid for each and every application manually (there are around 3000 apps) or there is some way that would help me run multiple apk's at once without doing additonal options settings every time.??
>
> It would be very difficult to do manual settings for these many apps manually.
>
> I have maximum app size of around 45 MB and i have 4 GB RAM
>
> Thanks & Regards
> Lokesh Jain
>
> On Fri, Feb 6, 2015 at 3:59 PM, Steven Arzt <Steven.Arzt at cased.de> wrote:
> Hi Lokesh,
>
>
>
> If you want to analyze an Android application, use the SetupApplication class. The method “runInfoflow” gives you back an InfoflowResults object. For an example, look at how the command-line application uses the FlowDroid API: soot.jimple.infoflow.android.TestApps.Test.
>
>
>
> To generate a dot file from the InfoflowResults object, you need to iterate over the path and convert the information there to the dot format.
>
>
>
> Best regards,
>
> Steven
>
>
>
>
>
> Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von LOKESH JAIN
> Gesendet: Donnerstag, 5. Februar 2015 21:19
> An: Steven Arzt
> Cc: soot-list at cs.mcgill.ca; Soot list; soot-list at googlegroups.com
>
>
> Betreff: Re: [Soot-list] Help Regarding Intra and Inter Procedural Analysis
>
>
>
> Hi,
>
> Oh sorry, I thought you forgot to update SourcesandSinks.txt.
>
>
> Final data flow results are stored in InfoflowResults object. I need to create a graph as it is difficult to understand in console. For this I have looked through soot API documentation. The nearest i could get is to the class InfoFlowAnalysis, but none of the methods defined in this class has InfoflowResults object as argument.
>
> Likewise with CallGraph object, we can create callgraph in dot format, How can I create dataflow dependency graph from InfoflowResults object ?
>
>
>
> Regards
>
> Lokesh Jain
>
>
>
> On Thu, Feb 5, 2015 at 3:49 PM, Steven Arzt <Steven.Arzt at cased.de> wrote:
>
> Hi Lokesh,
>
>
>
> The SourcesAndSinks.txt file shipped with FlowDroid is just an example. We have a project called SuSi (published at NDSS’14) in which we use machine learning to automatically derive an almost complete set of sources and sinks from the Android API implementation. To be able to better compare FlowDroid with other tools, we however restricted ourselves to the small set. SuSi uses the same format as FlowDroid, so you can simply copy over the file is you want.
>
>
>
> The command-line application is only an example of how to use FlowDroid. It was never meant to be used as the main way of interacting with the data flow engine. That’s also why it is implemented in a class called “soot.jimple.infoflow.android.TestApps.Test. You can look into what we do there and take it as an example of how to use the FlowDroid API. The API gives you the path, sources, and sinks neatly in data objects. The most interesting method should be “runAnalysis”.
>
>
>
> Best regards,
>
> Steven
>
>
>
> Von: LOKESH JAIN [mailto:lokeshjain92 at gmail.com]
> Gesendet: Donnerstag, 5. Februar 2015 11:15
> An: Steven Arzt
> Cc: soot-list at googlegroups.com; Soot list; soot-list at cs.mcgill.ca
>
>
> Betreff: Re: [Soot-list] Help Regarding Intra and Inter Procedural Analysis
>
>
>
> Hi,
>
> Thanks for the reply Steven.
>
> Yes i have increased that heap size to 3GB. I have followed the steps from https://github.com/secure-software-engineering/soot-infoflow-android/wiki for eclipse. There it's mentioned that i need to import Heros Project.
>
> It's working when i decrease the --aplength to 4.
>
> I have tried --pathalgo contextsensitive, output of this is on command line which is very messy to understand. Is there a way that i could get a graph depicting these paths that would be easily understanble.?
>
> *Suggestion*
>
> Please update the SourcesAndSinks.txt. It does not contain some important sources and sinks eg. gettext() function is missing from this text file.
>
>
>
> Thanks & Regards
> Lokesh Jain
>
>
>
> On Thu, Feb 5, 2015 at 2:59 PM, Steven Arzt <Steven.Arzt at cased.de> wrote:
>
> Hi Lokesh,
>
>
>
> I am the maintainer of the FlowDroid project.
>
>
>
> If you get an OutOfMemory exception or the analysis is simply taking forever, the most likely reason is that you run out of memory. Are you sure that you actually increased the Java heap size to 3 GB using the –Xmx3g VM parameter?
>
>
>
> Additionally, your FlowDroid installation seems to be out of date. Where did you download it from? We don’t use the Heros solver anymore and that change has been done quite a while ago. If you just need a JAR file, use our nightly builds as described in the wiki: https://github.com/secure-software-engineering/soot-infoflow-android/wiki. If you want the code, make sure to use the “develop” branch, not “master”.
>
>
>
> The wiki also contains a number of options with which you can configure the tradeoff between precision and performance. If you still run short on memory even with the newest version of FlowDroid, you might try those options.
>
>
>
> It’s good that you use the official Android JARs. Do *not* use those from the Sable repository on Github. I think we should really add a disclaimer to that repository at some point. Those are complete implementations of the Android API extracted from emulators or real devices which is unnecessary for almost all analyses. In FlowDroid, we have other means of dealing with the Android API. Instead, use the JAR files shipped with Google’s official Android SDK, you can find them in the “platforms” folder of you SDK installation directory. This can make a difference of tens of gigabytes of memory consumption.
>
>
>
> Your older questions looks like you are interested in the path, i.e., the statements over which the taint was propagated. FlowDroid can do that for you. You need to select a path reconstruction algorithm which supports full paths, not only source-to-sink connections. Try “--pathalgo contextsensitive” on the command-line application, that should do the trick. However, note that path tracking does add some performance penalty.
>
>
>
> Best regards,
>
> Steven
>
>
>
>
>
> M.Sc. M.Sc. Steven Arzt
>
> Secure Software Engineering Group (SSE)
>
> European Center for Security and Privacy by Design (EC SPRIDE)
>
> Rheinstraße 75
>
> D-64293 Darmstadt
>
> Phone: +49 61 51 869-336
>
> Fax: +49 61 51 16-72118
>
> eMail: steven.arzt at ec-spride.de
>
> Web: http://sse.ec-spride.de
>
>
>
>
>
>
>
> Von: LOKESH JAIN [mailto:lokeshjain92 at gmail.com]
> Gesendet: Donnerstag, 5. Februar 2015 10:19
> An: soot-list at googlegroups.com; Steven Arzt; Soot list; soot-list at cs.mcgill.ca
> Betreff: Re: [Soot-list] Help Regarding Intra and Inter Procedural Analysis
>
>
>
> Hi,
>
> I am getting memory error using flowdroid. I am using 3GB memory for 398.1 kB android application. I am using official android.jar file of 21.8 MB(android-19).
>
> [Thread-4] ERROR heros.solver.IDESolver - Worker thread execution failed: GC overhead limit exceeded
> java.lang.OutOfMemoryError: GC overhead limit exceeded
>
> How do i resolve this? Also please help me with my previous question posted in the same thread
>
> Thanks & Regards
>
> Lokesh Jain
>
>
>
> On Wed, Feb 4, 2015 at 10:18 PM, LOKESH JAIN <lokeshjain92 at gmail.com> wrote:
>
> Hi,
>
> Thanks for the reply.
>
> Eric, yeah it's notifying me the flows but that's not only what i want. I need to analyze the data flow.
>
> For eg. in the RV2013.apk i got the o/p
> Found a flow to sink virtualinvoke $r4.<android.telephony.SmsManager: void sendTextMessage(java.lang.String,java.lang.String,java.lang.String,android.app.PendingIntent,android.app.PendingIntent)>($r6, null, $r7, null, null) on line 31, from the following sources:
> - $r1 = virtualinvoke $r0.<de.ecspride.RV2013: android.view.View findViewById(int)>(2131165187) (in <de.ecspride.RV2013: void sendSms(android.view.View)>)
> - $r1 = virtualinvoke $r0.<de.ecspride.RV2013: android.view.View findViewById(int)>(2131165184) (in <de.ecspride.RV2013: void sendSms(android.view.View)>)
>
> I actually need the analyses(some data dependency graph) that could depict the flow ,a node sendsms() followed by(i.e edge) the node gettext() that is in the argument of sendTextMessage(...) followed by node sendTextMessage(...) etc.
>
> How do i get this?? I think i could get that flow using flowdroid, but i am not able to get how to i convert it to dot file.
>
> Dacong, I will definitely try that tool.
>
> Thanks & Regards
>
> Lokesh Jain
>
>
>
>
>
>
>
>
>
> On Wed, Feb 4, 2015 at 2:05 PM, Bodden, Eric <eric.bodden at sit.fraunhofer.de> wrote:
>
> Hi Lokesh.
>
> > I want to do intra and inter procedural data flow analysis for an .apk file.
> > For this I have used FlowDroid. I followed https://github.com/secure-software-engineering/soot-infoflow-android/wiki this tutorial in eclipse and it worked fine. But i am not able to deduce anything useful from the output. Is there any way, I can get the Data dependency graph from this ?
>
> Yes, sure. That's the main data structure that FlowDroid supports. The textual output indeed won't help you much, though. FlowDroid provides callbacks instead, which notify you of any flows found. That's usually how people use the tool.
>
> > Also is FlowDroid is good option for getting Data dependency or is there any other option better than this?
>
> There are other tools but FlowDroid is certainly one of the most stable and thorough ones.
>
> Cheers,
> Eric
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
--
Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
Head of Secure Software Engineering at Fraunhofer SIT, TU Darmstadt and EC SPRIDE
Tel: +49 6151 16-75422 Fax: +49 6151 869-127
Room B5.11, Fraunhofer SIT, Rheinstraße 75, 64295 Darmstadt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150209/c93c0f11/attachment-0003.bin
More information about the Soot-list
mailing list