[Soot-list] Any way to get the body of callback methods (not android default handlers) ?

Dacong Yan tonywinslow1986 at gmail.com
Wed Feb 18 19:59:07 EST 2015 

Purely based on code search:

The call sites for onResponse() and onErrorResponse() are inside the
Volley library: line 60 at
<https://android.googlesource.com/platform/frameworks/volley/+/idea133/src/com/android/volley/toolbox/StringRequest.java>
and line 517 at
<https://android.googlesource.com/platform/frameworks/volley/+/idea133/src/com/android/volley/Request.java>.
Did you include the Volley library code in your call graph
construction? You may want to check that, but I'm not saying you
should or should not include it.

On Wed, Feb 18, 2015 at 1:55 PM, Xinxin Jin <xinxinjin89 at gmail.com> wrote:
> As a follow up, I manually checked the jimple files generated from the apk.
> And in  "VolleyActivity$1.jimple ", I can clearly see the method body of
> onResponse().  That means there is no problem with jimple file, but why it
> is not parsed by soot (FlowDroid)?
>
> Thanks,
>
> On Wed, Feb 18, 2015 at 1:43 PM, Xinxin Jin <xinxinjin89 at gmail.com> wrote:
>>
>> Hi Eric,
>>
>> Thanks for your reply. I checked all the reachable methods and found no
>> place invoking onResponse and onErrorResponse.
>>
>> The statement that invokes StringRequest() method is :
>>
>> <com.android.volley.toolbox.StringRequest: void
>> <init>(int,java.lang.String,com.android.volley.Response$Listener,com.android.volley.Response$ErrorListener)>(
>> "http://www.google.com", $r7, $r8)
>>
>> Here parameters $r7, $r8 correspond to Response.Listener() and
>> Response.ErrorListener(). Then I continued to track the definition of r7:
>>
>> $r7 = new edu.ucsd.mytest.VolleyActivity$1
>>
>> But there is no useful statement in edu.ucsd.mytest.VolleyActivity$1 ....
>>
>> Any ideas ?
>>
>> Thank you a lot !!
>>
>> On Wed, Feb 18, 2015 at 11:47 AM, Bodden, Eric
>> <eric.bodden at sit.fraunhofer.de> wrote:
>>>
>>> Hi Xinxin.
>>>
>>> I think the problem is that the bytecode's structure differs from the
>>> source code's. Although in the source the two anonymous subclasses of
>>> Listener resp. ErrorListener are lexically contained in the constructor
>>> call, they are not in the bytecode. Please inspect the call to
>>> StringRequest.<init>. You should see references the second and third
>>> parameter both being initialized with instances of classes such as
>>> Response.Listener$1. You have to inspect the bodies of the onResponse
>>> methods in those classes.
>>>
>>> Hope that helps,
>>> Eric
>>>
>>> > On 18.02.2015, at 18:21, Xinxin Jin <xinxinjin89 at gmail.com> wrote:
>>> >
>>> > Hi all,
>>> >
>>> > I have an application which calls new StringRequest()of Volley library:
>>> >
>>> >
>>> > StringRequest request = new StringRequest(url,
>>> >              new Response.Listener() {
>>> >                  @Override
>>> >                  public void onResponse(Object response) {
>>> >                           Log.d(TAG, "response " + ((String)
>>> > response).substring(0,500));
>>> >              }
>>> >          }, new Response.ErrorListener() {
>>> >                  @Override
>>> >                  public void onErrorResponse(VolleyError error) {
>>> >                      Log.d(TAG, "error message");
>>> >            }
>>> >       });
>>> >
>>> >
>>> > It contains two callbacks as its parameters: Response.Listener() and
>>> > Response.ErrorListener().
>>> >
>>> > When I parse reached methods of this application, it can only reach
>>> > SootMethod StringRequest: <init>, but when I examine all the statements in
>>> > this method, I cannot find bodies of the two registered listeners. Is there
>>> > any way to get the method body of onResponse() ?
>>> >
>>> > Thank you for your help !
>>> >
>>> > --
>>> > Xinxin
>>> >
>>> >
>>> > _______________________________________________
>>> > Soot-list mailing list
>>> > Soot-list at CS.McGill.CA
>>> > https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>>>
>>> --
>>> Prof. Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
>>> Head of Secure Software Engineering at Fraunhofer SIT, TU Darmstadt and
>>> EC SPRIDE
>>> Tel: +49 6151 16-75422    Fax: +49 6151 869-127
>>> Room B5.11, Fraunhofer SIT, Rheinstraße 75, 64295 Darmstadt
>>>
>>
>>
>>
>> --
>> Xinxin
>
>
>
>
> --
> Xinxin
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at CS.McGill.CA
> https://mailman.CS.McGill.CA/mailman/listinfo/soot-list
>

More information about the Soot-list mailing list