[Soot-list] Recarding spark

Ding Li dingli at usc.edu
Tue Jul 7 15:00:11 EDT 2015 

Thanks Steven, I have tried your code, but it still doesn't give me any
result. Could you give me a more concrete example? Maybe include how to
query the result. Thanks a lot

On Tue, Jul 7, 2015 at 4:45 AM Steven Arzt <Steven.Arzt at cased.de> wrote:

> Hi Ding,
>
>
>
> You are trying to use SPARK on an Android app. SPARK requires an entry
> point which Android applications, however, do not have. Android apps
> instead tightly integrate with the Android OS using a pre-defined
> lifecycle. One approach to build a callgraph for Android apps is thus to
> generate a dummy entry point (i.e., main method) which simulates the
> interactions between the app and the OS. You can build such a dummy main
> method using FlowDroid as follows:
>
>
>
>              SetupApplication app = new SetupApplication
>
>
> ("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms",
>
>                            "D:/Temp/com.tweakersoft.aroundme-1.apk");
>
>              app.calculateSourcesSinksEntrypoints("D:/Arbeit/Android
> Analyse/soot-infoflow-android/SourcesAndSinks.txt");
>
>              soot.G.reset();
>
>
>
>              Options.v().set_src_prec(Options.src_prec_apk);
>
>
> Options.v().set_process_dir(Collections.singletonList("D:/Temp/com.tweakersoft.aroundme-1.apk"));
>
>
> Options.v().set_android_jars("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms");
>
>              Options.v().set_whole_program(true);
>
>              Options.v().set_allow_phantom_refs(true);
>
>              Options.v().set_output_format(Options.output_format_class);
>
>              Options.v().setPhaseOption("cg.spark", "on");
>
>
>
>              Scene.v().loadNecessaryClasses();
>
>
>
>              SootMethod entryPoint =
> app.getEntryPointCreator().createDummyMain();
>
>              Options.v().set_main_class(entryPoint.getSignature());
>
>
> Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
>
>              System.out.println(entryPoint.getActiveBody());
>
>
>
>              PackManager.v().runPacks();
>
>              JimpleBasedInterproceduralCFG icfg = new
> JimpleBasedInterproceduralCFG();
>
>              System.out.println(Scene.v().getCallGraph().size());
>
>
>
> Best regards,
>
>   Steven
>
>
>
> *Von:* soot-list-bounces at CS.McGill.CA [mailto:
> soot-list-bounces at CS.McGill.CA] *Im Auftrag von *Ding Li
> *Gesendet:* Dienstag, 7. Juli 2015 04:01
> *An:* soot-list at CS.McGill.CA
> *Betreff:* [Soot-list] Recarding spark
>
>
>
> Hi I have encountered some problem with spark:
>
> My code is like this:
>
> Options.*v*().set_src_prec(Options.*src_prec_apk*);
> Options.*v*().set_android_jars(androidpath);
> Options.*v*().set_whole_program(true);
> Options.*v*().set_verbose(false);
> Options.*v*().setPhaseOption("cg.spark", "on");
> Options.*v*().set_output_format(Options.*src_prec_J*);
> Options.*v*().set_keep_line_number(true);
> Options.*v*().set_keep_offset(true);
> Options.*v*().set_allow_phantom_refs(true);
> Options.*v*().set_process_dir(path_list);
> Scene.*v*().loadNecessaryClasses();
> Scene.*v*().setEntryPoints(entryPoints);
> PackManager.*v*().runPacks();
> PAG pag=(PAG)Scene.*v*().getPointsToAnalysis();
>
>
> //for any method
> while (stmtIt.hasNext()) {
>     Unit u = (Unit) stmtIt.next();
>     Stmt stmt=(Stmt)u;
>
>     if(stmt.containsInvokeExpr())
>     {
>         InvokeExpr exp = stmt.getInvokeExpr();
>         if(exp.getUseBoxes().size()>1)
>         {
>             Value l=exp.getUseBoxes().get(0).getValue();
>             if(l instanceof Local)
>             {
>                 Node n=pag.findLocalVarNode((Local) l);
>                 System.*out*.println(n); //it is null
>                 PointsToSetInternal pset=(PointsToSetInternal)pag.reachingObjects((Local) l);
>                 System.*out*.println(pset.size()); //the size is 0
>
>             }
>
>
>
>         }
>
>     }
> }
>
>
>
> I initialize soot with the first half, and then for any methods, I check
> the PointedToSet for the first arg of each method invocation. However, for
> any , I always get size of 0 in the PointedToSet and the Node of the
> argument in PAG is always null. I think at list the PointedToSet should
> contain the variable itself and the size should be at least 1, instead of
> empty. I am not quite sure where is wrong here, what should I set in oder
> to get pag.reachingObjects return a non-empty set? Thanks
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150707/5fbde47a/attachment.html

More information about the Soot-list mailing list