[Soot-list] Soot not able to process the source code of android applications

Sanjay Thakur sttsanjay at gmail.com
Tue Jun 16 13:35:09 EDT 2015 

Also, is it somehow possible to exclude the xml related objects from
parsing and processing by soot. They all start as "R.*". This can work
because if soot doesn't tries to reference and process those objects, then
perhaps the thing might work.

On Tue, Jun 16, 2015 at 8:05 AM, Sanjay Thakur <sttsanjay at gmail.com> wrote:

>  Hi Steven,
> What we really want is to make a tool that can help an application
> developer to check his app for irregularities with the software engineering
> principles while he is still coding the app. Analyzing the apk for the same
> purpose has been successfully done by us.
>
> On Mon, Jun 15, 2015 at 7:10 PM, Steven Arzt <Steven.Arzt at cased.de> wrote:
>
>> Hi Sanjay,
>>
>>
>>
>> We never extended the Android components to work with source code. We
>> always worked on the compiled APK files. Therefore, aspects like manifest
>> parsing or layout XML file parsing will not work on source. Is there any
>> reason for you not to use the compiled APK file as input instead of source?
>>
>>
>>
>> Best regards,
>>
>>   Steven
>>
>>
>>
>> *Von:* soot-list-bounces at CS.McGill.CA [mailto:
>> soot-list-bounces at CS.McGill.CA] *Im Auftrag von *Sanjay Thakur
>> *Gesendet:* Montag, 15. Juni 2015 17:08
>> *An:* Steven Arzt
>> *Cc:* soot-list at CS.McGill.CA
>> *Betreff:* Re: [Soot-list] Soot not able to process the source code of
>> android applications
>>
>>
>>
>> Hi Steven,
>>
>> We are making a tool to analyze apks and the source codes to look for
>> parameters that are non-compliant and irregular with the software
>> engineering principles. We have a successful running program to analyze the
>> apks. We used soot for our work. But we failed to do so with the source
>> codes of android applications. Any suggestion towards analyzing the source
>> codes of android applications would be very useful.
>>
>> It came to my mind that if we can modify the soot source code to make it
>> compatible with our requirement then our work will be done. Can you tell
>> how can we start to being able to modify the soot itself, if possible.
>>
>> Thanks
>>
>>
>>
>> On Sat, Jun 13, 2015 at 7:24 PM, Steven Arzt <Steven.Arzt at cased.de>
>> wrote:
>>
>> Hi Sanjay,
>>
>>
>>
>> That is correct. Soot has no components for processing Android layout
>> files. If you want to work with Android apps in an analysis based on Soot,
>> you can make use of the FlowDroid parser components included in the
>> soot-infoflow-android project. The FlowDroid project, however, works on
>> compiled APK files, not on the original source files. Generally, Soot’s
>> bytecode / dex code front end is much more stale and up-to-date than the
>> front end for Java source code.
>>
>>
>> What exactly are you trying to do?
>>
>>
>>
>> Best regards,
>>
>>   Steven
>>
>>
>>
>> *Von:* soot-list-bounces at CS.McGill.CA [mailto:
>> soot-list-bounces at CS.McGill.CA] *Im Auftrag von *Sanjay Thakur
>> *Gesendet:* Samstag, 13. Juni 2015 00:59
>> *An:* soot-list at CS.McGill.CA
>> *Betreff:* [Soot-list] Soot not able to process the source code of
>> android applications
>>
>>
>>
>> Hello all,
>>
>> I have been trying to analyze the source code of Android applications.
>> The soot is not able to reference and process the non-java components
>> (which are actually the xml components) like the TextView and the layout
>> file. I have tried using the exclude list with "R." but got no success.
>> Here is my sample code:
>>
>>
>>
>> Options.v().set_android_jars(pathToAndroidJarForSoot);
>>
>>
>> Options.v().set_soot_classpath("/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/rt.jar:/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/jce.jar:/home/sanjay/Android/Sdk/platforms/android-21/android.jar");
>>
>> Options.v().set_src_prec(Options.src_prec_java);
>>
>> Options.v().set_allow_phantom_refs(true);
>>
>> List<String> excludeList = new LinkedList<String>();
>>
>> excludeList.add("R.");
>>
>> Options.v().set_exclude(excludeList);
>>
>> Options.v().set_no_bodies_for_excluded(true);
>>
>> Options.v().set_process_dir(Collections.singletonList(pathToDirectory));
>>
>> Options.v().set_whole_program(true);
>>
>> ......
>>
>> ......
>>
>>
>>
>>
>>
>>
>>
>> The errors look like the following
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:17,24:
>>
>> soot.CompilationDeathException: there were errors during parsing and/or
>> type checking (JastAdd frontend)
>>
>>   Semantic Error: R.layout not found
>>
>> at soot.JastAddInitialResolver.formAst(JastAddInitialResolver.java:63)
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:17,33:
>>
>> at soot.JavaClassSource.resolve(JavaClassSource.java:54)
>>
>>   Semantic Error: no field named activity_main is accessible
>>
>> at soot.SootResolver.bringToHierarchy(SootResolver.java:230)
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:18,43:
>>
>> at soot.SootResolver.bringToSignatures(SootResolver.java:255)
>>
>>   Semantic Error: R.id not found
>>
>> at soot.SootResolver.bringToBodies(SootResolver.java:291)
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:18,48:
>>
>> at soot.SootResolver.processResolveWorklist(SootResolver.java:165)
>>
>>   Semantic Error: no field named tvMessage is accessible
>>
>> at soot.SootResolver.resolveClass(SootResolver.java:130)
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:26,35:
>>
>> at soot.Scene.loadClass(Scene.java:693)
>>
>>   Semantic Error: R.menu not found
>>
>> at soot.Scene.loadClassAndSupport(Scene.java:678)
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:26,42:
>>
>> at soot.Scene.loadNecessaryClasses(Scene.java:1351)
>>
>>   Semantic Error: no field named menu_main is accessible
>>
>> at paprika.analyzer.SootAnalyzer.init(SootAnalyzer.java:82)
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:38,19:
>>
>> at paprika.Main.runAnalysis(Main.java:112)
>>
>>   Semantic Error: R.id not found
>>
>> at paprika.Main.main(Main.java:79)
>>
>>
>> /home/sanjay/Documents/UQAM/sourcesNapks/ForSoot/app/src/main/java/forsoot/com/forsoot/MainActivity.java:38,24:
>>
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>
>>   Semantic Error: no field named action_settings is accessible
>>
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> at java.lang.reflect.Method.invoke(Method.java:606)
>>
>> at com.intellij.rt.execution.application.AppMain.main(AppMain.java:140)
>>
>>
>>
>> --
>>
>> Sanjay Thakur
>>
>> Research Intern
>>
>> UQAM
>>
>> Montreal, Canada
>>
>>
>>
>>
>> --
>>
>> Sanjay Thakur
>>
>> Research Intern
>>
>> UQAM
>>
>> Montreal, Canada
>>
>
>
>
> --
> Best regards,
> Sanjay Thakur
> Research Intern
> UQAM
> Montreal, Canada
>



-- 
Best regards,
Sanjay Thakur
Research Intern
UQAM
Montreal, Canada
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150616/53eebd38/attachment-0001.html

More information about the Soot-list mailing list