[Soot-list] All android classes appearing as phantom

Tue Jun 30 12:19:55 EDT 2015

Hi Ben,

Why do you have the “rt.jar” file from the JDK on the Soot classpath? If you are analyzing Android, you need Android’s implementation of the basic Java classes, not the one from the JDK. If you explicitly set the Soot classpath, Soot will not apply its defaults. In your case, this means that the Android platform JAR file that contains the Log class will not be loaded. You can either manually put your Android platform JAR file on the Soot classpath or do not set the Soot classpath at all and rely on Soot’s defaults.

Best regards,

  Steven

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Ben Westfield
Gesendet: Freitag, 26. Juni 2015 19:22
An: soot-list at CS.McGill.CA
Betreff: [Soot-list] All android classes appearing as phantom

Hi all

I've recently started working with soot to instrument Android apps. I am trying to add Log.i statements after every method invokeStmt in the app but am having some issues. It looks like Soot cannot find any of the android classes, as I am getting warning messages saying that these are all phantom. As such, my code then breaks when trying to add the Log methods as soot cannot see inside the phantom class. I've tried both specifying the folder conatining all the android platforms (android-*) to android-jars and by forcing a specific jar. However neither of these have worked. Do you know what I am doing wrong?

Thanks

Ben

Error:
java.lang.RuntimeException: No method d in class android.util.Log
    at soot.SootClass.getMethod(SootClass.java:339)

command prompt:
java -cp /home/Tools/soot-trunk.jar:.:/home/Tools/Soot/baksmali-2.0.6.jar:/home/Downloads/smali-2.0.6.jar andRetLog  app-debug.apk

source code:

import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

        import soot.Body;
import soot.BodyTransformer;
import soot.G;
import soot.Local;
import soot.PackManager;
import soot.PatchingChain;
import soot.RefType;
import soot.Scene;
import soot.SootClass;
import soot.SootMethod;
import soot.Transform;
import soot.Unit;
import soot.Value;
import soot.jimple.InvokeExpr;
import soot.jimple.InvokeStmt;
import soot.jimple.Jimple;
import soot.jimple.ReturnStmt;
import soot.jimple.Stmt;
import soot.jimple.StringConstant;
import soot.options.Options;
import soot.util.Chain;

        public class andRetLog {

            public static void main(String[] args) {
                G.reset();

                //initialise the options set
                //Options.v().set_android_jars("/home/android-sdk-linux/platforms/");
                Options.v().set_force_android_jar("/home/android-sdk-linux/platforms/android-17/android.jar");
                Options.v().set_soot_classpath(".:/usr/lib/jvm/java-7-oracle/jre/lib/rt.jar");
                Options.v().set_process_dir(Collections.singletonList("/home/ben/AndroidStudioProjects/Bbutton/app/app-debug.apk"));
                Options.v().set_allow_phantom_refs(true);
                Options.v().set_output_dir("/home/AndroidStudioProjects/Bbutton/app/sootOutput/");
                //prefer Android APK files// -src-prec apk
                Options.v().set_src_prec(Options.src_prec_apk);
                //Options.v().set_src_prec(Options.src_prec_jimple);
                //output as APK, too//-f J
                Options.v().set_output_format(Options.output_format_jimple);
                //Options.v().set_output_format(Options.output_format_dex);

                // resolve the PrintStream and System soot-classes
                //Scene.v().addBasicClass("java.io.PrintStream",SootClass.SIGNATURES);
                //Scene.v().addBasicClass("java.lang.System",SootClass.SIGNATURES)
                //imports logs and strings so that these are included 
                Scene.v().addBasicClass("android.util.Log",SootClass.SIGNATURES);
                //Scene.v().addBasicClass("android.util.String",SootClass.SIGNATURES);   
                PackManager.v().getPack("jtp").add(new Transform("jtp.myInstrumenter", new BodyTransformer() {
                    @Override
                    protected void internalTransform(final Body b, String phaseName, @SuppressWarnings("rawtypes") Map options) {
                        final PatchingChain<Unit> units = b.getUnits();
                        SootMethod log = Scene.v().getSootClass("android.util.Log").getMethod("i");

                        //important to use snapshotIterator here

                        for(Iterator<Unit> iter = units.snapshotIterator(); iter.hasNext();) {

                            Stmt s = (Stmt) iter.next();

                            if(s instanceof InvokeStmt || s instanceof ReturnStmt){
                                //make new static invokement
                                InvokeExpr invokeExpr = Jimple.v().newStaticInvokeExpr(log.makeRef(), (StringConstant.v("qwerty12345")),StringConstant.v("-If you are reading this, it has worked"));
                                // turn it into an invoke statement
                                  Stmt incStmt = Jimple.v().newInvokeStmt(invokeExpr);
                                //insert into chain
                                units.insertBefore(incStmt, s);        
                                        //.newAssignStmt(tmpRef, Jimple.v().newStaticFieldRef( 
                                          //Scene.v().getField("<java.lang.System: java.io.PrintStream out>").makeRef())), s);

                                //
                            }

                        }
                    };

                //end of internalTransform declaration
                }));

                soot.Main.main(args);
            }
        }

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150630/7d633c38/attachment.html 