[Soot-list] Generating Android APK CallFlowGraph

Monika Mashalkar monikamashalkar at gmail.com
Sun Mar 8 09:34:31 EDT 2015 

Got it !! Thank you Steven :)

On Friday, 6 March 2015 17:12:38 UTC+5:30, Steven Arzt wrote:
>
> Hi Monika,
>
>  
>
> You get these warnings because your APK file references classes which are 
> not included in your Android JAR file. This is usually not a problem as 
> long as you do not wish to analyze the code of the Android operating system 
> itself.
>
>  
>
> Best regards,
>
>   Steven
>
>  
>
> *Von:* soot-lis... at CS.McGill.CA <javascript:> [mailto:
> soot-lis... at CS.McGill.CA <javascript:>] *Im Auftrag von *Monika Mashalkar
> *Gesendet:* Mittwoch, 25. Februar 2015 13:51
> *An:* Steven Arzt
> *Cc:* soot... at CS.McGill.CA <javascript:>; soot... at sable.mcgill.ca 
> <javascript:>; soot... at googlegroups.com <javascript:>
> *Betreff:* Re: [Soot-list] Generating Android APK CallFlowGraph
>
>  
>
> Hi Steven,
>
>  
>
> Thanks for your quick reply. I am able to run the code now. But I am 
> getting the warnings as follow :
>
>  
>
> Warning: java.lang.ref.Finalizer is a phantom class!
>
> Warning: android.graphics.pdf.PdfDocument$Page is a phantom class!
>
> Warning: android.graphics.pdf.PdfDocument$PageInfo is a phantom class!
>
> Warning: android.graphics.pdf.PdfDocument is a phantom class!
>
> Warning: android.media.RemoteControlClient$OnGetPlaybackPositionListener 
> is a phantom class!
>
> Warning: 
> android.media.RemoteControlClient$OnPlaybackPositionUpdateListener is a 
> phantom class!
>
> Warning: android.print.PageRange is a phantom class!
>
> Warning: android.print.PrintAttributes$Builder is a phantom class!
>
> Warning: android.print.PrintAttributes$MediaSize is a phantom class!
>
> Warning: android.print.PrintAttributes is a phantom class!
>
> Warning: android.print.PrintDocumentAdapter$LayoutResultCallback is a 
> phantom class!
>
> Warning: android.print.PrintDocumentAdapter$WriteResultCallback is a 
> phantom class!
>
> Warning: android.print.PrintDocumentAdapter is a phantom class!
>
> Warning: android.print.PrintDocumentInfo$Builder is a phantom class!
>
> Warning: android.print.PrintDocumentInfo is a phantom class!
>
> Warning: android.print.PrintJob is a phantom class!
>
> Warning: android.print.PrintManager is a phantom class!
>
> Warning: android.print.pdf.PrintedPdfDocument is a phantom class!
>
> Warning: android.view.ViewTreeObserver$OnWindowAttachListener is a phantom 
> class!
>
> Warning: android.view.ViewTreeObserver$OnWindowFocusChangeListener is a 
> phantom class!
>
>  
>
> May I know the reason, why I am getting these warnings ?
>
>  
>
> The command that I am using to run the program is :
>
>  
>
> monika at monika-OptiPlex-990:~$ java -cp 
> .:soot-trunk.jar:soot-infoflow.jar:soot-infoflow-android.jar:slf4j-api-1.7.5.jar:slf4j-simple-1.7.5.jar:axml-2.0.jar:/usr/lib/jvm/java-7-openjdk-i386/jre/lib/rt.jar 
> CFG
>
>  
>
> I am attaching the output file with this mail. Please, tell me I am 
> getting it correct or not.
>
>  
>
> Thanks and regards,
>
> Monika
>
>  
>
> On Wed, Feb 25, 2015 at 3:51 PM, Steven Arzt <Steve... at cased.de 
> <javascript:>> wrote:
>
> Hi Monika,
>
>  
>
> The CFG class is not part of Soot. It was just written as an example. You 
> need to compile it on your own.
>
>  
>
> Best regards,
>
>   Steven
>
>  
>
>  
>
> M.Sc. M.Sc. Steven Arzt
>
> Secure Software Engineering Group (SSE)
>
> European Center for Security and Privacy by Design (EC SPRIDE) 
>
> Rheinstraße 75
>
> D-64293 Darmstadt
>
> Phone: +49 61 51 869-336
>
> Fax: +49 61 51 16-72118
>
> eMail: steven.arzt at ec-spride.de <javascript:>
>
> Web: http://sse.ec-spride.de
>
>  
>
>  
>
>  
>
> *Von:* Monika Mashalkar [mailto:monikam... at gmail.com <javascript:>] 
> *Gesendet:* Mittwoch, 25. Februar 2015 05:30
> *An:* soot... at googlegroups.com <javascript:>
> *Cc:* soot... at sable.mcgill.ca <javascript:>; soot... at cs.mcgill.ca 
> <javascript:>; Steve... at cased.de <javascript:>
> *Betreff:* Re: [Soot-list] Generating Android APK CallFlowGraph
>
>  
>
> Hi Lokesh,
>
>  
>
> I am very new to the SOOT Framework and Flow-droid. I want to find the 
> flow graph from android apk in my project and I am trying to run the code 
> posted in this thread to do the same. I am trying to run the following 
> command on Ubuntu 
>
> Command : java -cp 
> soot-trunk.jar:soot-infoflow.jar:soot-infoflow-android.jar:slf4j-api-1.7.5.jar:slf4j-simple-1.7.5.jar:axml-2.0.jar 
> -cp .:/usr/lib/jvm/java-7-openjdk-i386/jre/lib/rt.jar CFG
>
>  
>
> but I am getting Error as : Error: Could not find or load main class CFG
>
>  
>
> Could you please tell me the command to execute the CFG program.
>
>  
>
> Thank you,
>
> Monika
>
>
> On Monday, 21 July 2014 13:46:37 UTC+5:30, LOKESH JAIN wrote:
>
> Hi all,
>
>  
>
> I resolved the issue and finally i am getting the call graph. Thank you 
> all of you for your time and help. :)
>
>  
>
> 1. But Stevan I am still curious to know how to work with QueueReader 
> Object for generating dot format.
>
> 2. And why the size of call graph for RV2013.apk is 54. And is there any 
> way to remove unnecessary size.
>
>  
>
> Thanks&Regards
>
> Lokesh
>
>  
>
> On Mon, Jul 21, 2014 at 11:38 AM, LOKESH JAIN <lokesh... at gmail.com> wrote:
>
> Hi all,
>
> Steven I still couldn't figure it out how to work with queuereader object 
> for generating dot format.
>
>  
>
> I have used dot graph class manually as suggested to me by Stefan but,
>
> I am getting NullPointerException. I don't know why. I have pasted the 
> complete code.
>
> Please help me out.
>
>  
>
> Exception in thread "main" java.lang.NullPointerException
>
> at DotGraph.getNode(DotGraph.java:53)
>
> at DotGraph.drawNode(DotGraph.java:61)
>
> at CFG.visit(CFG.java:114)
>
> at CFG.main(CFG.java:94)
>
>  
>
>  
>
> CFG.java
>
>  
>
> import java.io.BufferedOutputStream;
>
> import java.io.FileOutputStream;
>
> import java.io.IOException;
>
> import java.io.OutputStream;
>
> import java.util.Collections;
>
> import java.util.HashMap;
>
> import java.util.HashSet;
>
> import java.util.Iterator;
>
> import java.util.LinkedList;
>
> import java.util.List;
>
>  
>
> import org.xmlpull.v1.XmlPullParserException;
>
>  
>
> import soot.MethodOrMethodContext;
>
> import soot.PackManager;
>
> import soot.Scene;
>
> import soot.SootMethod;
>
> import soot.jimple.infoflow.android.SetupApplication;
>
> import soot.jimple.toolkits.callgraph.CallGraph;
>
> import soot.jimple.toolkits.callgraph.Targets;
>
> import soot.options.Options;
>
> import soot.util.dot.DotGraphUtility;
>
> import soot.util.dot.Renderable;
>
> public class CFG {
>
> private static DotGraph dot = new DotGraph("callgraph");
>
> private static HashMap <String,Boolean> visited = new 
> HashMap<String,Boolean>(); 
>
> public CFG() {
>
>  
>
>  
>
> }
>
>  
>
> public static void main(String[] args) {
>
>  
>
> // TODO Auto-generated method stub
>
>  
>
> SetupApplication app = new 
> SetupApplication("/home/lokesh/Desktop/android-sdk-linux/platforms/android-19/android.jar","/home/lokesh/Desktop/android-instrumentation-tutorial-master/app-example/RV2013/bin/RV2013.apk");
>
> try {
>
>  
>
>
> app.calculateSourcesSinksEntrypoints("/home/lokesh/Downloads/soot-infoflow-android-develop/SourcesAndSinks.txt");
>
>  
>
>  
>
> } catch (IOException e) {
>
>  
>
> // TODO Auto-generated catch block
>
>  
>
> e.printStackTrace();
>
>  
>
> } catch (XmlPullParserException e) {
>
>  
>
> // TODO Auto-generated catch block
>
>  
>
> e.printStackTrace();
>
>  
>
> }
>
>  
>
> soot.G.reset();
>
>  
>
> Options.v().set_src_prec(Options.src_prec_apk);
>
>  
>
>
> Options.v().set_process_dir(Collections.singletonList("/home/lokesh/Desktop/android-instrumentation-tutorial-master/app-example/RV2013/bin/RV2013.apk"));
>
>  
>
>
> Options.v().set_force_android_jar("/home/lokesh/Desktop/android-sdk-linux/platforms/android-19/android.jar");
>
>  
>
> Options.v().set_whole_program(true);
>
>  
>
> Options.v().set_allow_phantom_refs(true);
>
>  
>
> Options.v().set_output_format(Options.output_format_none);
>
>  
>
> Options.v().setPhaseOption("cg.spark verbose:true", "on");
>
>  
>
> Scene.v().loadNecessaryClasses();
>
>  
>
> SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();
>
>  
>
> Options.v().set_main_class(entryPoint.getSignature());
>
>  
>
> Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
>
>  
>
> System.out.println("............"+entryPoint.getActiveBody());
>
>  
>
> PackManager.v().runPacks();
>
>  
>
> System.out.println(Scene.v().getCallGraph().size());
>
> CallGraph cg = Scene.v().getCallGraph();
>
>  
>
> visit(cg, entryPoint);
>
> dot.plot("/home/lokesh/Desktop/soot1"+ dot.DOT_EXTENSION);
>
>  
>
> }
>
> private static void visit(CallGraph cg, SootMethod k)
>
> {
>
> String identifier = k.getName();
>
>  
>
> visited.put(k.getSignature(),true);
>
>  
>
>  
>
> dot.drawNode(identifier);
>
>  
>
>  
>
> //iterate over unvisited parents
>
> Iterator<MethodOrMethodContext> ptargets = new Targets(cg.edgesInto(k));
>
>  
>
>  
>
> if(ptargets != null){
>
> while(ptargets.hasNext())
>
> {
>
> SootMethod p = (SootMethod) ptargets.next();
>
>  
>
>  
>
> if(p == null) System.out.println("p is null");
>
>  
>
>  
>
> if(!visited.containsKey(p.getSignature()))
>
> visit(cg,p);
>
> }
>
> }
>
>  
>
>  
>
> //iterate over unvisited children
>
> Iterator<MethodOrMethodContext> ctargets = new Targets(cg.edgesOutOf(k));
>
>  
>
>  
>
> if(ctargets != null){
>
> while(ctargets.hasNext())
>
> {
>
> SootMethod c = (SootMethod) ctargets.next();
>
> if(c == null) System.out.println("c is null");
>
> dot.drawEdge(identifier, c.getName());
>
>  
>
>  
>
> if(!visited.containsKey(c.getSignature()))
>
> visit(cg,c);
>
> }
>
> }
>
> }
>
> }
>
>  
>
>  
>
>  
>
>  
>
> DotGraph.java
>
>  
>
> import java.io.BufferedOutputStream;
>
> import java.io.FileOutputStream;
>
> import java.io.IOException;
>
> import java.io.OutputStream;
>
> import java.util.HashMap;
>
> import java.util.LinkedList;
>
> import java.util.List;
>
>  
>
> import soot.util.dot.DotGraphEdge;
>
> import soot.util.dot.DotGraphNode;
>
> import soot.util.dot.DotGraphUtility;
>
> import soot.util.dot.Renderable;
>
>  
>
> public class DotGraph implements Renderable
>
> {
>
> public final static String DOT_EXTENSION = ".dot";
>
> private HashMap<String, DotGraphNode> nodes;
>
> private boolean isSubGraph;
>
> private List<Renderable> drawElements;
> ...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150308/0e56d0c2/attachment-0003.html

More information about the Soot-list mailing list