[Soot-list] Question about flowdroid

Steven Arzt Steven.Arzt at cased.de
Sun Nov 29 11:50:29 EST 2015 

Hi,



I have included the Soot mailing list in this reply. Some of the features
you are asking for are not available in Soot, but have built them on top of
Soot without contributing them back to the main development branch. Soot,
for instance, does not have a slicer on its own. However, there are external
implementations, for instance the one from the paper “Dynamic slicing with
soot” by Adrian Treffer and Matthias Uflacker published at SOAP 2014. You
can contact them to get their implementation. Another paper would be Nair’s
master thesis: uwspace.uwaterloo.ca/bitstream/10012/5144/1/uw-ethesis.pdf.
Our group has also built a slicer based on Soot in another research project,
but, sadly, it’s much too specialized to be useful outside of that project.



For program dependence graphs, we do have support. Look into the package
“soot.toolkits.graph.pdg”. Personally, I haven’t used these parts of Soot
yet, but they exists and should work just fine.



Best regards,

  Steven



Von: nuaawangxiaolei [mailto:nuaawangxiaolei at 163.com]
Gesendet: Samstag, 28. November 2015 14:14
An: Steven Arzt
Betreff: Re:AW: Question about flowdroid



OK, thanks a lot, firstly.

The reason why I want to combine flowdroid with wala is that I want to learn
program slice, program dependence graph, system dependence graph. Someone
tell me that Soot cannot do this work.

Therefore, I want to combine flowdroid with wala.



Now that you are the maintainer of Soot. I want to ask you whether Soot can
conveniently make program slice, program dependence graph ,system dependence
graph using the results of Flowdroid.

If yes, would you like to share me some simple examples? And I can learn
from them.

If no, I have to use WALA finally.



Look forwarding to your reply.





At 2015-11-27 22:38:49, "Steven Arzt" <Steven.Arzt at cased.de> wrote:



Hi,



FlowDroid is based on Soot, so the easiest way to create an analysis for
Android apps is to write them using Soot. If you need a data flow analysis,
that’s what FlowDroid is all about, so you can simply use the tool as-is.



If you want to nevertheless write your analysis in Wala and just need the
dummy main method generated by FlowDroid, you can do it as you have
proposed. To dump the dummy main method from FlowDroid, you need to set it
as an application class and configure the Soot output format as “class”.
Then, call the output writer.



To get a dummy main method in the first place, you can do something along
these lines:



             SetupApplication app = new SetupApplication


("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms",

                           "D:/Temp/com.tweakersoft.aroundme-1.apk");

             app.calculateSourcesSinksEntrypoints("D:/Arbeit/Android
Analyse/soot-infoflow-android/SourcesAndSinks.txt");

             soot.G.reset();



             Options.v().set_src_prec(Options.src_prec_apk);


Options.v().set_process_dir(Collections.singletonList("D:/Temp/com.tweakerso
ft.aroundme-1.apk"));


Options.v().set_android_jars("D:/Tools/adt-bundle-windows-x86_64-20140321/sd
k/platforms");

             Options.v().set_allow_phantom_refs(true);

             Options.v().set_output_format(Options.output_format_class);



             Scene.v().loadNecessaryClasses();



             SootMethod entryPoint =
app.getEntryPointCreator().createDummyMain();

             Options.v().set_main_class(entryPoint.getSignature());


Scene.v().setEntryPoints(Collections.singletonList(entryPoint));

             System.out.println(entryPoint.getActiveBody());

             PackManager.v().writeOutput();



This should work. If it does not for some reason, feel free to contact me.
Your “class” files (both for the dummy main method and for all of the
classes inside your apk file) should then end up in the “sootOutput”
folder.



Best regards,

  Steven



Von: nuaawangxiaolei [mailto:nuaawangxiaolei at 163.com]
Gesendet: Freitag, 27. November 2015 03:11
An: steven.arzt at ec-spride.de
Betreff: Question about flowdroid



Hi:

    Sorry to interrupt you. From your homepage, I know you are the
maintainer of Flowdroid and Soot. Now I have a question. That is I want to
combine flowdroid with wala.

    Someone on the website  said the way  to do this , as follows:

    Firstly, FlowDroid will build a dummy main method for the app and dump
it in sootOutput/dummyMainClass. class. The name of the main method is
dummyMainMethod.

    Secondly, Load dummyMainClass. class along with the rest of the
bytecodes for the app and wrap dummyMainClass. dummyMainMethod in a WALA
DefaultEntrypoint.



    Therefore, I want to ask you whether this method is feasible. If this
method is feasible, would you like to tell me how to dump the
dummyMainClass.class and load the dummyMainClass.class with the rest of the
bytecodes for the app? using Flowdroid

    Thanks a lot and look forward to hearing from you.











-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20151129/d0912992/attachment-0001.html

More information about the Soot-list mailing list