[Soot-list] Spark & Android Source Code no main class
Steven Arzt
Steven.Arzt at cased.de
Sun Feb 28 14:50:25 EST 2016
Hi Anshul,
For using SPARK, you need a proper entry point. This entry point must be a public static method that is the starting point of your program execution. In a Java program, this would be the main() method. Unfortunately, there is no such method in an Android app. Therefore, you need to create your own. For a precise callgraph, this custom entry point must faithfully model the interaction of the Android framework with the app. As this is very complex, I would recommend using the existing implementation in FlowDroid:
SetupApplication app = new SetupApplication
("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms",
"D:/Temp/com.tweakersoft.aroundme-1.apk");
app.calculateSourcesSinksEntrypoints("D:/Arbeit/Android Analyse/soot-infoflow-android/SourcesAndSinks.txt");
soot.G.reset();
Options.v().set_src_prec(Options.src_prec_apk);
Options.v().set_process_dir(Collections.singletonList("D:/Temp/com.tweakersoft.aroundme-1.apk"));
Options.v().set_android_jars("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms");
Options.v().set_allow_phantom_refs(true);
Options.v().setPhaseOption("cg.spark", "on");
Scene.v().loadNecessaryClasses();
SootMethod entryPoint = app.getEntryPointCreator().createDummyMain();
Options.v().set_main_class(entryPoint.getSignature());
Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
System.out.println(entryPoint.getActiveBody());
PackManager.v().runPacks();
System.out.println(Scene.v().getCallGraph().size());
This code should give you a non-empty callgraph.
Best regards,
Steven
Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Anshul Vij
Gesendet: Sonntag, 6. Dezember 2015 14:55
An: soot
Cc: soot-list at CS.McGill.CA; jott002 at ucr.edu; Steven.Arzt at cased.de
Betreff: Re: [Soot-list] Spark & Android Source Code no main class
Hi Steven Arzt,
I am also using Soot framework for creating and using Android application's call graph.
Can you help me in understanding which class should I use as main class?
For me callgraph.size() always returning 0.
I want to find a particular method invocation in all method bodies and backtrack (using edgesInto(method)) until I reach a method that is Android callback method.
I have a list to match the signatures with callback method.
Current problem is that the callgraph contains nothing.
I believe as you pointed here that I need to set a main class and entry point.
So should I make an Activity as a main class and onCreate() as entry point?
Please help in this regard.
Thank you!
Kind regards,
Anshul
On Friday, 27 March 2015 11:15:00 UTC+1, Steven Arzt wrote:
Hi Jason,
You should never need to call „loadClassAndSupport“ on your own. This is done internally by Soot.
For creating a callgraph, you need an entry point. For normal Java applications, this is the main() method. You can either explicitly specify it or have Soot automatically select the only main() method in your Soot classpath.
The easiest way to get a callgraph is to call the Soot main method and pass the correct command-line parameters:
-p cg.spark on This enables SPARK
-process-dir Path to the classes you want to analyze
-cp Path to other classes that might be referenced from your analysis target
-main-class The main class to use
After the call to soot.Main.main(), you should be able to access the callgraph.
A more involved example that calls the required parts of Soot manually goes here:
public static void main(String[] args) {
Options.v().parse(args);
Scene.v().loadNecessaryClasses();
SootClass sc = Scene.v()
.forceResolve("soot.Examples", SootClass.BODIES);
sc.setApplicationClass();
SootMethod method = sc.getMethodByName("main");
List<SootMethod> entryPoints = new ArrayList<SootMethod>();
entryPoints.add(method);
Scene.v().setEntryPoints(entryPoints);
Options.v().set_main_class(method.getSignature());
PackManager.v().runPacks();
CallGraph callgraph = Scene.v().getCallGraph();
System.out.println("[TestSpark] Call graph size " + callgraph.size());
for (Edge edge : callgraph)
System.out.println(edge + "");
}
This is essentially what the normal Soot main method would do.
Best regards,
Steven
Von: soot-lis... at CS.McGill.CA <javascript:> [mailto:soot-lis... at CS.McGill.CA <javascript:> ] Im Auftrag von Jason Ott
Gesendet: Mittwoch, 25. März 2015 06:31
An: soot... at CS.McGill.CA <javascript:>
Betreff: [Soot-list] Spark & Android Source Code no main class
I would like to build a callgraph for each class of the android framework and I am struggling. I haven't found much in the way of documentation or examples for using SPARK in general.
I have a basic program that does the following:
public class DumpClass {
public static void main(String[] args) {
Scene.v().loadBasicClasses();
SootClass mclass;
mclass = Scene.v().loadClassAndSupport(args[0]);
mclass.setApplicationClass();
Options.v().set_whole_program(true);
Options.v().setPhaseOption("cg.spark", "on");
Scene.v().loadNecessaryClasses();
Options.v().set_main_class(mclass.getMethods().get(0).toString());
PackManager.v().runPacks();
new SparkTest(mclass);
}
}
Now, when I run this, I get: Exception in thread "main" java.lang.RuntimeException: There is no main class set!
I'm not quite sure what to do with that or what to do next if this thing ever works.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20160228/f468de53/attachment-0001.html
More information about the Soot-list
mailing list