[Soot-list] Question about flowdroid
James F
jamesfuhao at gmail.com
Sat Jan 16 20:49:17 EST 2016
Eric said "It computes implicit information flows (if enabled on the
command line). While they are not represented in an explicit PDG but rather
computed on the fly, they might be sufficient for your purpose. Note that
this is a forward-slicing approach."
inside https://mailman.cs.mcgill.ca/pipermail/soot-list/2014-February/006508.html.
So is it to say we can leverage "implicit flow" part to implement our own
backward slicing?
On Sunday, November 29, 2015 at 8:51:15 AM UTC-8, Steven Arzt wrote:
>
> Hi,
>
>
>
> I have included the Soot mailing list in this reply. Some of the features
> you are asking for are not available in Soot, but have built them on top of
> Soot without contributing them back to the main development branch. Soot,
> for instance, does not have a slicer on its own. However, there are
> external implementations, for instance the one from the paper “Dynamic
> slicing with soot” by Adrian Treffer and Matthias Uflacker published at
> SOAP 2014. You can contact them to get their implementation. Another paper
> would be Nair’s master thesis:
> uwspace.uwaterloo.ca/bitstream/10012/5144/1/uw-ethesis.pdf. Our group has
> also built a slicer based on Soot in another research project, but, sadly,
> it’s much too specialized to be useful outside of that project.
>
>
>
> For program dependence graphs, we do have support. Look into the package
> “soot.toolkits.graph.pdg”. Personally, I haven’t used these parts of Soot
> yet, but they exists and should work just fine.
>
>
>
> Best regards,
>
> Steven
>
>
>
> *Von:* nuaawangxiaolei [mailto:nuaawan... at 163.com <javascript:>]
> *Gesendet:* Samstag, 28. November 2015 14:14
> *An:* Steven Arzt
> *Betreff:* Re:AW: Question about flowdroid
>
>
>
> OK, thanks a lot, firstly.
>
> The reason why I want to combine flowdroid with wala is that I want to
> learn program slice, program dependence graph, system dependence graph.
> Someone tell me that Soot cannot do this work.
>
> Therefore, I want to combine flowdroid with wala.
>
>
>
> Now that you are the maintainer of Soot. I want to ask you whether Soot
> can conveniently make program slice, program dependence graph ,system
> dependence graph using the results of Flowdroid.
>
> If yes, would you like to share me some simple examples? And I can learn
> from them.
>
> If no, I have to use WALA finally.
>
>
>
> Look forwarding to your reply.
>
>
>
>
>
> At 2015-11-27 22:38:49, "Steven Arzt" <Steve... at cased.de <javascript:>>
> wrote:
>
> Hi,
>
>
>
> FlowDroid is based on Soot, so the easiest way to create an analysis for
> Android apps is to write them using Soot. If you need a data flow analysis,
> that’s what FlowDroid is all about, so you can simply use the tool as-is.
>
>
>
> If you want to nevertheless write your analysis in Wala and just need the
> dummy main method generated by FlowDroid, you can do it as you have
> proposed. To dump the dummy main method from FlowDroid, you need to set it
> as an application class and configure the Soot output format as “class”.
> Then, call the output writer.
>
>
>
> To get a dummy main method in the first place, you can do something along
> these lines:
>
>
>
> SetupApplication app = new SetupApplication
>
>
> ("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms",
>
> "D:/Temp/com.tweakersoft.aroundme-1.apk");
>
> app.calculateSourcesSinksEntrypoints("D:/Arbeit/Android
> Analyse/soot-infoflow-android/SourcesAndSinks.txt");
>
> soot.G.reset();
>
>
>
> Options.v().set_src_prec(Options.src_prec_apk);
>
>
> Options.v().set_process_dir(Collections.singletonList("D:/Temp/com.tweakersoft.aroundme-1.apk"));
>
>
> Options.v().set_android_jars("D:/Tools/adt-bundle-windows-x86_64-20140321/sdk/platforms");
>
> Options.v().set_allow_phantom_refs(true);
>
> Options.v().set_output_format(Options.output_format_class);
>
>
>
> Scene.v().loadNecessaryClasses();
>
>
>
> SootMethod entryPoint =
> app.getEntryPointCreator().createDummyMain();
>
> Options.v().set_main_class(entryPoint.getSignature());
>
>
> Scene.v().setEntryPoints(Collections.singletonList(entryPoint));
>
> System.out.println(entryPoint.getActiveBody());
>
> PackManager.v().writeOutput();
>
>
>
> This should work. If it does not for some reason, feel free to contact me.
> Your “class” files (both for the dummy main method and for all of the
> classes inside your apk file) should then end up in the “sootOutput” folder.
>
>
>
> Best regards,
>
> Steven
>
>
>
> *Von:* nuaawangxiaolei [mailto:nuaawan... at 163.com <javascript:>]
> *Gesendet:* Freitag, 27. November 2015 03:11
> *An:* steve... at ec-spride.de <javascript:>
> *Betreff:* Question about flowdroid
>
>
>
> Hi:
>
> Sorry to interrupt you. From your homepage, I know you are the
> maintainer of Flowdroid and Soot. Now I have a question. That is I want to
> combine flowdroid with wala.
>
> Someone on the website said the way to do this , as follows:
>
> Firstly, FlowDroid will build a dummy main method for the app and dump
> it in sootOutput/dummyMainClass. class. The name of the main method
> is dummyMainMethod.
>
> Secondly, Load dummyMainClass. class along with the rest of the
> bytecodes for the app and wrap dummyMainClass. dummyMainMethod in a WALA
> DefaultEntrypoint.
>
>
>
> Therefore, I want to ask you whether this method is feasible. If this
> method is feasible, would you like to tell me how to dump the
> dummyMainClass.class and load the dummyMainClass.class with the rest of the
> bytecodes for the app? using Flowdroid
>
> Thanks a lot and look forward to hearing from you.
>
>
>
>
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20160117/e2f700d8/attachment-0001.html
More information about the Soot-list
mailing list