[Soot-list] 答复: about custom entry points

Wed Mar 8 21:34:25 EST 2017

Hi, Arzt!

Thank you for your reply.
I have further questions about DefaultEntyPointCreator:

The method DefaultEntyPointCreator.createDummyMain, which has a SootMethod to transfer in and also a SootMethod transfer out.
So,  I write code like this:

        Options.v().parse(sootArgs);
        SootClass c = Scene.v().forceResolve(mainClass, SootClass.BODIES);
        c.setApplicationClass();
        Scene.v().loadNecessaryClasses();
        SootMethod method = c.getMethodByName("bad");

        Collection<String> dummyMain = new ArrayList<String>();
        dummyMain.add("bad");
        DefaultEntryPointCreator depc = new DefaultEntryPointCreator(dummyMain);
        SootMethod mainMethod = depc.createDummyMain(method);

        List<SootMethod> entryPoints = new ArrayList<SootMethod>();
        entryPoints.add(mainMethod);
        Scene.v().setEntryPoints(entryPoints);

        PackManager.v().runPacks();

Please help me for the two questions below:

1.       No active body present for method <void bad(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)>
When createDummyMain.

2.       When I got the mainMethod ,am I doing it in a right way?

Thanks again and looking forward.

发件人: Arzt, Steven [mailto:steven.arzt at sit.fraunhofer.de]
发送时间: 2017年3月8日 18:27
收件人: liujiefeng; soot-list at CS.McGill.CA
主题: RE: about custom entry points

Hi,

Soot’s callgraph algorithms usually analyze programs starting from the entry point which is expected to be some main method. In the case of servlets, you need to provide a main method that emulates calls to the servlet methods. To automatically generate such a dummy main method, you can have a look at the DefaultEntryPointCreator class from FlowDroid (soot-infoflow on Github) that was exactly designed to create dummy main methods for such cases. The method it generates will not be executable, but equivalent to a real implementation for the purpose of callgraph construction.

Best regards,
  Steven

From: Soot-list [mailto:soot-list-bounces at cs.mcgill.ca] On Behalf Of liujiefeng
Sent: Wednesday, March 8, 2017 4:57 AM
To: soot-list at CS.McGill.CA<mailto:soot-list at CS.McGill.CA>
Subject: [Soot-list] about custom entry points

Hi, there!

I’ve got some problems with custom entry points.
I’ve learned from https://github.com/Sable/soot/wiki/Using-Soot-with-custom-entry-points to analyze from custom entry point.
Options.v().parse(args);
SootClass c = Scene.v().forceResolve("MyEntryPoint", SootClass.BODIES);
c.setApplicationClass();
Scene.v().loadNecessaryClasses();
SootMethod method = c.getMethodByName("myMethod");
List entryPoints = new ArrayList();
entryPoints.add(method);
Scene.v().setEntryPoints(entryPoints);
PackManager.v().runPacks();

But I can’t use

To get to my method, it just always analyze from main method.
Since my project is using servlet, so I can’t just make a call in main method since request and response is not easy to new.

So I’m wondering:

1.       Is it possible to analyze from custom entry point throw the method above?

2.       If so, what is my problem? Does “myMethod” cannot just be String of method name?

Looking forward & with best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20170309/a24ae912/attachment-0001.html>