[Soot-list] Soot not finding class without a main for call graph

Eric Ortega eortega at pjrcorp.com
Fri Feb 5 11:34:02 EST 2021 

Hi Fogo,

Progress is good.  Unfortunately, I’m not using soot for the same functionality that you are so I’m afraid you and I would be in the same boat there.  Best of luck!

Regards,
Eric Ortega

From: Fogo Tunde-Onadele <oatundeo at ncsu.edu>
Date: Friday, February 5, 2021 at 5:47 AM
To: Eric Ortega <eortega at pjrcorp.com>
Cc: "soot-list at cs.mcgill.ca" <soot-list at cs.mcgill.ca>
Subject: Re: [Soot-list] Soot not finding class without a main for call graph

Hi Eric and all,

Thanks for the feedback. I got some success using a driver class although I encountered issues on the way. These issues stemmed from my improper use of java packages. This github issue<https://github.com/soot-oss/soot/issues/1346> was helpful as a reference (to ensure the package location was included in the classpath and the proper class naming was used).

I also found better progress using the basic way of setting the main class below, instead of using setApplicationClass and entrypoints in my prior excerpt (from the Soot Heros wiki<https://github.com/Sable/heros/wiki/Example%3A-Using-Heros-with-Soot>)
SootClass appclass = Scene.v().loadClassAndSupport(mainclass);
Scene.v().setMainClass(appclass);
Scene.v().loadNecessaryClasses();

  1.  However,  I am now running into this error during the statement "solver.solve();" which I would appreciate help with:
[Thread-11] ERROR heros.solver.CountingThreadPoolExecutor - Worker thread execution failed: null java.lang.NullPointerException
  2.  The reason I want to use Heros is because it will be able to follow/filter the call path based on the inputs from the driver class (interprocedural control flow graph). I also wanted to clarify this because I can run without runtime errors with Soot and SPARK alone but it will give all the call edges it can find, rather than the path visited by the input.
  3.  Finally, I searched for examples that use Heros (since the wiki example does not include code to work with the IFDS solution) but did not have much luck. Any pointers to such examples will be much appreciated.
Thanks,
Fogo


On Tue, Feb 2, 2021 at 11:26 AM Eric Ortega <eortega at pjrcorp.com<mailto:eortega at pjrcorp.com>> wrote:
Hi Fogo,

Yes, I meant the rest of the classes in the .jar.

It sounds like Dr. Bodden was driving to a better point, in that there likely needs to be some sort of hook into the library.  If you didn’t want to create a sample app with a driver, you might have success programmatically setting a method that you’re curious about as an entrypoint through the soot API.  You can likely just use setEntryPoint() as you’ve already done.  It takes a list anyway so just pick some other methods in your libraries and tack them onto your main.

Regards,
Eric Ortega

From: Fogo Tunde-Onadele <oatundeo at ncsu.edu<mailto:oatundeo at ncsu.edu>>
Date: Tuesday, February 2, 2021 at 5:15 AM
To: Eric Ortega <eortega at pjrcorp.com<mailto:eortega at pjrcorp.com>>
Cc: "soot-list at cs.mcgill.ca<mailto:soot-list at cs.mcgill.ca>" <soot-list at cs.mcgill.ca<mailto:soot-list at cs.mcgill.ca>>
Subject: Re: [Soot-list] Soot not finding class without a main for call graph

Hi Eric.

Thanks, you mean the rest of the classes contained in the jar? I also received a response from Dr. Bodden about having a driver class that instantiates my target class. I'll work on trying these out.

Thank you,
Fogo

On Mon, Feb 1, 2021 at 2:13 PM Eric Ortega <eortega at pjrcorp.com<mailto:eortega at pjrcorp.com>> wrote:
Hi Fogo,

You may want to try running through the rest of your classes and calling Scene.v().loadClass(…) for each one.

Regards,
Eric Ortega

From: Soot-list <soot-list-bounces at CS.McGill.CA<mailto:soot-list-bounces at CS.McGill.CA>> on behalf of Fogo Tunde-Onadele <oatundeo at ncsu.edu<mailto:oatundeo at ncsu.edu>>
Date: Monday, February 1, 2021 at 5:06 AM
To: "soot-list at cs.mcgill.ca<mailto:soot-list at cs.mcgill.ca>" <soot-list at cs.mcgill.ca<mailto:soot-list at cs.mcgill.ca>>
Subject: [Soot-list] Soot not finding class without a main for call graph


Good day,


I have been trying to get Soot working on analyzing the call graph of external libraries/apps. Specifically, I want to get the call graph of a class, ‘DefaultServlet’, within a Tomcat jar file, ‘catalina.jar’. First, I followed tutorials that analyze a simple class/file with a main method. However, the classes I want to analyze don’t typically have main methods. So I found and followed examples that utilize entrypoints but Soot is still unable to find the class. Please, I would appreciate some help. Here is the latest main piece of code I have tried.



```
public class IFDSDataFlowTransformer extends SceneTransformer {

static LinkedList<String> excludeList;
static String mainclass = "DefaultServlet";
static String mainmethod = "doGet"; // "doPut";

public static void main(String[] args) {

// Set Soot's internal classpath
   String javapath = System.getProperty("java.class.path");
   String jredir = System.getProperty("java.home")+"/lib/rt.jar";
   String path = javapath+File.pathSeparator+jredir;
   Options.v().set_soot_classpath(path);

        // Enable whole-program mode
        Options.v().set_whole_program(true);
        Options.v().set_app(true);

        // Call-graph options
        Options.v().setPhaseOption("cg", "safe-newinstance:true");
        Options.v().setPhaseOption("cg.cha","enabled:false");

        // Enable SPARK call-graph construction
        Options.v().setPhaseOption("cg.spark","enabled:true");
        Options.v().setPhaseOption("cg.spark","verbose:true");
        Options.v().setPhaseOption("cg.spark","on-fly-cg:true");

        Options.v().set_allow_phantom_refs(true);

        // Set the main class of the application to be analysed
        Options.v().set_main_class(mainclass);

        // Load the main class
        SootClass c = Scene.v().loadClass(mainclass, SootClass.BODIES);
        c.setApplicationClass();

        // Load the "main" method of the main class and set it as a Soot entry point
//        SootMethod entryPoint = c.getMethodByName("main");
        SootMethod entryPoint = c.getMethodByName(mainmethod);
        List<SootMethod> entryPoints = new ArrayList<SootMethod>();
        entryPoints.add(entryPoint);
        Scene.v().setEntryPoints(entryPoints);

        PackManager.v().getPack("wjtp").add(new Transform("wjtp.herosifds", new IFDSDataFlowTransformer()));

//        soot.Main.main();
        //start working
   PackManager.v().runPacks();
}


```



I am using Soot 3.3.1, Java 1.8 and I have exported my eclipse project in a zip below (project structure in photo). The files, IFDSDataFlowTransformer and TestSootCallGraph, start two separate trials.

Do I have to create a new class with a main that would start a request (e.g. http or curl request) to the Tomcat application? If so, that would require including more Tomcat jars/files in the project. However, I figured that Soot did not need specific inputs or all files in an application to statically analyze code.


Thank you,

Fogo



Error! Filename not specified.


--
Fogo Tunde-Onadele
PhD student
Computer Science
North Carolina State University


--

Fogo Tunde-Onadele
PhD student
Computer Science
North Carolina State University


--

Fogo Tunde-Onadele
PhD student
Computer Science
North Carolina State University
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20210205/1336d5b9/attachment-0001.html>

More information about the Soot-list mailing list