private void prepareAlarmManagerSet(Body body, InvokeStmt setStmt, SootMethodRef reportRef) { Value oldVal = setStmt.getInvokeExpr().getArg(1); Local longLocal = UtilInstrumenter.generateFreshLocal(body, LongType.v()); SootMethod currentTimeMillis = Scene.v().getMethod("<java.lang.System: long currentTimeMillis()>"); StaticInvokeExpr timeInvoke = Jimple.v().newStaticInvokeExpr(currentTimeMillis.makeRef()); AssignStmt timeInitalize = Jimple.v().newAssignStmt(longLocal, timeInvoke); AddExpr addTime = Jimple.v().newAddExpr(longLocal, LongConstant.v(2000L)); AssignStmt timeAssign = Jimple.v().newAssignStmt(longLocal, addTime); body.getUnits().insertBefore(timeInitalize, setStmt); body.getUnits().insertBefore(timeAssign, setStmt); InvokeExpr expr = setStmt.getInvokeExpr(); expr.setArg(0, IntConstant.v(0)); expr.setArg(1, longLocal); // Report the change InvokeStmt reportStmt = Jimple.v().newInvokeStmt(Jimple.v().newStaticInvokeExpr( reportRef, oldVal, longLocal)); reportStmt.addTag(new InstrumentedCodeTag()); body.getUnits().insertAfter(reportStmt, setStmt); }
private boolean isStringOperationSupportedBySMT(InvokeExpr invokeExpr) { String methodSignature = invokeExpr.getMethod().getSignature(); if(methodSignature.equals("<java.lang.String: java.lang.String substring(int,int)>") || methodSignature.equals("<java.lang.String: java.lang.String substring(int)>") || methodSignature.equals("<java.lang.String: boolean equals(java.lang.Object)>") || methodSignature.equals("<java.lang.String: boolean equalsIgnoreCase(java.lang.String)>") || methodSignature.equals("<java.lang.String: int indexOf(java.lang.String)>") || methodSignature.equals("<java.lang.String: int indexOf(int,int)>") || methodSignature.equals("<java.lang.String: boolean startsWith(java.lang.String)>") || methodSignature.equals("<java.lang.String: boolean matches(java.lang.String)>") || methodSignature.equals("<java.lang.String: java.lang.String replaceAll(java.lang.String,java.lang.String)>") || methodSignature.equals("<java.lang.String: boolean contains(java.lang.CharSequence)>") || methodSignature.equals("<java.lang.String: java.lang.String[] split(java.lang.String)>") || methodSignature.equals("<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>") ) return true; return false; }
public boolean isExpressionThatNeedsToBeConvertedToSMT(InvokeExpr invokeExpr) { String methodSignature = invokeExpr.getMethod().getSignature(); if(methodSignature.equals("<java.lang.Integer: int parseInt(java.lang.String)>") || methodSignature.equals("<org.apache.http.client.methods.HttpGet: void <init>(java.lang.String)>") || methodSignature.equals("<java.net.URL: void <init>(java.lang.String)>") || methodSignature.equals("<android.telephony.SmsManager: void sendTextMessage(java.lang.String,java.lang.String,java.lang.String,android.app.PendingIntent,android.app.PendingIntent)>") || methodSignature.equals("<android.telephony.gsm.SmsManager: void sendTextMessage(java.lang.String,java.lang.String,java.lang.String,android.app.PendingIntent,android.app.PendingIntent)>") || methodSignature.equals("<android.telephony.SmsMessage: java.lang.String getDisplayOriginatingAddress()>") || methodSignature.equals("<java.util.Map: java.lang.Object put(java.lang.Object,java.lang.Object)>") || methodSignature.equals("<java.util.Map: java.lang.Object get(java.lang.Object)>") || methodSignature.equals("<android.telephony.TelephonyManager: java.lang.String getNetworkOperator()>") || methodSignature.equals("<android.telephony.TelephonyManager: java.lang.String getSimOperator()>") ) return true; return false; }
private String fixSMTSolverIntegerOutput(String loggingPoint, Stmt stmt) { if(stmt.containsInvokeExpr()) { InvokeExpr inv = stmt.getInvokeExpr(); String metSig = inv.getMethod().getSignature(); if(metSig.equals("<android.telephony.TelephonyManager: java.lang.String getSimOperator()>") || metSig.equals("<android.telephony.TelephonyManager: java.lang.String getNetworkOperator()>") ) { String newLoggingPoint = ""; for(char c : loggingPoint.toCharArray()) { if(c < '0' || c > '9') { Random rand = new Random(); int num = rand.nextInt(10); newLoggingPoint += num; } else newLoggingPoint += c; } return newLoggingPoint; } } return loggingPoint; }
private boolean isSemanticallyCorrect(String loggingPoint, Stmt stmt) { if(loggingPoint == null) return false; if(stmt.containsInvokeExpr()) { InvokeExpr inv = stmt.getInvokeExpr(); String metSig = inv.getMethod().getSignature(); if(metSig.equals("<android.telephony.TelephonyManager: java.lang.String getSimOperator()>") || metSig.equals("<android.telephony.TelephonyManager: java.lang.String getNetworkOperator()>") ) { for(char c : loggingPoint.toCharArray()) { if(c < '0' || c > '9') return false; } } } return true; }
private AnalysisDecision getFileFormatFromDataflow(int codePosID ) { Unit unit = codePositionManager.getUnitForCodePosition(codePosID); if(unit instanceof Stmt) { Stmt stmt = (Stmt)unit; if(stmt.containsInvokeExpr()) { InvokeExpr inv = stmt.getInvokeExpr(); SootMethod sm = inv.getMethod(); Pair<Integer, Object> paramValue = retrieveCorrectFileInformation(sm); ServerResponse response = new ServerResponse(); response.setAnalysisName(getAnalysisName()); response.setResponseExist(true); response.setParamValues(Collections.singleton(paramValue)); AnalysisDecision finalDecision = new AnalysisDecision(); finalDecision.setAnalysisName(getAnalysisName()); finalDecision.setDecisionWeight(8); finalDecision.setServerResponse(response); return finalDecision; } else return noResults(); } else { return noResults(); } }
private static void getUnitInBetween(UnitGraph ug, List<Unit>inBetween, Unit u) { for (Unit succ: ug.getSuccsOf(u)) { Stmt s = (Stmt)succ; if (inBetween.contains(succ)) { continue; } if (s.containsInvokeExpr()) { InvokeExpr ie = s.getInvokeExpr(); if (ie.getMethodRef().name().contains("restoreCallingIdentity")) { return; } } inBetween.add(succ); getUnitInBetween(ug, inBetween, succ); } }
private SootMethod hasGetInstanceMethod(SootClass sc) { String cname = sc.getName(); if (!(cname.startsWith("android") || cname.startsWith("com.android"))) return null; for (SootMethod sm: sc.getMethods()) { if (sm.isConcrete() && sm.getName().equals(("getInstance"))) { Body b = sm.retrieveActiveBody(); for (Unit u: b.getUnits()){ Stmt s = (Stmt)u; if (s.containsInvokeExpr()) { InvokeExpr ie = (InvokeExpr)s.getInvokeExpr(); String name = ie.getMethodRef().name(); if (name.equals("getService")) return sm; if (name.equals("getSystemService")) return sm; } } } } return null; }
private String getNameFromGetInstance(SootMethod sm) { Body b = sm.retrieveActiveBody(); for (Unit u: b.getUnits()){ Stmt s = (Stmt)u; if (s.containsInvokeExpr()) { InvokeExpr ie = (InvokeExpr)s.getInvokeExpr(); String name = ie.getMethodRef().name(); if (name.equals("getService")|| name.equals("getSystemService")) { List<Value> args = ie.getArgs(); int size = args.size(); Value v = args.get(size-1); if (v instanceof StringConstant) { StringConstant c = (StringConstant)v; return c.value; } else { throw new RuntimeException("error: expected constant string: "+ b); } } } } throw new RuntimeException("error: nothing found, expected constant string: "+ b); }
/** * To get a service (not to be confused with getSystemService) * @param b * @return */ public List<Unit> hasCallToGetSystem(Body b) { List<Unit> calls = new ArrayList<Unit>(); for (Unit u: b.getUnits()) { Stmt s = (Stmt)u; if (s.containsInvokeExpr()) { try { InvokeExpr ie = s.getInvokeExpr(); String mName = ie.getMethodRef().name(); //System.out.println("m : "+ ie.getMethodRef()); //System.out.println("mName: "+ mName); if (mName.equals("getService") && ie.getArgs().size() > 0) { calls.add(u); } } catch (Throwable t) { continue; } } } return calls; }
/** * To get a manager (not to be confused with getSystem) * * @param b * @return */ public List<Unit> hasCallToSystemServices(Body b) { List<Unit> calls = new ArrayList<Unit>(); for (Unit u : b.getUnits()) { Stmt s = (Stmt) u; if (s.containsInvokeExpr()) { try { InvokeExpr ie = s.getInvokeExpr(); String mName = ie.getMethodRef().name(); // System.out.println("m : "+ ie.getMethodRef()); // System.out.println("mName: "+ mName); if (mName.equals("getSystemService")) { calls.add(u); } } catch (Throwable t) { continue; } } } return calls; }
/** * To get a service (not to be confused with getSystemService) * * @param b * @return */ public List<Unit> hasCallToService(Body b) { List<Unit> calls = new ArrayList<Unit>(); for (Unit u : b.getUnits()) { Stmt s = (Stmt) u; if (s.containsInvokeExpr()) { try { InvokeExpr ie = s.getInvokeExpr(); String mName = ie.getMethodRef().name(); String cName = ie.getMethodRef().declaringClass().getName(); // System.out.println("m : "+ ie.getMethodRef()); // System.out.println("mName: "+ mName); if (mName.equals("getService") && cName.equals("android.os.ServiceManager")) { calls.add(u); } } catch (Throwable t) { continue; } } } return calls; }
@Override protected Set<Task> createTasksForCall(Unit call, Set<SootMethod> chaTargets) { Set<Task> tasksForCall = new HashSet<Task>(); Set<SootMethod> targets = new HashSet<SootMethod>(); // SootMethod caller = icfg.getMethodOf(call); SootMethod caller = projectInformation.startPoint(); InvokeExpr callExpr = ((Stmt) call).getInvokeExpr(); if (callExpr.getMethod().isNative()) return tasksForCall; for (SootMethod potentialTarget : chaTargets) { // If not in same package if (!inSamePackage(potentialTarget.getDeclaringClass(), caller.getDeclaringClass()) && inProject(potentialTarget.getDeclaringClass().getName())) targets.add(potentialTarget); } // check for polymorphism if (!targets.isEmpty() && targets.size() > 1) { Task newTask = new Task(Layer.PROJECT_POLYMORPHIC, caller, call, new HashSet<FlowAbstraction>(), targets); tasksForCall.add(newTask); } return tasksForCall; }
@Override protected Set<Task> createTasksForCall(Unit call, Set<SootMethod> chaTargets) { Set<Task> tasksForCall = new HashSet<Task>(); InvokeExpr callExpr = ((Stmt) call).getInvokeExpr(); if (callExpr.getMethod().isNative()) return tasksForCall; // SootMethod caller = icfg.getMethodOf(call); SootMethod caller = projectInformation.startPoint(); for (SootMethod potentialTarget : chaTargets) { // if same class if (caller.getDeclaringClass() == potentialTarget.getDeclaringClass()) { Set<SootMethod> targets = new HashSet<SootMethod>(); targets.add(potentialTarget); Task newTask = new Task(Layer.CLASS, caller, call, new HashSet<FlowAbstraction>(), targets); tasksForCall.add(newTask); } } return tasksForCall; }
/** * Checks whether this invocation calls Android's Activity.setContentView * method * * @param inv * The invocaton to check * @return True if this invocation calls setContentView, otherwise false */ private boolean invokesSetContentView(InvokeExpr inv) { String methodName = SootMethodRepresentationParser.v() .getMethodNameFromSubSignature(inv.getMethodRef().getSubSignature().getString()); if (!methodName.equals("setContentView")) return false; // In some cases, the bytecode points the invocation to the current // class even though it does not implement setContentView, instead // of using the superclass signature SootClass curClass = inv.getMethod().getDeclaringClass(); while (curClass != null) { if (curClass.getName().equals("android.app.Activity") || curClass.getName().equals("android.support.v7.app.ActionBarActivity")) return true; if (curClass.declaresMethod("void setContentView(int)")) return false; curClass = curClass.hasSuperclass() ? curClass.getSuperclass() : null; } return false; }
private Map<Unit, Body> getStmtsWithConstants() { Map<Unit, Body> retMap = new LinkedHashMap<Unit, Body>(); for (SootClass sc : Scene.v().getClasses()) { for (SootMethod sm : sc.getMethods()) { if (!sm.hasActiveBody()) continue; Body methodBody = sm.retrieveActiveBody(); for (Unit u : methodBody.getUnits()) { if (u instanceof ReturnStmt) { if (((ReturnStmt) u).getOp() instanceof Constant) { retMap.put(u, methodBody); } } else if (((Stmt) u).containsInvokeExpr()) { InvokeExpr ie = ((Stmt) u).getInvokeExpr(); for (Value arg : ie.getArgs()) { if (arg instanceof StringConstant || arg instanceof NumericConstant) { retMap.put(u, methodBody); break; } } } } } } return retMap; }
/** * Checks whether there is an information flow between the two * given methods (specified by their respective Soot signatures). * @param sinkSignature The sink to which there may be a path * @param sourceSignature The source from which there may be a path * @return True if there is a path between the given source and sink, false * otherwise */ public boolean isPathBetweenMethods(String sinkSignature, String sourceSignature) { List<ResultSinkInfo> sinkVals = findSinkByMethodSignature(sinkSignature); for (ResultSinkInfo si : sinkVals) { Set<ResultSourceInfo> sources = this.results.get(si); if (sources == null) return false; for (ResultSourceInfo src : sources) if (src.getSource().containsInvokeExpr()) { InvokeExpr expr = src.getSource().getInvokeExpr(); if (expr.getMethod().getSignature().equals(sourceSignature)) return true; } } return false; }
/** * @param args */ public static void main(String[] args) { PackManager.v().getPack("jtp").add(new Transform("jtp.fixedie", new BodyTransformer() { @Override protected void internalTransform(Body b, String phaseName, Map<String, String> options) { for(Unit u: b.getUnits()) { Stmt s = (Stmt) u; if(s.containsInvokeExpr()) { InvokeExpr ie = s.getInvokeExpr(); if(FixedMethods.isFixed(ie)) { System.err.println("+++ "+ie); yes++; } else { System.err.println(" - "+ie); no++; } } } } })); soot.Main.main(args); System.err.println("+++ "+yes); System.err.println(" - "+no); }
public static int getOutWordCount(Collection<Unit> units) { int outWords = 0; for (Unit u : units) { Stmt stmt = (Stmt) u; if (stmt.containsInvokeExpr()) { int wordsForParameters = 0; InvokeExpr invocation = stmt.getInvokeExpr(); List<Value> args = invocation.getArgs(); for (Value arg : args) { wordsForParameters += getDexWords(arg.getType()); } if (!invocation.getMethod().isStatic()) { wordsForParameters++; // extra word for "this" } if (wordsForParameters > outWords) { outWords = wordsForParameters; } } } return outWords; }
private void javafy_expr(ValueBox vb) { Expr e = (Expr) vb.getValue(); if (e instanceof BinopExpr) javafy_binop_expr(vb); else if (e instanceof UnopExpr) javafy_unop_expr(vb); else if (e instanceof CastExpr) javafy_cast_expr(vb); else if (e instanceof NewArrayExpr) javafy_newarray_expr(vb); else if (e instanceof NewMultiArrayExpr) javafy_newmultiarray_expr(vb); else if (e instanceof InstanceOfExpr) javafy_instanceof_expr(vb); else if (e instanceof InvokeExpr) javafy_invoke_expr(vb); else if (e instanceof NewExpr) javafy_new_expr(vb); }
@Override public Set<Object> computeArgumentValues(Argument argument, Unit callSite) { ArgumentValueAnalysis stringAnalysis = ArgumentValueManager.v().getArgumentValueAnalysis( Constants.DefaultArgumentTypes.Scalar.STRING); Stmt stmt = (Stmt) callSite; if (!stmt.containsInvokeExpr()) { throw new RuntimeException("Statement " + stmt + " does not contain an invoke expression"); } InvokeExpr invokeExpr = stmt.getInvokeExpr(); Set<Object> hosts = stringAnalysis.computeVariableValues(invokeExpr.getArg(argument.getArgnum()[0]), stmt); Set<Object> ports = stringAnalysis.computeVariableValues(invokeExpr.getArg(argument.getArgnum()[1]), stmt); Set<Object> result = new HashSet<>(); for (Object host : hosts) { for (Object port : ports) { result.add(new DataAuthority((String) host, (String) port)); } } return result; }
@Override public boolean tryApply(SootStmtSwitch ss, Value lhs, InvokeExpr ivk) { SootMethod sm = ivk.getMethod(); if (this.methodSignature.equals(sm.getSignature()) && this.guardPosition<ivk.getArgCount()) { ivk.getArg(this.guardPosition).apply(ss.getValueSwitch()); ProgramFactory pf = GlobalsCache.v().getPf(); Expression guard = TranslationHelpers.castBoogieTypes( ss.getValueSwitch().getExpression(), pf.getBoolType()); if (this.guardNegated) { guard = pf.mkUnaryExpression(BoogieType.boolType, UnaryOperator.LOGICNEG, guard); } Attribute[] attributes = TranslationHelpers.javaLocation2Attribute(ss.getCurrentStatement()); ss.addStatement(pf.mkAssertStatement(attributes, guard)); return true; } return false; }
@Override public boolean tryApply(SootStmtSwitch ss, Value lhs, InvokeExpr ivk) { SootMethod sm = ivk.getMethod(); if (this.methodSignature.equals(sm.getSignature()) && Math.max(lpos, rpos)<ivk.getArgCount()) { ivk.getArg(this.lpos).apply(ss.getValueSwitch()); Expression left = ss.getValueSwitch().getExpression(); ivk.getArg(this.rpos).apply(ss.getValueSwitch()); Expression right = ss.getValueSwitch().getExpression(); ProgramFactory pf = GlobalsCache.v().getPf(); Expression guard = pf.mkBinaryExpression(BoogieType.boolType, bop, left, right); if (this.guardNegated) { guard = pf.mkUnaryExpression(BoogieType.boolType, UnaryOperator.LOGICNEG, guard); } Attribute[] attributes = TranslationHelpers.javaLocation2Attribute(ss.getCurrentStatement()); ss.addStatement(pf.mkAssertStatement(attributes, guard)); return true; } return false; }
/** * Determines if an instance field should be propagated through a method call. This method only * checks propagation rule for the field base. It does not check if the field points to an * argument, which should be done outside this method. * * @param instanceFieldRef An instance field reference. * @param invokeExpr An invoke expression for the called method. * @return True if the field should be propagated. */ public static boolean shouldPropagateInstanceField(InstanceFieldRef instanceFieldRef, InvokeExpr invokeExpr) { Value fieldBase = instanceFieldRef.getBase(); List<Value> argList = invokeExpr.getArgs(); // A field reference should be propagated if the base of the field points to a method argument. for (int i = 0; i < argList.size(); ++i) { if (sourcePointsToArgument(fieldBase, argList.get(i))) { return true; } } // A field reference should be propagated if the base of the field points to the base of the // method call for an instance call. if (invokeExpr instanceof InstanceInvokeExpr) { Value invokeExprBase = ((InstanceInvokeExpr) invokeExpr).getBase(); if (sourcePointsToArgument(fieldBase, invokeExprBase)) { return true; } } return false; }
/** * Returns the arguments for a potential COAL query. * * @param stmt A program statement. * @return An array of arguments if the statement is for a COAL query, null otherwise. */ public Argument[] getArgumentsForQuery(Stmt stmt) { if (stmt.containsInvokeExpr()) { InvokeExpr invokeExpr = stmt.getInvokeExpr(); SootMethod method = invokeExpr.getMethod(); if (AnalysisParameters.v().isAnalysisClass(method.getDeclaringClass().getName()) && method.isConcrete() && method.hasActiveBody()) { MethodDescription description = queryToMethodDescriptionMap.get(method.getSignature()); if (description == null) { return null; } else { return description.getArguments(); } } return getArgumentsFromMethodDescription(queryToMethodDescriptionMap, invokeExpr); } return null; }
/** * Registers default method return value analyses. */ public void registerDefaultMethodReturnValueAnalyses() { registerMethodReturnValueAnalysis("java.lang.String getName()", new MethodReturnValueAnalysis() { @Override public Set<Object> computeMethodReturnValues(Call call) { InvokeExpr invokeExpr = call.stmt.getInvokeExpr(); if (invokeExpr instanceof InstanceInvokeExpr) { InstanceInvokeExpr instanceInvokeExpr = (InstanceInvokeExpr) invokeExpr; if (invokeExpr.getMethod().getDeclaringClass().getName().equals("java.lang.Class")) { return ArgumentValueManager.v() .getArgumentValueAnalysis(Constants.DefaultArgumentTypes.Scalar.CLASS) .computeVariableValues(instanceInvokeExpr.getBase(), call.stmt); } } return null; } }); }
/** * Returns the possible return values for a given method call. * * @param call A method call. * @return The possible return values for the method call. */ public Set<Object> getMethodReturnValues(Call call) { Stmt stmt = call.stmt; if (!stmt.containsInvokeExpr()) { throw new RuntimeException("Statement does not contain invoke expression: " + stmt); } InvokeExpr invokeExpr = stmt.getInvokeExpr(); // First consider the registered method return value analyses. MethodReturnValueAnalysis analysis = methodReturnValueAnalysisMap.get(invokeExpr.getMethod().getSubSignature()); if (analysis != null) { return analysis.computeMethodReturnValues(call); } else if (Model.v().getArgumentsForSource(invokeExpr) != null) { // Then consider the declared COAL sources. return sourceMethodReturnValueAnalysis.computeMethodReturnValues(call); } return null; }
public void instrumentDummyMainMethod(SootMethod mainMethod) { Body body = mainMethod.getActiveBody(); PatchingChain<Unit> units = body.getUnits(); for (Iterator<Unit> iter = units.snapshotIterator(); iter.hasNext(); ) { Stmt stmt = (Stmt) iter.next(); if (stmt instanceof IdentityStmt) { continue; } //For the purpose of confusion dex optimization (because of the strategy of generating dummyMain method) AssignStmt aStmt = (AssignStmt) stmt; SootMethod fuzzyMe = generateFuzzyMethod(mainMethod.getDeclaringClass()); InvokeExpr invokeExpr = Jimple.v().newVirtualInvokeExpr(body.getThisLocal(), fuzzyMe.makeRef()); Unit assignU = Jimple.v().newAssignStmt(aStmt.getLeftOp(), invokeExpr); units.insertAfter(assignU, aStmt); break; } }
public void fill() { DomI domI = (DomI) doms[0]; DomM domM = (DomM) doms[1]; int numI = domI.size(); for (int iIdx = 0; iIdx < numI; iIdx++) { Unit i = (Unit) domI.get(iIdx); if(SootUtilities.isInvoke(i)){ InvokeExpr ie = SootUtilities.getInvokeExpr(i); if(ie instanceof SpecialInvokeExpr){ SootMethod m = ie.getMethod(); m = StubRewrite.maybeReplaceCallDest(SootUtilities.getMethod(i), m); int mIdx = domM.indexOf(m); if (mIdx >= 0) add(iIdx, mIdx); else if (Config.verbose >= 2) Messages.log(NOT_FOUND, m, SootUtilities.toLocStr(i)); } } } }
public void fill() { DomI domI = (DomI) doms[0]; DomM domM = (DomM) doms[1]; int numI = domI.size(); for (int iIdx = 0; iIdx < numI; iIdx++) { Unit i = (Unit) domI.get(iIdx); if(SootUtilities.isInvoke(i)){ InvokeExpr ie = SootUtilities.getInvokeExpr(i); if(ie instanceof StaticInvokeExpr){ SootMethod m = ie.getMethod(); if(m.isStatic()){ m = StubRewrite.maybeReplaceCallDest(SootUtilities.getMethod(i), m); int mIdx = domM.indexOf(m); if (mIdx >= 0) add(iIdx, mIdx); else if (Config.verbose >= 2) Messages.log(NOT_FOUND, m, SootUtilities.toLocStr(i)); } } } } }
@Override public String toFIString(Unit u) { StringBuilder sb = new StringBuilder(); boolean printId = Utils.buildBoolProperty("petablox.printrel.printID", false); if (printId) sb.append("(" + indexOf(u) + ")"); InvokeExpr ie = SootUtilities.getInvokeExpr(u); if (ie instanceof DynamicInvokeExpr) { return ""; } if (SootUtilities.isInterfaceInvoke(u)) sb.append("INTERFACEINVK:"); else if (SootUtilities.isVirtualInvoke(u)) sb.append("VIRTUALINVK:"); else if (SootUtilities.isStaticInvoke(u)) sb.append("STATICINVK:"); else if (SootUtilities.isInstanceInvoke(u)) sb.append("SPECINVK:"); SootMethod m = SootUtilities.getInvokeExpr(u).getMethod(); sb.append(m.getName() + "@" + m.getDeclaringClass().getName() + "@" + SootUtilities.toJavaLocStr(u)); return sb.toString(); }
public void fill() { DomI domI = (DomI) doms[0]; DomM domM = (DomM) doms[1]; int numI = domI.size(); for (int iIdx = 0; iIdx < numI; iIdx++) { Unit i = (Unit)domI.get(iIdx); if(i instanceof Stmt){ Stmt s = (Stmt)i; if(s.containsInvokeExpr()){ InvokeExpr ie = s.getInvokeExpr(); if(ie instanceof JVirtualInvokeExpr || ie instanceof JInterfaceInvokeExpr){ SootMethod m = s.getInvokeExpr().getMethod(); int mIdx = domM.indexOf(m); if (mIdx >= 0) add(iIdx, mIdx); else if (Config.verbose >= 2) Messages.log(NOT_FOUND, m, SootUtilities.toLocStr(i)); } } } } }
@Override public void fill() { DomI domI = (DomI) doms[0]; int numI = domI.size(); for (int i = 0; i < numI; i++) { Unit q = domI.get(i); if(SootUtilities.isInvoke(q)) { InvokeExpr ie = SootUtilities.getInvokeExpr(q); if(ie instanceof DynamicInvokeExpr) continue; SootMethod m = ie.getMethod(); if (m.getDeclaringClass().getName().equals("java.lang.Thread") && m.getName().toString().equals("<init>")) { add(i); } } } }
@Override public void fill() { DomI domI = (DomI) doms[0]; int numI = domI.size(); for (int i = 0; i < numI; i++) { Unit q = domI.get(i); if(SootUtilities.isInvoke(q)) { InvokeExpr ie = SootUtilities.getInvokeExpr(q); if(ie instanceof DynamicInvokeExpr) continue; SootMethod m = ie.getMethod(); if (m.getName().toString().equals("start") && //m.getDesc().toString().equals("()V") && m.getParameterCount() == 0 && (m.getReturnType() instanceof VoidType) && m.getDeclaringClass().getName().equals("java.lang.Thread")) { add(i); } } } }
/** * Checks whether there is an information flow between the two * given methods (specified by their respective Soot signatures). * @param sinkSignature The sink to which there may be a path * @param sourceSignature The source from which there may be a path * @return True if there is a path between the given source and sink, false * otherwise */ public boolean isPathBetweenMethods(String sinkSignature, String sourceSignature) { List<SinkInfo> sinkVals = findSinkByMethodSignature(sinkSignature); for (SinkInfo si : sinkVals) { Set<SourceInfo> sources = this.results.get(si); if (sources == null) return false; for (SourceInfo src : sources) if (src.source instanceof InvokeExpr) { InvokeExpr expr = (InvokeExpr) src.source; if (expr.getMethod().getSignature().equals(sourceSignature)) return true; } } return false; }
