private void runAnalysis(final Set<Unit> targetUnits) { try { Scene.v().getOrMakeFastHierarchy(); InplaceInfoflow infoflow = new InplaceInfoflow(); // InfoflowConfiguration.setAccessPathLength(2); infoflow.setPathBuilderFactory(new DefaultPathBuilderFactory( PathBuilder.ContextSensitive, true)); infoflow.setTaintWrapper(new EasyTaintWrapper(TAINT_WRAPPER_PATH)); infoflow.getConfig().setEnableExceptionTracking(false); infoflow.getConfig().setEnableArraySizeTainting(false); // infoflow.getConfig().setCallgraphAlgorithm(CallgraphAlgorithm.CHA); System.out.println("Running data flow analysis..."); PermissionMethodParser pmp = PermissionMethodParser.fromFile(SOURCES_SINKS_FILE); AccessPathBasedSourceSinkManager srcSinkManager = new AccessPathBasedSourceSinkManager(pmp.getSources(), pmp.getSinks()); infoflow.addResultsAvailableHandler(new FuzzerResultsAvailableHandler(pmp.getSources(), targetUnits)); infoflow.runAnalysis(srcSinkManager); } catch (IOException ex) { throw new RuntimeException("Could not read source/sink file", ex); } }
private void runDataflowAnalysis() { try{ Scene.v().getOrMakeFastHierarchy(); InplaceInfoflow infoflow = new InplaceInfoflow(); infoflow.setPathBuilderFactory(new DefaultPathBuilderFactory( PathBuilder.ContextSensitive, true)); infoflow.setTaintWrapper(new EasyTaintWrapper(TAINT_WRAPPER_PATH)); infoflow.getConfig().setEnableExceptionTracking(false); infoflow.getConfig().setEnableArraySizeTainting(false); // infoflow.getConfig().setCallgraphAlgorithm(CallgraphAlgorithm.CHA); System.out.println("Running data flow analysis..."); PermissionMethodParser pmp = PermissionMethodParser.fromFile(SOURCES_SINKS_FILE); AccessPathBasedSourceSinkManager srcSinkManager = new AccessPathBasedSourceSinkManager(pmp.getSources(), pmp.getSinks()); infoflow.addResultsAvailableHandler(new StringToPrimitiveTypeExtractorDataflowHandler(valuesToFuzz)); infoflow.runAnalysis(srcSinkManager); }catch(Exception ex) { ex.printStackTrace(); } }
private void runDataflowAnalysis() { try{ Scene.v().getOrMakeFastHierarchy(); InplaceInfoflow infoflow = new InplaceInfoflow(); // InfoflowConfiguration.setAccessPathLength(2); infoflow.setPathBuilderFactory(new DefaultPathBuilderFactory( PathBuilder.ContextSensitive, true)); infoflow.setTaintWrapper(new EasyTaintWrapper(TAINT_WRAPPER_PATH)); infoflow.getConfig().setEnableExceptionTracking(false); infoflow.getConfig().setEnableArraySizeTainting(false); // infoflow.getConfig().setCallgraphAlgorithm(CallgraphAlgorithm.CHA); System.out.println("Running data flow analysis..."); PermissionMethodParser pmp = PermissionMethodParser.fromFile(SOURCES_SINKS_FILE); AccessPathBasedSourceSinkManager srcSinkManager = new AccessPathBasedSourceSinkManager(pmp.getSources(), pmp.getSinks()); infoflow.addResultsAvailableHandler(new FileFuzzerResultsAvailableHandler(fileFormatsFromDataflow)); infoflow.runAnalysis(srcSinkManager); }catch(Exception ex) { ex.printStackTrace(); } }
/** * Analyzes the given APK file for data flows * @param fileName The full path and file name of the APK file to analyze * @param enableImplicitFlows True if implicit flows shall be tracked, * otherwise false * @return The data leaks found in the given APK file * @throws IOException Thrown if the given APK file or any other required * file could not be found * @throws XmlPullParserException Thrown if the Android manifest file could * not be read. */ public InfoflowResults analyzeAPKFile(String fileName, boolean enableImplicitFlows) throws IOException, XmlPullParserException { String androidJars = System.getenv("ANDROID_JARS"); if (androidJars == null) androidJars = System.getProperty("ANDROID_JARS"); if (androidJars == null) throw new RuntimeException("Android JAR dir not set"); System.out.println("Loading Android.jar files from " + androidJars); String droidBenchDir = System.getenv("DROIDBENCH"); if (droidBenchDir == null) droidBenchDir = System.getProperty("DROIDBENCH"); if (droidBenchDir == null) throw new RuntimeException("DroidBench dir not set"); System.out.println("Loading DroidBench from " + droidBenchDir); SetupApplication setupApplication = new SetupApplication(androidJars, droidBenchDir + File.separator + fileName); setupApplication.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); setupApplication.calculateSourcesSinksEntrypoints("SourcesAndSinks.txt"); setupApplication.setEnableImplicitFlows(enableImplicitFlows); return setupApplication.runInfoflow(); }
/** * Analyzes the given APK file for data flows with a given xml file * @param apkFileName The full path and file name of the APK file to analyze * @param xmlFileName The full path and file name of the xml file where sources and sinks are defined * @param enableImplicitFlows True if implicit flows shall be tracked, * otherwise false * @return The data leaks found in the given APK file * @throws IOException Thrown if the given APK file or any other required * file could not be found * @throws XmlPullParserException Thrown if the Android manifest file could * not be read. */ public InfoflowResults analyzeAPKFile(String apkFileName, String xmlFileName, boolean enableImplicitFlows, boolean enableStaticFields, boolean flowSensitiveAliasing) throws IOException, XmlPullParserException { String androidJars = System.getenv("ANDROID_JARS"); if (androidJars == null) androidJars = System.getProperty("ANDROID_JARS"); if (androidJars == null) throw new RuntimeException("Android JAR dir not set"); System.out.println("Loading Android.jar files from " + androidJars); SetupApplication setupApplication = new SetupApplication(androidJars, apkFileName); setupApplication.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); setupApplication.calculateSourcesSinksEntrypoints(xmlFileName); setupApplication.setEnableImplicitFlows(enableImplicitFlows); setupApplication.setEnableStaticFieldTracking(enableStaticFields); setupApplication.setFlowSensitiveAliasing(flowSensitiveAliasing); return setupApplication.runInfoflow(); }
/** * Analyzes the given APK file for data flows * @param fileName The full path and file name of the APK file to analyze * @param enableImplicitFlows True if implicit flows shall be tracked, * otherwise false * @param enableStaticFields True if taints in static fields shall be tracked, * otherwise false * @param flowSensitiveAliasing True if a flow-sensitive alias analysis * shall be used, otherwise false * @return The data leaks found in the given APK file * @throws IOException Thrown if the given APK file or any other required * file could not be found * @throws XmlPullParserException Thrown if the Android manifest file could * not be read. */ public InfoflowResults analyzeAPKFile(String fileName, boolean enableImplicitFlows, boolean enableStaticFields, boolean flowSensitiveAliasing) throws IOException, XmlPullParserException { String androidJars = System.getenv("ANDROID_JARS"); if (androidJars == null) androidJars = System.getProperty("ANDROID_JARS"); if (androidJars == null) throw new RuntimeException("Android JAR dir not set"); System.out.println("Loading Android.jar files from " + androidJars); SetupApplication setupApplication = new SetupApplication(androidJars, fileName); setupApplication.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); setupApplication.calculateSourcesSinksEntrypoints("SourcesAndSinks.txt"); setupApplication.setEnableImplicitFlows(enableImplicitFlows); setupApplication.setEnableStaticFieldTracking(enableStaticFields); setupApplication.setFlowSensitiveAliasing(flowSensitiveAliasing); return setupApplication.runInfoflow(); }
/** * Analyzes the given APK file for data flows * @param enableImplicitFlows True if implicit flows shall be tracked, * otherwise false * @return The data leaks found in the given APK file * @throws IOException Thrown if the given APK file or any other required * file could not be found * @throws XmlPullParserException Thrown if the Android manifest file could * not be read. */ private InfoflowResults analyzeAPKFile(boolean enableImplicitFlows) throws IOException, XmlPullParserException { String androidJars = System.getenv("ANDROID_JARS"); if (androidJars == null) androidJars = System.getProperty("ANDROID_JARS"); if (androidJars == null) throw new RuntimeException("Android JAR dir not set"); System.out.println("Loading Android.jar files from " + androidJars); SetupApplication setupApplication = new SetupApplication(androidJars, "insecureBank" + File.separator + "InsecureBank.apk"); setupApplication.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); setupApplication.setEnableImplicitFlows(enableImplicitFlows); setupApplication.setLayoutMatchingMode(LayoutMatchingMode.MatchAll); setupApplication.calculateSourcesSinksEntrypoints("SourcesAndSinks.txt"); return setupApplication.runInfoflow(); }
@Test public void exceptionControlFlowTestNoJDK1() throws IOException { Infoflow infoflow = initInfoflow(); infoflow.setTaintWrapper(new EasyTaintWrapper(new File("EasyTaintWrapperSource.txt"))); infoflow.setSootConfig(new IInfoflowConfig() { @Override public void setSootOptions(Options options) { List<String> excludeList = new ArrayList<String>(); excludeList.add("java."); excludeList.add("javax."); options.set_exclude(excludeList); options.set_prepend_classpath(false); } }); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.ExceptionTestCode: void exceptionControlFlowTest1()>"); infoflow.computeInfoflow(appPath, null, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void callToReturnTest() throws IOException{ // not yet supported Infoflow infoflow = initInfoflow(); infoflow.setInspectSinks(false); infoflow.setEnableImplicitFlows(true); infoflow.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); infoflow.setSootConfig(new IInfoflowConfig() { @Override public void setSootOptions(Options options) { options.set_include(Collections.<String>emptyList()); List<String> excludeList = new ArrayList<String>(); excludeList.add("java."); excludeList.add("javax."); options.set_exclude(excludeList); options.set_prepend_classpath(false); } }); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.ImplicitFlowTestCode: void callToReturnTest()>"); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void implicitFlowTaintWrapperTest() throws IOException{ Infoflow infoflow = initInfoflow(); infoflow.setInspectSinks(false); infoflow.setEnableImplicitFlows(true); infoflow.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); infoflow.setSootConfig(new IInfoflowConfig() { @Override public void setSootOptions(Options options) { options.set_include(Collections.<String>emptyList()); List<String> excludeList = new ArrayList<String>(); excludeList.add("java."); excludeList.add("javax."); options.set_exclude(excludeList); options.set_prepend_classpath(false); } }); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.ImplicitFlowTestCode: void implicitFlowTaintWrapperTest()>"); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void implicitFlowTaintWrapperNegativeTest() throws IOException{ Infoflow infoflow = initInfoflow(); infoflow.setInspectSinks(false); infoflow.setEnableImplicitFlows(true); infoflow.setTaintWrapper(new EasyTaintWrapper(Collections.<String, Set<String>>emptyMap())); infoflow.setSootConfig(new IInfoflowConfig() { @Override public void setSootOptions(Options options) { options.set_include(Collections.<String>emptyList()); List<String> excludeList = new ArrayList<String>(); excludeList.add("java."); excludeList.add("javax."); options.set_exclude(excludeList); options.set_prepend_classpath(false); } }); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.ImplicitFlowTestCode: void implicitFlowTaintWrapperTest()>"); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); negativeCheckInfoflow(infoflow); }
public void setITPW(ITaintPropagationWrapper itpw){ assert(itpw instanceof EasyTaintWrapper); this.itpw = (EasyTaintWrapper) itpw; this.classList = this.itpw.getClassList(); this.excludeList = this.itpw.getExcludeList(); this.killList = this.itpw.getKillList(); this.includeSet = this.itpw.getIncludeList(); this.noRetWrapperList = new HashMap<String, List<String>>(); //temporarily, we add special cases at here ArrayList<String> mapMethods = new ArrayList<String>(); mapMethods.add("put"); this.noRetWrapperList.put("java.util.Map", mapMethods); ArrayList<String> listMethods = new ArrayList<String>(); listMethods.add("add"); this.noRetWrapperList.put("java.util.List", listMethods); ArrayList<String> urlMethods = new ArrayList<String>(); urlMethods.add("<init>"); this.noRetWrapperList.put("java.net.URL", urlMethods); }
@Test(timeout=300000) public void callToReturnTest() throws IOException{ // not yet supported Infoflow infoflow = initInfoflow(); infoflow.setInspectSinks(false); infoflow.setEnableImplicitFlows(true); infoflow.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); infoflow.setSootConfig(new IInfoflowConfig() { @Override public void setSootOptions(Options options) { options.set_include(Collections.<String>emptyList()); List<String> excludeList = new ArrayList<String>(); excludeList.add("java."); excludeList.add("javax."); options.set_exclude(excludeList); options.set_prepend_classpath(false); } }); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.ImplicitFlowTestCode: void callToReturnTest()>"); infoflow.computeInfoflow(path, epoints,sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void implicitFlowTaintWrapperTest() throws IOException{ // not yet supported Infoflow infoflow = initInfoflow(); infoflow.setInspectSinks(false); infoflow.setEnableImplicitFlows(true); infoflow.setTaintWrapper(new EasyTaintWrapper("EasyTaintWrapperSource.txt")); infoflow.setSootConfig(new IInfoflowConfig() { @Override public void setSootOptions(Options options) { options.set_include(Collections.<String>emptyList()); List<String> excludeList = new ArrayList<String>(); excludeList.add("java."); excludeList.add("javax."); options.set_exclude(excludeList); options.set_prepend_classpath(false); } }); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.ImplicitFlowTestCode: void implicitFlowTaintWrapperTest()>"); infoflow.computeInfoflow(path, epoints,sources, sinks); checkInfoflow(infoflow, 1); }
@Test public void exceptionControlWrappedFlowTest1() throws IOException { Infoflow infoflow = initInfoflow(); infoflow.setTaintWrapper(new EasyTaintWrapper(new File("EasyTaintWrapperSource.txt"))); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.ExceptionTestCode: void exceptionControlFlowTest1()>"); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void equalsTest(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.setAlwaysModelEqualsHashCode(true); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void equalsTest()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); negativeCheckInfoflow(infoflow); }
@Test(timeout=300000) public void hashCodeTest(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.setAlwaysModelEqualsHashCode(true); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void hashCodeTest()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); negativeCheckInfoflow(infoflow); }
@Test(timeout=300000) public void equalsTest2(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.setAlwaysModelEqualsHashCode(true); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void equalsTest2()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void hashCodeTest2(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.setAlwaysModelEqualsHashCode(true); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void hashCodeTest2()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void getConstantTest(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.setAggressiveMode(true); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void constantTest1()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void getConstantTest2(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.setAggressiveMode(false); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void constantTest1()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); negativeCheckInfoflow(infoflow); }
@Test(timeout=300000) public void interfaceInheritanceTest(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.addIncludePrefix("soot.jimple.infoflow.test"); wrapper.addMethodForWrapping("soot.jimple.infoflow.test.EasyWrapperTestCode$I1", "java.lang.String getSecret()"); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void interfaceInheritanceTest()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void interfaceInheritanceTest2(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.addIncludePrefix("soot.jimple.infoflow.test"); wrapper.addMethodForWrapping("soot.jimple.infoflow.test.EasyWrapperTestCode$I1", "void taintMe(java.lang.String)"); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void interfaceInheritanceTest2()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void interfaceInheritanceTest3(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.addIncludePrefix("soot.jimple.infoflow.test"); wrapper.addMethodForWrapping("soot.jimple.infoflow.test.EasyWrapperTestCode$I1", "void taintMe(java.lang.String)"); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void interfaceInheritanceTest3()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); checkInfoflow(infoflow, 1); }
@Test(timeout=300000) public void interfaceInheritanceTest4(){ EasyTaintWrapper wrapper = easyWrapper.clone(); wrapper.addIncludePrefix("soot.jimple.infoflow.test"); wrapper.addMethodForWrapping("soot.jimple.infoflow.test.EasyWrapperTestCode$I1", "void taintMe(java.lang.String)"); Infoflow infoflow = initInfoflow(); List<String> epoints = new ArrayList<String>(); epoints.add("<soot.jimple.infoflow.test.EasyWrapperTestCode: void interfaceInheritanceTest4()>"); infoflow.setTaintWrapper(wrapper); infoflow.computeInfoflow(appPath, libPath, epoints, sources, sinks); negativeCheckInfoflow(infoflow); }
public EasyWrapperTests() throws IOException { easyWrapper = new EasyTaintWrapper(new File("EasyTaintWrapperSource.txt")); }
public EasyWrapperListTests() throws IOException { easyWrapper = new EasyTaintWrapper(new File("EasyTaintWrapperSource.txt")); }
public EasyTaintWrapper getITPW(){ return this.itpw; }
