public void add(AssignStmt newStmt) { //get lhs of s Value lhs = newStmt.getLeftOp(); removeLhsDepndencies(lhs); //remove lhsOld values from the map of the disjoint values boolean toAdd = true; //check whether newStmt is of the form i0 = i0 + 1 for(Object box : newStmt.getRightOp().getUseBoxes()){ if(((ImmediateBox)box).getValue().equals(lhs)){ toAdd = false; break; } } if(toAdd){ //adding newStmt to the list of reachedStmt reachedStmt.add(newStmt); //for an assignment stmt it's always rhs List<ValueBox> used = newStmt.getRightOp().getUseBoxes(); addUsedVars(used, newStmt); } }
public void inASTStatementSequenceNode(ASTStatementSequenceNode node){ List<Object> stmts = node.getStatements(); Iterator<Object> stmtIt = stmts.iterator(); while(stmtIt.hasNext()){ AugmentedStmt as = (AugmentedStmt)stmtIt.next(); Stmt s = as.get_Stmt(); if(! (s instanceof DefinitionStmt)) continue; DefinitionStmt ds = (DefinitionStmt)s; ValueBox rightBox = ds.getRightOpBox(); Value right = rightBox.getValue(); /* * Going to match int i = (int) z where z is a boolean * or int i= z i.e. without the cast */ //right type should contain the expected type on the left //in the case of the cast this is the cast type else just get the left type Type rightType=null; ValueBox OpBox = null; if(right instanceof CastExpr){ rightType = ((CastExpr)right).getCastType(); OpBox = ((CastExpr)right).getOpBox(); } else{ rightType = ds.getLeftOp().getType(); OpBox = rightBox; } if(! (rightType instanceof IntType )){ continue; } Value Op = OpBox.getValue(); if(! (Op.getType() instanceof BooleanType)){ continue; } //ready for the switch ImmediateBox trueBox = new ImmediateBox(IntConstant.v(1)); ImmediateBox falseBox = new ImmediateBox(IntConstant.v(0)); DShortcutIf shortcut = new DShortcutIf(OpBox,trueBox,falseBox); if(DEBUG) System.out.println("created: "+shortcut); rightBox.setValue(shortcut); } }
/** * Setter in bundle **/ private boolean look4BundleSetter(Body body, Stmt stmt) { boolean result = false; Chain<Unit> units = body.getUnits(); InvokeExpr ie = stmt.getInvokeExpr(); if (ie.getUseBoxes().size() < 2) return result; ImmediateBox bundleLoc = (ImmediateBox) ie.getUseBoxes().get(1); Value putStringArg = bundleLoc.getValue(); JimpleLocalBox bundleObj = (JimpleLocalBox) ie.getUseBoxes().get(0); ArrayList<String> bundleKeyList = readKeysFromTag(stmt, putStringArg); if (bundleKeyList.size() == 0) return result; if (ie.getMethod().getParameterCount() < 2) { System.out.println("WARN:Could not analyze: " + stmt); return result; } Type keyType = getInstrumentType(ie.getMethod().getParameterType(1)); for (String bundleKey : bundleKeyList) { //need to add getter/setter of bundlekey to Bundle.class! //modify bundle key. key_type, for primitive. if (!keyType.toString().equals("java.lang.Object")) bundleKey = bundleKey + "_" +keyType.toString(); instrumentBundle(bundleKey, keyType); SootMethod toCall = Scene.v().getMethod( "<" + this.bundleClass + ": void put_" + bundleKey + "("+keyType.toString()+")>"); // System.out.println("tocall = " + toCall ); InvokeStmt invokeSetter = Jimple.v().newInvokeStmt( Jimple.v().newVirtualInvokeExpr( (Local) bundleObj.getValue(), toCall.makeRef(), ie.getArg(1))); units.insertAfter(invokeSetter, stmt); // writeUnknownToBundle(body, stmt, (Local)bundleObj.getValue(), (Local)ie.getArg(1)); } if (bundleKeyList.size() > 0) { units.remove(stmt); result = true; } return result; }
/** * Setter in intent **/ private boolean look4IntentSetter(Body body, Stmt stmt) { boolean result = false; Chain<Unit> units = body.getUnits(); InvokeExpr ie = stmt.getInvokeExpr(); if (ie.getUseBoxes().size() < 2) return result; ImmediateBox bundleLoc = (ImmediateBox) ie.getUseBoxes().get(1); Value putStringArg = bundleLoc.getValue(); JimpleLocalBox intentObj = (JimpleLocalBox) ie.getUseBoxes().get(0); ArrayList<String> bundleKeyList = readKeysFromTag(stmt, putStringArg); if (bundleKeyList.size() == 0) return result; //FIXME:Can not handler putExtra(bundle) or putExtra(intent)! if (ie.getMethod().getParameterCount() < 2) { System.out.println("WARN:Could not analyze: " + stmt); return result; } Type keyType = getInstrumentType(ie.getMethod().getParameterType(1)); SootClass iKlass = Scene.v().getSootClass(intentClass); SootField extrasField = iKlass.getFieldByName("extras"); Local extrasLocal = Jimple.v().newLocal("r_Extras", extrasField.getType()); body.getLocals().add(extrasLocal); AssignStmt assign2Extras = soot.jimple.Jimple.v().newAssignStmt( extrasLocal, Jimple.v().newStaticFieldRef(extrasField.makeRef())); units.insertBefore(assign2Extras, stmt); for (String bundleKey : bundleKeyList) { //modify bundle key. key_type, for primitive. if (!keyType.toString().equals("java.lang.Object")) bundleKey = bundleKey + "_" +keyType.toString(); //need to add getter/setter of bundlekey to Bundle.class! instrumentBundle(bundleKey, keyType); //invoke extra.put_deviceId() SootMethod putExtrasCall = Scene.v().getMethod( "<" + this.bundleClass + ": void put_" + bundleKey + "("+keyType.toString()+")>"); InvokeStmt putExtraStmt = Jimple.v().newInvokeStmt( Jimple.v().newVirtualInvokeExpr( extrasLocal, putExtrasCall.makeRef(), ie.getArg(1))); units.insertAfter(putExtraStmt, stmt); //write value to unknown field. // writeUnknownToBundle(body, stmt, extrasLocal, (Local)ie.getArg(1)); } //Remove this will reduce the false alarm like deviceId=>intent, but potentially buggy, //e.g, what if I assign current expr to an new intent object? if (bundleKeyList.size() > 0) { units.remove(stmt); result = true; } return result; }
/** * Getter in bundle **/ private boolean look4BundleGetter(Body body, Stmt stmt) { boolean result = false; Chain<Unit> units = body.getUnits(); InvokeExpr ie = stmt.getInvokeExpr(); if (ie.getUseBoxes().size() < 2) return result; ImmediateBox bundleLoc = (ImmediateBox) ie.getUseBoxes().get(1); Value putStringArg = bundleLoc.getValue(); ArrayList<String> bundleKeyList = readKeysFromTag(stmt, putStringArg); if (bundleKeyList.size() == 0) return result; JimpleLocalBox bundleObj = (JimpleLocalBox) ie.getUseBoxes().get(0); Type keyType = getInstrumentType(ie.getMethod().getReturnType()); for (String bundleKey : bundleKeyList) { //modify bundle key. key_type, for primitive. if (!keyType.toString().equals("java.lang.Object")) bundleKey = bundleKey + "_" +keyType.toString(); instrumentBundle(bundleKey, keyType); // invoke SootMethod toCall = Scene.v().getMethod( "<" + this.bundleClass + ": "+keyType.toString()+" get_" + bundleKey + "()>"); VirtualInvokeExpr invoke = Jimple.v().newVirtualInvokeExpr( (Local) bundleObj.getValue(), toCall.makeRef(), Arrays.asList(new Value[] {})); //FIXME: what if we have multiple defboxes? if (stmt.getDefBoxes().size() > 0) { VariableBox orgCallSite = (VariableBox)stmt.getDefBoxes().get(0); AssignStmt invokeAssign = Jimple.v().newAssignStmt(orgCallSite.getValue(), invoke); units.insertAfter(invokeAssign, stmt); } else { units.insertAfter(Jimple.v().newInvokeStmt(invoke), stmt); } } if (bundleKeyList.size() > 0) { units.remove(stmt); result = true; } return result; }
/** * Getter in intent **/ private boolean look4IntentGetter(Body body, Stmt stmt) { boolean result = false; Chain<Unit> units = body.getUnits(); InvokeExpr ie = stmt.getInvokeExpr(); if (ie.getUseBoxes().size() < 2) return result; ImmediateBox bundleLoc = (ImmediateBox) ie.getUseBoxes().get(1); Value putStringArg = bundleLoc.getValue(); ArrayList<String> bundleKeyList = readKeysFromTag(stmt, putStringArg); if (bundleKeyList.size() == 0) return result; JimpleLocalBox intentObj = (JimpleLocalBox) ie.getUseBoxes().get(0); Type keyType = getInstrumentType(ie.getMethod().getReturnType()); SootClass iKlass = Scene.v().getSootClass(intentClass); SootField extrasField = iKlass.getFieldByName("extras"); Local extrasLocal = Jimple.v().newLocal("r_Extras", extrasField.getType()); body.getLocals().add(extrasLocal); AssignStmt assign2Extras = soot.jimple.Jimple.v().newAssignStmt( extrasLocal, Jimple.v().newStaticFieldRef(extrasField.makeRef())); units.insertBefore(assign2Extras, stmt); for (String bundleKey : bundleKeyList) { //modify bundle key. key_type, for primitive. if (!keyType.toString().equals("java.lang.Object")) bundleKey = bundleKey + "_" +keyType.toString(); instrumentBundle(bundleKey, keyType); SootMethod getObjCall = Scene.v().getMethod("<" + this.bundleClass + ": "+keyType.toString()+" get_" + bundleKey + "()>"); VirtualInvokeExpr invokeGetStr = Jimple.v().newVirtualInvokeExpr( extrasLocal, getObjCall.makeRef(), Arrays.asList(new Value[] {})); //FIXME: what if we have multiple defboxes? // assert (stmt.getDefBoxes().size > 0); if (stmt.getDefBoxes().size() == 0) { // reportUnknownRegister(stmt, extrasLocal); _tmp_reportUnknownRegisterDynInfo(stmt, extrasLocal, 1); return result; } VariableBox orgCallSite = (VariableBox)stmt.getDefBoxes().get(0); AssignStmt invokeAssign = Jimple.v().newAssignStmt(orgCallSite.getValue(), invokeGetStr); units.insertAfter(invokeAssign, stmt); } if (bundleKeyList.size() > 0) { units.remove(stmt); result = true; } return result; }
