@Override public void computeInfoflow(String path, IEntryPointCreator entryPointCreator, List<String> entryPoints, ISourceSinkManager sourcesSinks) { results = null; if (sourcesSinks == null) { logger.error("Sources are empty!"); return; } initializeSoot(path, SootMethodRepresentationParser.v().parseClassNames(entryPoints, false).keySet(), sourcesSinks); // entryPoints are the entryPoints required by Soot to calculate Graph - if there is no main method, // we have to create a new main method and use it as entryPoint and store our real entryPoints Scene.v().setEntryPoints(Collections.singletonList(entryPointCreator.createDummyMain(entryPoints))); // We explicitly select the packs we want to run for performance reasons PackManager.v().getPack("wspp").apply();//==> PackManager.v().getPack("cg").apply();//==> PackManager.v().getPack("wjtp").apply(); PackManager.v().getPack("wstp").apply();//==> //Main.v().main(args); ==> if (debug) PackManager.v().writeOutput(); }
public InfoflowProblem(IInfoflowCFG icfg, ISourceSinkManager sourceSinkManager, IAliasingStrategy aliasingStrategy) { super(icfg, sourceSinkManager); this.aliasingStrategy = aliasingStrategy; this.implicitFlowAliasingStrategy = new ImplicitFlowAliasStrategy(icfg); this.aliasing = new Aliasing(aliasingStrategy, icfg); }
@Override public void computeInfoflow(String appPath, String libPath, String entryPoint, ISourceSinkManager sourcesSinks) { if (sourcesSinks == null) { logger.error("Sources are empty!"); return; } initializeSoot(appPath, libPath, SootMethodRepresentationParser.v().parseClassNames (Collections.singletonList(entryPoint), false).keySet(), entryPoint); if (!Scene.v().containsMethod(entryPoint)){ logger.error("Entry point not found: " + entryPoint); return; } SootMethod ep = Scene.v().getMethod(entryPoint); if (ep.isConcrete()) ep.retrieveActiveBody(); else { logger.debug("Skipping non-concrete method " + ep); return; } Scene.v().setEntryPoints(Collections.singletonList(ep)); Options.v().set_main_class(ep.getDeclaringClass().getName()); // Compute the additional seeds if they are specified Set<String> seeds = Collections.emptySet(); if (entryPoint != null && !entryPoint.isEmpty()) seeds = Collections.singleton(entryPoint); ipcManager.updateJimpleForICC(); // Run the analysis runAnalysis(sourcesSinks, seeds); }
/** * Scans the given method for sources and sinks contained in it. Sinks are * just counted, sources are added to the InfoflowProblem as seeds. * @param sourcesSinks The SourceSinkManager to be used for identifying * sources and sinks * @param forwardProblem The InfoflowProblem in which to register the * sources as seeds * @param m The method to scan for sources and sinks * @return The number of sinks found in this method */ private int scanMethodForSourcesSinks( final ISourceSinkManager sourcesSinks, InfoflowProblem forwardProblem, SootMethod m) { int sinkCount = 0; if (m.hasActiveBody()) { // Check whether this is a system class we need to ignore final String className = m.getDeclaringClass().getName(); if (ignoreFlowsInSystemPackages && SystemClassHandler.isClassInSystemPackage(className)) return sinkCount; // Look for a source in the method. Also look for sinks. If we // have no sink in the program, we don't need to perform any // analysis PatchingChain<Unit> units = m.getActiveBody().getUnits(); for (Unit u : units) { Stmt s = (Stmt) u; if (sourcesSinks.getSourceInfo(s, iCfg) != null) { forwardProblem.addInitialSeeds(u, Collections.singleton(forwardProblem.zeroValue())); logger.debug("Source found: {}", u); } if (sourcesSinks.isSink(s, iCfg, null)) { logger.debug("Sink found: {}", u); sinkCount++; } } } return sinkCount; }
public InfoflowProblem(IInfoflowCFG icfg, ISourceSinkManager sourceSinkManager, IAliasingStrategy aliasingStrategy) { super(icfg); this.sourceSinkManager = sourceSinkManager; this.aliasingStrategy = aliasingStrategy; this.implicitFlowAliasingStrategy = new ImplicitFlowAliasStrategy(icfg); }
@Override public void computeInfoflow(String path, String entryPoint, ISourceSinkManager sourcesSinks) { results = null; if (sourcesSinks == null) { logger.error("Sources are empty!"); return; } initializeSoot(path, SootMethodRepresentationParser.v().parseClassNames (Collections.singletonList(entryPoint), false).keySet(), sourcesSinks, entryPoint); if (!Scene.v().containsMethod(entryPoint)){ logger.error("Entry point not found: " + entryPoint); return; } SootMethod ep = Scene.v().getMethod(entryPoint); if (ep.isConcrete()) ep.retrieveActiveBody(); else { logger.debug("Skipping non-concrete method " + ep); return; } Scene.v().setEntryPoints(Collections.singletonList(ep)); Options.v().set_main_class(ep.getDeclaringClass().getName()); // We explicitly select the packs we want to run for performance reasons PackManager.v().getPack("wspp").apply(); PackManager.v().getPack("cg").apply(); PackManager.v().getPack("wjtp").apply(); PackManager.v().getPack("wstp").apply(); if (debug) PackManager.v().writeOutput(); }
@Override public void runAnalysis(final ISourceSinkManager sourcesSinks) { super.runAnalysis(sourcesSinks); }
public InfoflowProblem(ISourceSinkManager sourceSinkManager, IAliasingStrategy aliasingStrategy) { this(new InfoflowCFG(), sourceSinkManager, aliasingStrategy); }
public InfoflowProblem(ISourceSinkManager mySourceSinkManager, Set<Unit> analysisSeeds, IAliasingStrategy aliasingStrategy) { this(new InfoflowCFG(), mySourceSinkManager, aliasingStrategy); for (Unit u : analysisSeeds) this.initialSeeds.put(u, Collections.singleton(getZeroValue())); }
public BackwardsInfoflowProblem(BiDiInterproceduralCFG<Unit, SootMethod> icfg, ISourceSinkManager sourceSinkManager) { super(icfg, sourceSinkManager); }
public AbstractInfoflowProblem(BiDiInterproceduralCFG<Unit, SootMethod> icfg, ISourceSinkManager sourceSinkManager) { super(icfg); this.sourceSinkManager = sourceSinkManager; }
public InfoflowProblem(ISourceSinkManager mySourceSinkManager, Set<Unit> analysisSeeds, IAliasingStrategy aliasingStrategy) { this(new InfoflowCFG(), mySourceSinkManager, aliasingStrategy); for (Unit u : analysisSeeds) this.initialSeeds.put(u, Collections.singleton(zeroValue)); }
public void setISSM(ISourceSinkManager issm){ this.issm = issm; }
public ISourceSinkManager getISSM(){ return this.issm; }
/** * Creates a new instance of the {@link InterproceduralConstantValuePropagator} * class * @param icfg The interprocedural control flow graph to use * @param excludedMethods The methods that shall be excluded. If one of these * methods calls another method with a constant argument, this argument will * not be propagated into the callee. * @param sourceSinkManager The SourceSinkManager to be used for not * propagating constants out of source methods * @param taintWrapper The taint wrapper to be used for not breaking dummy * values that will later be replaced by artificial taints */ public InterproceduralConstantValuePropagator(IInfoflowCFG icfg, Collection<SootMethod> excludedMethods, ISourceSinkManager sourceSinkManager, ITaintPropagationWrapper taintWrapper) { this.icfg = icfg; this.excludedMethods = new HashSet<SootMethod>(excludedMethods); this.sourceSinkManager = sourceSinkManager; this.taintWrapper = taintWrapper; }
/** * Computes the information flow on a list of entry point methods. This list * is used to construct an artificial main method following the Android * life cycle for all methods that are detected to be part of Android's * application infrastructure (e.g. android.app.Activity.onCreate) * @param appPath The path containing the client program's files * @param libPath the path to the main folder of the (unpacked) library class files * @param entryPointCreator the entry point creator to use for generating the dummy * main method * @param sourcesSinks manager class for identifying sources and sinks in the source code */ public void computeInfoflow(String appPath, String libPath, IEntryPointCreator entryPointCreator, ISourceSinkManager sourcesSinks);
/** * Computes the information flow on a single method. This method is * directly taken as the entry point into the program, even if it is an * instance method. * @param appPath The path containing the client program's files * @param libPath the path to the main folder of the (unpacked) library class files * @param entryPoint the main method to analyze * @param sourcesSinks manager class for identifying sources and sinks in the source code */ public void computeInfoflow(String appPath, String libPath, String entryPoint, ISourceSinkManager sourcesSinks);
/** * Computes the information flow on a list of entry point methods. This list * is used to construct an artificial main method following the Android * life cycle for all methods that are detected to be part of Android's * application infrastructure (e.g. android.app.Activity.onCreate) * @param path the path to the main folder of the (unpacked) class files * @param entryPointCreator the entry point creator to use for generating the dummy * main method * @param entryPoints the entryPoints (string conforms to SootMethod representation) * @param sourcesSinks manager class for identifying sources and sinks in the source code */ public void computeInfoflow(String path, IEntryPointCreator entryPointCreator, List<String> entryPoints, ISourceSinkManager sourcesSinks);
/** * Computes the information flow on a single method. This method is * directly taken as the entry point into the program, even if it is an * instance method. * @param path the path to the main folder of the (unpacked) class files * @param entryPoint the main method to analyze * @param sourcesSinks manager class for identifying sources and sinks in the source code */ public void computeInfoflow(String path, String entryPoint, ISourceSinkManager sourcesSinks);
/** * Initializes Soot. * @param path The Soot classpath * @param classes The set of classes that shall be checked for data flow * analysis seeds. All sources in these classes are used as seeds. * @param sourcesSinks The manager object for identifying sources and sinks */ private void initializeSoot(String path, Set<String> classes, ISourceSinkManager sourcesSinks) { initializeSoot(path, classes, sourcesSinks, ""); }
