<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Hi Dacong, </div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">I didn't modify any soot options related with Volley library. The library jar is included in the app's apk, so I think soot should be able to decompile it. </div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Thanks a lot ! </div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Feb 18, 2015 at 4:59 PM, Dacong Yan <span dir="ltr"><<a href="mailto:tonywinslow1986@gmail.com" target="_blank">tonywinslow1986@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Purely based on code search:<br>
<br>
The call sites for onResponse() and onErrorResponse() are inside the<br>
Volley library: line 60 at<br>
<<a href="https://android.googlesource.com/platform/frameworks/volley/+/idea133/src/com/android/volley/toolbox/StringRequest.java" target="_blank">https://android.googlesource.com/platform/frameworks/volley/+/idea133/src/com/android/volley/toolbox/StringRequest.java</a>><br>
and line 517 at<br>
<<a href="https://android.googlesource.com/platform/frameworks/volley/+/idea133/src/com/android/volley/Request.java" target="_blank">https://android.googlesource.com/platform/frameworks/volley/+/idea133/src/com/android/volley/Request.java</a>>.<br>
Did you include the Volley library code in your call graph<br>
construction? You may want to check that, but I'm not saying you<br>
should or should not include it.<br>
<div class="HOEnZb"><div class="h5"><br>
On Wed, Feb 18, 2015 at 1:55 PM, Xinxin Jin <<a href="mailto:xinxinjin89@gmail.com">xinxinjin89@gmail.com</a>> wrote:<br>
> As a follow up, I manually checked the jimple files generated from the apk.<br>
> And in "VolleyActivity$1.jimple ", I can clearly see the method body of<br>
> onResponse(). That means there is no problem with jimple file, but why it<br>
> is not parsed by soot (FlowDroid)?<br>
><br>
> Thanks,<br>
><br>
> On Wed, Feb 18, 2015 at 1:43 PM, Xinxin Jin <<a href="mailto:xinxinjin89@gmail.com">xinxinjin89@gmail.com</a>> wrote:<br>
>><br>
>> Hi Eric,<br>
>><br>
>> Thanks for your reply. I checked all the reachable methods and found no<br>
>> place invoking onResponse and onErrorResponse.<br>
>><br>
>> The statement that invokes StringRequest() method is :<br>
>><br>
>> <com.android.volley.toolbox.StringRequest: void<br>
>> <init>(int,java.lang.String,com.android.volley.Response$Listener,com.android.volley.Response$ErrorListener)>(<br>
>> "<a href="http://www.google.com" target="_blank">http://www.google.com</a>", $r7, $r8)<br>
>><br>
>> Here parameters $r7, $r8 correspond to Response.Listener() and<br>
>> Response.ErrorListener(). Then I continued to track the definition of r7:<br>
>><br>
>> $r7 = new edu.ucsd.mytest.VolleyActivity$1<br>
>><br>
>> But there is no useful statement in edu.ucsd.mytest.VolleyActivity$1 ....<br>
>><br>
>> Any ideas ?<br>
>><br>
>> Thank you a lot !!<br>
>><br>
>> On Wed, Feb 18, 2015 at 11:47 AM, Bodden, Eric<br>
>> <<a href="mailto:eric.bodden@sit.fraunhofer.de">eric.bodden@sit.fraunhofer.de</a>> wrote:<br>
>>><br>
>>> Hi Xinxin.<br>
>>><br>
>>> I think the problem is that the bytecode's structure differs from the<br>
>>> source code's. Although in the source the two anonymous subclasses of<br>
>>> Listener resp. ErrorListener are lexically contained in the constructor<br>
>>> call, they are not in the bytecode. Please inspect the call to<br>
>>> StringRequest.<init>. You should see references the second and third<br>
>>> parameter both being initialized with instances of classes such as<br>
>>> Response.Listener$1. You have to inspect the bodies of the onResponse<br>
>>> methods in those classes.<br>
>>><br>
>>> Hope that helps,<br>
>>> Eric<br>
>>><br>
>>> > On 18.02.2015, at 18:21, Xinxin Jin <<a href="mailto:xinxinjin89@gmail.com">xinxinjin89@gmail.com</a>> wrote:<br>
>>> ><br>
>>> > Hi all,<br>
>>> ><br>
>>> > I have an application which calls new StringRequest()of Volley library:<br>
>>> ><br>
>>> ><br>
>>> > StringRequest request = new StringRequest(url,<br>
>>> > new Response.Listener() {<br>
>>> > @Override<br>
>>> > public void onResponse(Object response) {<br>
>>> > Log.d(TAG, "response " + ((String)<br>
>>> > response).substring(0,500));<br>
>>> > }<br>
>>> > }, new Response.ErrorListener() {<br>
>>> > @Override<br>
>>> > public void onErrorResponse(VolleyError error) {<br>
>>> > Log.d(TAG, "error message");<br>
>>> > }<br>
>>> > });<br>
>>> ><br>
>>> ><br>
>>> > It contains two callbacks as its parameters: Response.Listener() and<br>
>>> > Response.ErrorListener().<br>
>>> ><br>
>>> > When I parse reached methods of this application, it can only reach<br>
>>> > SootMethod StringRequest: <init>, but when I examine all the statements in<br>
>>> > this method, I cannot find bodies of the two registered listeners. Is there<br>
>>> > any way to get the method body of onResponse() ?<br>
>>> ><br>
>>> > Thank you for your help !<br>
>>> ><br>
>>> > --<br>
>>> > Xinxin<br>
>>> ><br>
>>> ><br>
>>> > _______________________________________________<br>
>>> > Soot-list mailing list<br>
>>> > <a href="mailto:Soot-list@CS.McGill.CA">Soot-list@CS.McGill.CA</a><br>
>>> > <a href="https://mailman.CS.McGill.CA/mailman/listinfo/soot-list" target="_blank">https://mailman.CS.McGill.CA/mailman/listinfo/soot-list</a><br>
>>><br>
>>> --<br>
>>> Prof. Eric Bodden, Ph.D., <a href="http://sse.ec-spride.de/" target="_blank">http://sse.ec-spride.de/</a> <a href="http://bodden.de/" target="_blank">http://bodden.de/</a><br>
>>> Head of Secure Software Engineering at Fraunhofer SIT, TU Darmstadt and<br>
>>> EC SPRIDE<br>
>>> Tel: <a href="tel:%2B49%206151%2016-75422" value="+4961511675422">+49 6151 16-75422</a> Fax: <a href="tel:%2B49%206151%20869-127" value="+496151869127">+49 6151 869-127</a><br>
>>> Room B5.11, Fraunhofer SIT, Rheinstraße 75, 64295 Darmstadt<br>
>>><br>
>><br>
>><br>
>><br>
>> --<br>
>> Xinxin<br>
><br>
><br>
><br>
><br>
> --<br>
> Xinxin<br>
><br>
> _______________________________________________<br>
> Soot-list mailing list<br>
> <a href="mailto:Soot-list@CS.McGill.CA">Soot-list@CS.McGill.CA</a><br>
> <a href="https://mailman.CS.McGill.CA/mailman/listinfo/soot-list" target="_blank">https://mailman.CS.McGill.CA/mailman/listinfo/soot-list</a><br>
><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><font face="arial, helvetica, sans-serif">Xinxin</font></div>
</div>