<html>

  <head>

    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">

    <title>Re: [Soot-list] Can Stubdroid handle interfaces?</title>

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <p>Hi Steven,</p>

    <p>Thanks for your reply.</p>

    <p>I'm not sure how to use StubDroid for making summaries.</p>

    <p>As I mentioned before, my app's snapshot is here.<br>

      <font size="-2">        $r5 = virtualinvoke $r3.&lt;java.net.URL:

        java.net.URLConnection openConnection()&gt;();<br>

                $r6 = virtualinvoke $r5.&lt;java.net.URLConnection:

        java.io.InputStream getInputStream()&gt;();<br>

                <b>interfaceinvoke

          $r4.&lt;org.xmlpull.v1.XmlPullParser: void

          setInput(java.io.InputStream,java.lang.String)&gt;($r6,

          "UTF-8");</b><br>

        ［...]<br>

                $r7 = interfaceinvoke

        $r4.&lt;org.xmlpull.v1.XmlPullParser: java.lang.String

        nextText()&gt;();</font></p>

    <p><br>

      In the 3rd line, I want to propagate taints $r6 to $4. So I tried

      making summary of  "org.xmlpull.v1.XmlPullParser" , and performed

      the following command.</p>

    <p><font size="-2">MacBookPro-3:FlowDroid hatayama$ java -Xms10g

        -Xmx12g -cp

guava-18.0.jar:soot-trunk.jar:soot-infoflow.jar:soot-infoflow-android.jar:soot-infoflow-summaries.jar:slf4j-api-1.7.5.jar:slf4j-simple-1.7.5.jar:axml-2.0.jar

        soot.jimple.infoflow.methodSummary.Main android10.jar 

        ./summaries/ org.xmlpull.v1.XmlPullParserFactory.java <br>

        SLF4J: Class path contains multiple SLF4J bindings.<br>

        SLF4J: Found binding in

[<a class="moz-txt-link-freetext" href="jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar!/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>]<br>

        SLF4J: Found binding in

[<a class="moz-txt-link-freetext" href="jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>]<br>

        SLF4J: See <a class="moz-txt-link-freetext" href="http://www.slf4j.org/codes.html#multiple_bindings">http://www.slf4j.org/codes.html#multiple_bindings</a> for

        an explanation.<br>

        SLF4J: Actual binding is of type

        [org.slf4j.impl.SimpleLoggerFactory]<br>

        Warning: org.xmlpull.v1.XmlPullParserFactory.java is a phantom

        class!<br>

        Warning: java.lang.invoke.LambdaMetafactory is a phantom class!<br>

        Warning: java.lang.ref.Finalizer is a phantom class!<br>

        Analyzing class org.xmlpull.v1.XmlPullParserFactory.java<br>

        Class summaries for org.xmlpull.v1.XmlPullParserFactory.java

        done in 0.001833 seconds for 0 summaries<br>

        Class org.xmlpull.v1.XmlPullParserFactory.java done.<br>

        [main] INFO

soot.jimple.infoflow.methodSummary.postProcessor.InfoflowResultPostProcessor

        - Removed 0 flows in favour of more precise ones<br>

        Done.</font></p>

    <p>But nothing was outputted. Could you show me what is my mistake?</p>

    <p>Best regards,<br>

      Kazuki.</p>

    <br>

    <div class="moz-cite-prefix">On 2016/09/07 5:25, Steven Arzt wrote:<br>

    </div>

    <blockquote

      cite="mid:147bd343-34e3-442d-b4d5-eabdb795ea48@email.android.com"

      type="cite">

      <p dir="ltr">Hi,</p>

      <p dir="ltr">That should work as long as you have a StubDroid

        summary for at least one class that implements the interface.

        The taint wrapper should then use a union of all summaries of

        implementations. If that doesn't work, it's a bug and we need to

        fix it.</p>

      <p dir="ltr">Best regards,<br>

        Steven</p>

      <div class="gmail_extra"><br>

        <div class="gmail_quote">On Sep 6, 2016 1:20 PM, Kazuki Hatayama

          <a class="moz-txt-link-rfc2396E" href="mailto:komakomaillusion@gmail.com">&lt;komakomaillusion@gmail.com&gt;</a> wrote:<br

            type="attribution">

          <blockquote class="quote" style="margin:0 0 0

            .8ex;border-left:1px #ccc solid;padding-left:1ex">

            <div>

              <p> </p>

            </div>

            Hi all,<br>

            <br>

            I'm faced with the similar problem (<a

              moz-do-not-send="true"

href="https://github.com/secure-software-engineering/soot-infoflow-android/issues/125">https://github.com/secure-software-engineering/soot-infoflow-android/issues/125</a>).

            <br>

            <br>

            here is the snapshot of my app.<br>

            <font size="-1">        $r5 = virtualinvoke

              $r3.&lt;java.net.URL: java.net.URLConnection

              openConnection()&gt;();<br>

                      $r6 = virtualinvoke

              $r5.&lt;java.net.URLConnection: java.io.InputStream

              getInputStream()&gt;();<br>

                      <b>interfaceinvoke

                $r4.&lt;org.xmlpull.v1.XmlPullParser: void

                setInput(java.io.InputStream,java.lang.String)&gt;($r6,

                "UTF-8");</b><br>

              ［...]<br>

                      $r7 = interfaceinvoke

              $r4.&lt;org.xmlpull.v1.XmlPullParser: java.lang.String

              nextText()&gt;();<br>

            </font><br>

            In 3rd line, I want to propagate taints $r6 to $4. The above

            web page says Stubdroid can handle this situation.<br>

            <br>

            But Stubdroid seems to be applicable to only classes, not

            interfaces.<br>

            <br>

            Can really Stubdroid handle this situation?<br>

            <br>

            Best regards,<br>

            Kazuki.<br>

          </blockquote>

        </div>

        <br>

      </div>

    </blockquote>

  </body>

</html>