<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi Steven, <br>
</p>
<p>Thank you so much for your advice.</p>
<p>"org.kxml2.io.KXmlParser" class implements
"org.xmlpull.v1.XmlPullParser", so I tried making summary of that
class. I performed the following command, but no summary file is
outputted.</p>
<p><font size="-2">MacBookPro-3:FlowDroid hatayama$ java -Xms10g
-Xmx12g -cp
guava-18.0.jar:soot-trunk.jar:soot-infoflow.jar:soot-infoflow-android.jar:soot-infoflow-summaries.jar:slf4j-api-1.7.5.jar:slf4j-simple-1.7.5.jar:axml-2.0.jar
soot.jimple.infoflow.methodSummary.Main android15.jar
./summaries/ org.kxml2.io.KXmlParser<br>
SLF4J: Class path contains multiple SLF4J bindings.<br>
SLF4J: Found binding in
[<a class="moz-txt-link-freetext"
href="jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar%21/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>]<br>
SLF4J: Found binding in
[<a class="moz-txt-link-freetext"
href="jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar%21/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>]<br>
SLF4J: See <a class="moz-txt-link-freetext"
href="http://www.slf4j.org/codes.html#multiple_bindings">http://www.slf4j.org/codes.html#multiple_bindings</a>
for an explanation.<br>
SLF4J: Actual binding is of type
[org.slf4j.impl.SimpleLoggerFactory]<br>
Warning: org.kxml2.io.KXmlParser is a phantom class!<br>
Warning: java.lang.invoke.LambdaMetafactory is a phantom class!<br>
Warning: java.lang.ref.Finalizer is a phantom class!<br>
Analyzing class org.kxml2.io.KXmlParser<br>
Class summaries for org.kxml2.io.KXmlParser done in 0.00298
seconds for 0 summaries<br>
Class org.kxml2.io.KXmlParser done.<br>
[main] INFO
soot.jimple.infoflow.methodSummary.postProcessor.InfoflowResultPostProcessor
- Removed 0 flows in favour of more precise ones<br>
Done.</font></p>
<p>Could you show me what is my mistake? <br>
</p>
<p>Best regards, <br>
Kazuki </p>
<br>
<div class="moz-cite-prefix">On 2016/09/08 1:59, Steven Arzt wrote:<br>
</div>
<blockquote
cite="mid:0c4c77ab562a4d7cc538dba575c3ce97@mail.cased.de"
type="cite">Hi Kazuki, <br>
<br>
You cannot generate a summary for an interface. You can only
create a summary for a class that implements the interface. In
your case, you need to find an implementation of
"org.xmlpull.v1.XmlPullParser" and create a summary of that class.
StubDroid will then automatically fill in this summary in places
where the interface is used. <br>
<br>
The reason is simply that an interface in itself has no
implementation. Therefore, there is no behavior that StubDroid
could summarize. <br>
<br>
Best regards, <br>
Steven <br>
<br>
On 2016-09-07 09:20, Kazuki Hatayama wrote: <br>
<blockquote type="cite">Hi Steven, <br>
<br>
Thanks for your reply. <br>
<br>
I'm not sure how to use StubDroid for making summaries. <br>
<br>
As I mentioned before, my app's snapshot is here. <br>
$r5 = virtualinvoke $r3.<java.net.URL:
java.net.URLConnection <br>
openConnection()>(); <br>
$r6 = virtualinvoke $r5.<java.net.URLConnection: <br>
java.io.InputStream getInputStream()>(); <br>
INTERFACEINVOKE $R4.<ORG.XMLPULL.V1.XMLPULLPARSER:
VOID <br>
SETINPUT(JAVA.IO.INPUTSTREAM,JAVA.LANG.STRING)>($R6,
"UTF-8"); <br>
[...] <br>
$r7 = interfaceinvoke
$r4.<org.xmlpull.v1.XmlPullParser: <br>
java.lang.String nextText()>(); <br>
<br>
In the 3rd line, I want to propagate taints $r6 to $4. So I
tried <br>
making summary of "org.xmlpull.v1.XmlPullParser" , and
performed the <br>
following command. <br>
<br>
MacBookPro-3:FlowDroid hatayama$ java -Xms10g -Xmx12g -cp <br>
guava-18.0.jar:soot-trunk.jar:soot-infoflow.jar:soot-infoflow-android.jar:soot-infoflow-summaries.jar:slf4j-api-1.7.5.jar:slf4j-simple-1.7.5.jar:axml-2.0.jar
<br>
soot.jimple.infoflow.methodSummary.Main android10.jar
./summaries/ <br>
org.xmlpull.v1.XmlPullParserFactory.java <br>
SLF4J: Class path contains multiple SLF4J bindings. <br>
SLF4J: Found binding in <br>
[<a class="moz-txt-link-freetext"
href="jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar%21/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>
<br>
[2]] <br>
SLF4J: Found binding in <br>
[<a class="moz-txt-link-freetext"
href="jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar%21/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>
<br>
[3]] <br>
SLF4J: See <a class="moz-txt-link-freetext"
href="http://www.slf4j.org/codes.html#multiple_bindings">http://www.slf4j.org/codes.html#multiple_bindings</a>
[4] for <br>
an explanation. <br>
SLF4J: Actual binding is of type
[org.slf4j.impl.SimpleLoggerFactory] <br>
Warning: org.xmlpull.v1.XmlPullParserFactory.java is a phantom
class! <br>
Warning: java.lang.invoke.LambdaMetafactory is a phantom class!
<br>
Warning: java.lang.ref.Finalizer is a phantom class! <br>
Analyzing class org.xmlpull.v1.XmlPullParserFactory.java <br>
Class summaries for org.xmlpull.v1.XmlPullParserFactory.java
done in <br>
0.001833 seconds for 0 summaries <br>
Class org.xmlpull.v1.XmlPullParserFactory.java done. <br>
[main] INFO <br>
soot.jimple.infoflow.methodSummary.postProcessor.InfoflowResultPostProcessor
<br>
- Removed 0 flows in favour of more precise ones <br>
Done. <br>
<br>
But nothing was outputted. Could you show me what is my mistake?
<br>
<br>
Best regards, <br>
Kazuki. <br>
<br>
On 2016/09/07 5:25, Steven Arzt wrote: <br>
<br>
<blockquote type="cite">Hi, <br>
<br>
That should work as long as you have a StubDroid summary for
at <br>
least one class that implements the interface. The taint
wrapper <br>
should then use a union of all summaries of implementations.
If that <br>
doesn't work, it's a bug and we need to fix it. <br>
<br>
Best regards, <br>
Steven <br>
<br>
On Sep 6, 2016 1:20 PM, Kazuki Hatayama <a
class="moz-txt-link-rfc2396E"
href="mailto:komakomaillusion@gmail.com"><komakomaillusion@gmail.com></a>
<br>
wrote: <br>
<br>
<blockquote type="cite">Hi all, <br>
<br>
I'm faced with the similar problem <br>
<br>
</blockquote>
<br>
</blockquote>
(<a class="moz-txt-link-freetext"
href="https://github.com/secure-software-engineering/soot-infoflow-android/issues/125">https://github.com/secure-software-engineering/soot-infoflow-android/issues/125</a>
<br>
<blockquote type="cite">
<blockquote type="cite">[1]). <br>
<br>
here is the snapshot of my app. <br>
$r5 = virtualinvoke $r3.<java.net.URL: <br>
java.net.URLConnection openConnection()>(); <br>
$r6 = virtualinvoke $r5.<java.net.URLConnection: <br>
java.io.InputStream getInputStream()>(); <br>
INTERFACEINVOKE $R4.<ORG.XMLPULL.V1.XMLPULLPARSER: VOID <br>
SETINPUT(JAVA.IO.INPUTSTREAM,JAVA.LANG.STRING)>($R6,
"UTF-8"); <br>
[...] <br>
$r7 = interfaceinvoke $r4.<org.xmlpull.v1.XmlPullParser:
<br>
java.lang.String nextText()>(); <br>
<br>
In 3rd line, I want to propagate taints $r6 to $4. The above
web <br>
page says Stubdroid can handle this situation. <br>
<br>
But Stubdroid seems to be applicable to only classes, not <br>
interfaces. <br>
<br>
Can really Stubdroid handle this situation? <br>
<br>
Best regards, <br>
Kazuki. <br>
</blockquote>
</blockquote>
<br>
<br>
Links: <br>
------ <br>
[1] <br>
<a class="moz-txt-link-freetext"
href="https://github.com/secure-software-engineering/soot-infoflow-android/issues/125">https://github.com/secure-software-engineering/soot-infoflow-android/issues/125</a>
<br>
[2] <br>
<a class="moz-txt-link-freetext"
href="jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar%21/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/soot-trunk.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>
<br>
[3] <br>
<a class="moz-txt-link-freetext"
href="jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar%21/org/slf4j/impl/StaticLoggerBinder.class">jar:file:/Users/hatayama/Desktop/FlowDroid/slf4j-simple-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class</a>
<br>
[4] <a class="moz-txt-link-freetext"
href="http://www.slf4j.org/codes.html#multiple_bindings">http://www.slf4j.org/codes.html#multiple_bindings</a>
<br>
</blockquote>
<br>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Kazuki</pre>
</body>
</html>