soot.jimple.ArrayRef Java Examples
The following examples show how to use
soot.jimple.ArrayRef.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: BaseSelector.java From JAADAS with GNU General Public License v3.0 | 6 votes |
/** * the operations that are not relevant for analysis like "not" or casts * are removed - array refs are only removed if explicitly stated * @param val the value which should be pruned * @param keepArrayRef if false then array refs are pruned to the base array object * @return the value (possibly pruned to base object) */ //we want to keep ArrayRef for objects on the right side of the assignment public static Value selectBase(Value val, boolean keepArrayRef){ //we taint base of array instead of array elements if (val instanceof ArrayRef && !keepArrayRef) { return selectBase(((ArrayRef) val).getBase(), keepArrayRef); } if (val instanceof CastExpr) { return selectBase(((CastExpr) val).getOp(), keepArrayRef); } // Check for unary operators like "not" or "length" if (val instanceof UnopExpr) return selectBase(((UnopExpr) val).getOp(), keepArrayRef); return val; }
Example #2
Source File: UtilInstrumenter.java From FuzzDroid with Apache License 2.0 | 6 votes |
public static Pair<Value, List<Unit>> generateParameterArray(List<Value> parameterList, Body body){ List<Unit> generated = new ArrayList<Unit>(); NewArrayExpr arrayExpr = Jimple.v().newNewArrayExpr(RefType.v("java.lang.Object"), IntConstant.v(parameterList.size())); Value newArrayLocal = generateFreshLocal(body, getParameterArrayType()); Unit newAssignStmt = Jimple.v().newAssignStmt(newArrayLocal, arrayExpr); generated.add(newAssignStmt); for(int i = 0; i < parameterList.size(); i++){ Value index = IntConstant.v(i); ArrayRef leftSide = Jimple.v().newArrayRef(newArrayLocal, index); Value rightSide = generateCorrectObject(body, parameterList.get(i), generated); Unit parameterInArray = Jimple.v().newAssignStmt(leftSide, rightSide); generated.add(parameterInArray); } return new Pair<Value, List<Unit>>(newArrayLocal, generated); }
Example #3
Source File: AputInstruction.java From JAADAS with GNU General Public License v3.0 | 6 votes |
public void jimplify (DexBody body) { if(!(instruction instanceof Instruction23x)) throw new IllegalArgumentException("Expected Instruction23x but got: "+instruction.getClass()); Instruction23x aPutInstr = (Instruction23x)instruction; int source = aPutInstr.getRegisterA(); Local arrayBase = body.getRegisterLocal(aPutInstr.getRegisterB()); Local index = body.getRegisterLocal(aPutInstr.getRegisterC()); ArrayRef arrayRef = Jimple.v().newArrayRef(arrayBase, index); Local sourceValue = body.getRegisterLocal(source); assign = getAssignStmt(body, sourceValue, arrayRef); if (aPutInstr.getOpcode().value == Opcode.APUT_OBJECT.value) assign.addTag(new ObjectOpTag()); setUnit(assign); addTags(assign); body.add(assign); if (IDalvikTyper.ENABLE_DVKTYPER) { Debug.printDbg(IDalvikTyper.DEBUG, "constraint: "+ assign); DalvikTyper.v().addConstraint(assign.getLeftOpBox(), assign.getRightOpBox()); DalvikTyper.v().setType(arrayRef.getIndexBox(), IntType.v(), true); } }
Example #4
Source File: AsmMethodSource.java From JAADAS with GNU General Public License v3.0 | 6 votes |
private void convertArrayLoadInsn(InsnNode insn) { StackFrame frame = getFrame(insn); Operand[] out = frame.out(); Operand opr; if (out == null) { Operand indx = popImmediate(); Operand base = popImmediate(); ArrayRef ar = Jimple.v().newArrayRef( base.stackOrValue(), indx.stackOrValue()); indx.addBox(ar.getIndexBox()); base.addBox(ar.getBaseBox()); opr = new Operand(insn, ar); frame.in(indx, base); frame.boxes(ar.getIndexBox(), ar.getBaseBox()); frame.out(opr); } else { opr = out[0]; frame.mergeIn(pop(), pop()); } int op = insn.getOpcode(); if (op == DALOAD || op == LALOAD) pushDual(opr); else push(opr); }
Example #5
Source File: AsmMethodSource.java From JAADAS with GNU General Public License v3.0 | 6 votes |
private void convertArrayStoreInsn(InsnNode insn) { int op = insn.getOpcode(); boolean dword = op == LASTORE || op == DASTORE; StackFrame frame = getFrame(insn); if (!units.containsKey(insn)) { Operand valu = dword ? popImmediateDual() : popImmediate(); Operand indx = popImmediate(); Operand base = popLocal(); ArrayRef ar = Jimple.v().newArrayRef( base.stackOrValue(), indx.stackOrValue()); indx.addBox(ar.getIndexBox()); base.addBox(ar.getBaseBox()); AssignStmt as = Jimple.v().newAssignStmt(ar, valu.stackOrValue()); valu.addBox(as.getRightOpBox()); frame.in(valu, indx, base); frame.boxes(as.getRightOpBox(), ar.getIndexBox(), ar.getBaseBox()); setUnit(insn, as); } else { frame.mergeIn(dword ? popDual() : pop(), pop(), pop()); } }
Example #6
Source File: ValueTemplatePrinter.java From JAADAS with GNU General Public License v3.0 | 6 votes |
public void caseArrayRef(ArrayRef v) { String oldName = varName; Value base = v.getBase(); suggestVariableName("base"); String baseName = varName; base.apply(this); Value index = v.getIndex(); suggestVariableName("index"); String indexName = varName; index.apply(this); p.println("Value "+oldName+" = Jimple.v().newArrayRef("+baseName+", "+indexName+");"); varName = oldName; }
Example #7
Source File: UnitThrowAnalysisTest.java From JAADAS with GNU General Public License v3.0 | 6 votes |
@Test public void testJArrayRef() { ArrayRef arrayRef = Jimple.v().newArrayRef( Jimple.v().newLocal("local1", ArrayType.v(RefType.v("java.lang.Object"), 1)), IntConstant.v(0)); Set expectedRep = new ExceptionHashSet(utility.VM_ERRORS); expectedRep.add(utility.NULL_POINTER_EXCEPTION); expectedRep.add(utility.ARRAY_INDEX_OUT_OF_BOUNDS_EXCEPTION); assertTrue(ExceptionTestUtility.sameMembers(expectedRep, Collections.EMPTY_SET, unitAnalysis.mightThrow(arrayRef))); Set expectedCatch = new ExceptionHashSet(utility.VM_ERRORS_PLUS_SUPERTYPES); expectedCatch.add(utility.NULL_POINTER_EXCEPTION); expectedCatch.add(utility.ARRAY_INDEX_OUT_OF_BOUNDS_EXCEPTION); expectedCatch.add(utility.INDEX_OUT_OF_BOUNDS_EXCEPTION); expectedCatch.add(utility.RUNTIME_EXCEPTION); expectedCatch.add(utility.EXCEPTION); assertEquals(expectedCatch, utility.catchableSubset(unitAnalysis.mightThrow(arrayRef))); }
Example #8
Source File: StmtTranslator.java From JAADAS with GNU General Public License v3.0 | 6 votes |
void handleAssign(DefinitionStmt stmt) { Value lval = stmt.getLeftOp(); Value rval = stmt.getRightOp(); Variable rvar; if (lval instanceof Local) { rvar = getLocalVariable((Local)lval); } else { rvar = jt.makeVariable(rval); } et.translateExpr(rvar, stmt.getRightOpBox()); if (lval instanceof ArrayRef) { notSupported("We do not support arrays"); } else if (lval instanceof FieldRef) { notSupported("We do not support field references"); } }
Example #9
Source File: UnitThrowAnalysisTest.java From JAADAS with GNU General Public License v3.0 | 6 votes |
@Test public void testGArrayRef() { ArrayRef arrayRef = Grimp.v().newArrayRef( Grimp.v().newLocal("local1", ArrayType.v(RefType.v("java.lang.Object"), 1)), IntConstant.v(0)); Set expectedRep = new ExceptionHashSet(utility.VM_ERRORS); expectedRep.add(utility.NULL_POINTER_EXCEPTION); expectedRep.add(utility.ARRAY_INDEX_OUT_OF_BOUNDS_EXCEPTION); assertTrue(ExceptionTestUtility.sameMembers(expectedRep, Collections.EMPTY_SET, unitAnalysis.mightThrow(arrayRef))); Set expectedCatch = new ExceptionHashSet(utility.VM_ERRORS_PLUS_SUPERTYPES); expectedCatch.add(utility.NULL_POINTER_EXCEPTION); expectedCatch.add(utility.ARRAY_INDEX_OUT_OF_BOUNDS_EXCEPTION); expectedCatch.add(utility.INDEX_OUT_OF_BOUNDS_EXCEPTION); expectedCatch.add(utility.RUNTIME_EXCEPTION); expectedCatch.add(utility.EXCEPTION); assertEquals(expectedCatch, utility.catchableSubset(unitAnalysis.mightThrow(arrayRef))); }
Example #10
Source File: PtsBasedAliasStrategy.java From JAADAS with GNU General Public License v3.0 | 6 votes |
/** * Gets the points-to-set for the given value * @param targetValue The value for which to get the points-to-set * @return The points-to-set for the given value */ private PointsToSet getPointsToSet(Value targetValue) { PointsToAnalysis pta = Scene.v().getPointsToAnalysis(); synchronized (pta) { if (targetValue instanceof Local) return pta.reachingObjects((Local) targetValue); else if (targetValue instanceof InstanceFieldRef) { InstanceFieldRef iref = (InstanceFieldRef) targetValue; return pta.reachingObjects((Local) iref.getBase(), iref.getField()); } else if (targetValue instanceof StaticFieldRef) { StaticFieldRef sref = (StaticFieldRef) targetValue; return pta.reachingObjects(sref.getField()); } else if (targetValue instanceof ArrayRef) { ArrayRef aref = (ArrayRef) targetValue; return pta.reachingObjects((Local) aref.getBase()); } else throw new RuntimeException("Unexpected value type for aliasing: " + targetValue.getClass()); } }
Example #11
Source File: SmartConstantDataExtractorFuzzyAnalysis.java From FuzzDroid with Apache License 2.0 | 6 votes |
private int getConstantArrayIndexForSplitDataFlow(Stmt[] dataflow) { Stmt firstAssign = dataflow[0]; if(firstAssign instanceof AssignStmt) { AssignStmt ass = (AssignStmt)firstAssign; Value value = ass.getRightOp(); if(value instanceof ArrayRef) { ArrayRef aRef = (ArrayRef)value; Value index = aRef.getIndex(); if(index instanceof IntConstant) return ((IntConstant) index).value; } } else throw new RuntimeException("this should not happen - wrong assumption"); return -1; }
Example #12
Source File: SmartConstantDataExtractorFuzzyAnalysis.java From FuzzDroid with Apache License 2.0 | 6 votes |
private boolean hasConstantIndexAtArrayForSplitDataFlow(Stmt[] dataflow) { Stmt firstAssign = dataflow[0]; if(firstAssign instanceof AssignStmt) { AssignStmt ass = (AssignStmt)firstAssign; Value value = ass.getRightOp(); if(value instanceof ArrayRef) { ArrayRef aRef = (ArrayRef)value; Value index = aRef.getIndex(); if(index instanceof IntConstant) return true; } } else throw new RuntimeException("this should not happen - wrong assumption"); return false; }
Example #13
Source File: PolicyEnforcementPoint.java From DroidForce with GNU Lesser General Public License v2.1 | 6 votes |
/** * * @param parameter * @param body * @return */ private Pair<Value, List<Unit>> generateParameterArray(List<Value> parameter, Body body){ List<Unit> generated = new ArrayList<Unit>(); NewArrayExpr arrayExpr = Jimple.v().newNewArrayExpr(RefType.v("java.lang.Object"), IntConstant.v(parameter.size())); Value newArrayLocal = generateFreshLocal(body, getParameterArrayType()); Unit newAssignStmt = Jimple.v().newAssignStmt(newArrayLocal, arrayExpr); generated.add(newAssignStmt); for(int i = 0; i < parameter.size(); i++){ Value index = IntConstant.v(i); ArrayRef leftSide = Jimple.v().newArrayRef(newArrayLocal, index); Value rightSide = generateCorrectObject(body, parameter.get(i), generated); Unit parameterInArray = Jimple.v().newAssignStmt(leftSide, rightSide); generated.add(parameterInArray); } return new Pair<Value, List<Unit>>(newArrayLocal, generated); }
Example #14
Source File: WeightedBoomerang.java From SPDS with Eclipse Public License 2.0 | 5 votes |
protected FieldReadPOI createArrayFieldLoad(Statement s) { Stmt stmt = s.getUnit().get(); AssignStmt as = (AssignStmt) stmt; ArrayRef ifr = (ArrayRef) as.getRightOp(); Val base = new Val(ifr.getBase(), icfg().getMethodOf(as)); Val stored = new Val(as.getLeftOp(), icfg().getMethodOf(as)); return fieldReads.getOrCreate(new FieldReadPOI(s, base, Field.array(), stored)); }
Example #15
Source File: StmtVisitor.java From JAADAS with GNU General Public License v3.0 | 5 votes |
private Insn buildArrayGetInsn(Register destinationReg, ArrayRef sourceRef) { Value index = sourceRef.getIndex(); Register indexReg = regAlloc.asImmediate(index, constantV); Value array = sourceRef.getBase(); Register arrayReg = regAlloc.asLocal(array); String arrayTypeDescriptor = SootToDexUtils.getArrayTypeDescriptor((ArrayType) array.getType()); Opcode opc = getPutGetOpcodeWithTypeSuffix("aget", arrayTypeDescriptor); return new Insn23x(opc, destinationReg, arrayReg, indexReg); }
Example #16
Source File: WeightedBoomerang.java From SPDS with Eclipse Public License 2.0 | 5 votes |
protected FieldWritePOI createArrayFieldStore(Statement s) { Stmt stmt = s.getUnit().get(); AssignStmt as = (AssignStmt) stmt; ArrayRef ifr = (ArrayRef) as.getLeftOp(); Val base = new Val(ifr.getBase(), icfg().getMethodOf(as)); Val stored = new Val(as.getRightOp(), icfg().getMethodOf(as)); return fieldWrites.getOrCreate(new FieldWritePOI(s, base, Field.array(), stored)); }
Example #17
Source File: WeightedBoomerang.java From SPDS with Eclipse Public License 2.0 | 5 votes |
public static boolean isArrayStore(Statement s) { Optional<Stmt> optUnit = s.getUnit(); if (optUnit.isPresent()) { Stmt stmt = optUnit.get(); if (stmt instanceof AssignStmt && ((AssignStmt) stmt).getLeftOp() instanceof ArrayRef) { return true; } } return false; }
Example #18
Source File: UnitThrowAnalysis.java From JAADAS with GNU General Public License v3.0 | 5 votes |
@Override public void caseAssignStmt(AssignStmt s) { Value lhs = s.getLeftOp(); if (lhs instanceof ArrayRef && (lhs.getType() instanceof UnknownType || lhs.getType() instanceof RefType)) { // This corresponds to an aastore byte code. result = result.add(mgr.ARRAY_STORE_EXCEPTION); } result = result.add(mightThrow(s.getLeftOp())); result = result.add(mightThrow(s.getRightOp())); }
Example #19
Source File: ShortcutArrayInit.java From JAADAS with GNU General Public License v3.0 | 5 votes |
public boolean isInSequenceAssignment(Stmt s, Value leftOp, int index){ //DEBUG=false; if(!(s instanceof DefinitionStmt)) return false; DefinitionStmt ds = (DefinitionStmt)s; Value leftValue = ds.getLeftOp(); if(! (leftValue instanceof ArrayRef)) return false; if(DEBUG){ System.out.println("Stmt number "+index + " is an array ref assignment"+leftValue); System.out.println("Array is"+leftOp); } ArrayRef leftRef = (ArrayRef)leftValue; if(! (leftOp.equals(leftRef.getBase()))){ if(DEBUG) System.out.println("Not assigning to same array"); return false; } if( ! (leftRef.getIndex() instanceof IntConstant)){ if(DEBUG) System.out.println("Cant determine index of assignment"); return false; } IntConstant leftIndex = (IntConstant)leftRef.getIndex(); if(leftIndex.value != index){ if(DEBUG) System.out.println("Out of order assignment"); return false; } return true; }
Example #20
Source File: WeightedBoomerang.java From SPDS with Eclipse Public License 2.0 | 5 votes |
public static boolean isArrayLoad(Statement s) { Optional<Stmt> optUnit = s.getUnit(); if (optUnit.isPresent()) { Stmt stmt = optUnit.get(); if (stmt instanceof AssignStmt && ((AssignStmt) stmt).getRightOp() instanceof ArrayRef) { return true; } } return false; }
Example #21
Source File: AgetInstruction.java From JAADAS with GNU General Public License v3.0 | 5 votes |
public void jimplify (DexBody body) throws InvalidDalvikBytecodeException { if(!(instruction instanceof Instruction23x)) throw new IllegalArgumentException("Expected Instruction23x but got: "+instruction.getClass()); Instruction23x aGetInstr = (Instruction23x)instruction; int dest = aGetInstr.getRegisterA(); Local arrayBase = body.getRegisterLocal(aGetInstr.getRegisterB()); Local index = body.getRegisterLocal(aGetInstr.getRegisterC()); ArrayRef arrayRef = Jimple.v().newArrayRef(arrayBase, index); Local l = body.getRegisterLocal(dest); assign = Jimple.v().newAssignStmt(l, arrayRef); if (aGetInstr.getOpcode().value == Opcode.AGET_OBJECT.value) assign.addTag(new ObjectOpTag()); setUnit(assign); addTags(assign); body.add(assign); if (IDalvikTyper.ENABLE_DVKTYPER) { Debug.printDbg(IDalvikTyper.DEBUG, "constraint: "+ assign); DalvikTyper.v().addConstraint(assign.getLeftOpBox(), assign.getRightOpBox()); DalvikTyper.v().setType(arrayRef.getIndexBox(), IntType.v(), true); } }
Example #22
Source File: JimpleStmtVisitorImpl.java From FuzzDroid with Apache License 2.0 | 5 votes |
public SMTBinding getCorrectBindingForArrayRef(ArrayRef arrayRef) { for(Map.Entry<String, SMTBinding> entry : arrayHelper.entrySet()) { if(entry.getKey().equals(arrayRef.toString())) return entry.getValue(); } return null; }
Example #23
Source File: StmtVisitor.java From JAADAS with GNU General Public License v3.0 | 5 votes |
private Insn buildPutInsn(ConcreteRef destRef, Value source) { if (destRef instanceof StaticFieldRef) { return buildStaticFieldPutInsn((StaticFieldRef) destRef, source); } else if (destRef instanceof InstanceFieldRef) { return buildInstanceFieldPutInsn((InstanceFieldRef) destRef, source); } else if (destRef instanceof ArrayRef) { return buildArrayPutInsn((ArrayRef) destRef, source); } else { throw new RuntimeException("unsupported type of ConcreteRef: " + destRef.getClass()); } }
Example #24
Source File: JimpleExprVisitorImpl.java From FuzzDroid with Apache License 2.0 | 5 votes |
private int findMaxIndexOfArray(InvokeExpr invokeExpr) { Value array = null; int maxIndex = -1; for(Stmt stmt : stmtVisitor.getJimpleDataFlowStatements()) { if(stmt instanceof AssignStmt) { AssignStmt assign = (AssignStmt)stmt; if(array == null) { if(assign.getRightOp().equals(invokeExpr)) { array = assign.getLeftOp(); } } else{ Value rhs = assign.getRightOp(); if(rhs instanceof ArrayRef) { ArrayRef arrayRef = (ArrayRef)rhs; if(arrayRef.getBase().equals(array)) { Value index = arrayRef.getIndex(); if(index instanceof IntConstant) { IntConstant constant = (IntConstant)index; maxIndex = constant.value; } } } } } } return maxIndex; }
Example #25
Source File: StmtVisitor.java From JAADAS with GNU General Public License v3.0 | 5 votes |
private Insn buildGetInsn(ConcreteRef sourceRef, Register destinationReg) { if (sourceRef instanceof StaticFieldRef) { return buildStaticFieldGetInsn(destinationReg, (StaticFieldRef) sourceRef); } else if (sourceRef instanceof InstanceFieldRef) { return buildInstanceFieldGetInsn(destinationReg, (InstanceFieldRef) sourceRef); } else if (sourceRef instanceof ArrayRef) { return buildArrayGetInsn(destinationReg, (ArrayRef) sourceRef); } else { throw new RuntimeException("unsupported type of ConcreteRef: " + sourceRef.getClass()); } }
Example #26
Source File: StmtVisitor.java From JAADAS with GNU General Public License v3.0 | 5 votes |
private Insn buildArrayPutInsn(ArrayRef destRef, Value source) { Value array = destRef.getBase(); Register arrayReg = regAlloc.asLocal(array); Value index = destRef.getIndex(); Register indexReg = regAlloc.asImmediate(index, constantV); Register sourceReg = regAlloc.asImmediate(source, constantV); String arrayTypeDescriptor = SootToDexUtils.getArrayTypeDescriptor((ArrayType) array.getType()); Opcode opc = getPutGetOpcodeWithTypeSuffix("aput", arrayTypeDescriptor); return new Insn23x(opc, sourceReg, arrayReg, indexReg); }
Example #27
Source File: NullnessAssumptionAnalysis.java From JAADAS with GNU General Public License v3.0 | 4 votes |
private void handleArrayRef(ArrayRef arrayRef, AnalysisInfo out) { Value array = arrayRef.getBase(); //here we know that the array must point to an object, but the array value might be anything out.put(array, NON_NULL); // out.put(arrayRef, TOP); }
Example #28
Source File: Aliasing.java From JAADAS with GNU General Public License v3.0 | 4 votes |
/** * Gets whether a value and an access path may potentially point to the same * runtime object * @param ap The access path * @param val The value * @return The access path that actually matched if the given value and * access path alias. In the simplest case, this is the given access path. * When using recursive access paths, it can however also be a base * expansion. If the given access path and value do not alias, null is * returned. */ public AccessPath mayAlias(AccessPath ap, Value val) { // What cannot be represented in an access path cannot alias if (!AccessPath.canContainValue(val)) return null; // Constants can never alias if (val instanceof Constant) return null; // For instance field references, the base must match if (val instanceof Local) if (ap.getPlainValue() != val) return null; // For array references, the base must match if (val instanceof ArrayRef) if (ap.getPlainValue() != ((ArrayRef) val).getBase()) return null; // For instance field references, the base local must match if (val instanceof InstanceFieldRef) { if (!ap.isLocal() && !ap.isInstanceFieldRef()) return null; if (((InstanceFieldRef) val).getBase() != ap.getPlainValue()) return null; } // If the value is a static field reference, the access path must be // static as well if (val instanceof StaticFieldRef) if (!ap.isStaticFieldRef()) return null; // If we have an interactive aliasing algorithm, we check that as well /* if (aliasingStrategy.isInteractive()) return aliasingStrategy.mayAlias(new AccessPath(val1, false), new AccessPath(val2, false)); */ // Get the field set from the value SootField[] fields = val instanceof FieldRef ? new SootField[] { ((FieldRef) val).getField() } : new SootField[0]; return getReferencedAPBase(ap, fields); }
Example #29
Source File: InterproceduralConstantValuePropagator.java From JAADAS with GNU General Public License v3.0 | 4 votes |
/** * Checks whether the given method or one of its transitive callees has * side-effects or calls a sink method * @param method The method to check * @param runList A set to receive all methods that have already been * processed * @param cache The cache in which to store the results * @return True if the given method or one of its transitive callees has * side-effects or calls a sink method, otherwise false. */ private boolean hasSideEffectsOrCallsSink(SootMethod method, Set<SootMethod> runList) { // Without a body, we cannot say much if (!method.hasActiveBody()) return false; // Do we already have an entry? Boolean hasSideEffects = methodSideEffects.get(method); if (hasSideEffects != null) return hasSideEffects; Boolean hasSink = methodSinks.get(method); if (hasSink != null) return hasSink; // Do not process the same method twice if (!runList.add(method)) return false; // If this is an Android stub method that just throws a stub exception, // this will never happen in practice and can be removed if (methodIsAndroidStub(method)) { methodSideEffects.put(method, false); return false; } // Scan for references to this variable for (Unit u : method.getActiveBody().getUnits()) { if (u instanceof AssignStmt) { AssignStmt assign = (AssignStmt) u; if (assign.getLeftOp() instanceof FieldRef || assign.getLeftOp() instanceof ArrayRef) { methodSideEffects.put(method, true); return true; } } Stmt s = (Stmt) u; // If this method calls another method for which we have a taint // wrapper, we need to conservatively assume that the taint wrapper // can do anything if (taintWrapper != null && taintWrapper.supportsCallee(s)) { methodSideEffects.put(method, true); return true; } if (s.containsInvokeExpr()) { // If this method calls a sink, we need to keep it if (sourceSinkManager != null && sourceSinkManager.isSink((Stmt) u, icfg, null)) { methodSinks.put(method, true); return true; } // Check the callees for (Iterator<Edge> edgeIt = Scene.v().getCallGraph().edgesOutOf(u); edgeIt.hasNext(); ) { Edge e = edgeIt.next(); if (hasSideEffectsOrCallsSink(e.getTgt().method(), runList)) return true; } } } // Variable is not read methodSideEffects.put(method, false); return false; }
Example #30
Source File: InterproceduralConstantValuePropagator.java From JAADAS with GNU General Public License v3.0 | 4 votes |
/** * Checks whether the given method or one of its transitive callees has * side-effects or calls a sink method * @param method The method to check * @param runList A set to receive all methods that have already been * processed * @param cache The cache in which to store the results * @return True if the given method or one of its transitive callees has * side-effects or calls a sink method, otherwise false. */ private boolean hasSideEffectsOrReadsThis(SootMethod method, Set<SootMethod> runList) { // Without a body, we cannot say much if (!method.hasActiveBody()) return false; // Do we already have an entry? Boolean hasSideEffects = methodSideEffects.get(method); if (hasSideEffects != null) return hasSideEffects; // Do not process the same method twice if (!runList.add(method)) return false; // If this is an Android stub method that just throws a stub exception, // this will never happen in practice and can be removed if (methodIsAndroidStub(method)) { methodSideEffects.put(method, false); return false; } // Scan for references to this variable Local thisLocal = method.isStatic() ? null : method.getActiveBody().getThisLocal(); for (Unit u : method.getActiveBody().getUnits()) { if (u instanceof AssignStmt) { AssignStmt assign = (AssignStmt) u; if (assign.getLeftOp() instanceof FieldRef || assign.getLeftOp() instanceof ArrayRef) { methodSideEffects.put(method, true); return true; } } Stmt s = (Stmt) u; // If this statement uses the "this" local, we have to // conservatively assume that is can read data if (thisLocal != null) for (ValueBox vb : s.getUseBoxes()) if (vb.getValue() == thisLocal) return true; if (s.containsInvokeExpr()) { // Check the callees for (Iterator<Edge> edgeIt = Scene.v().getCallGraph().edgesOutOf(u); edgeIt.hasNext(); ) { Edge e = edgeIt.next(); if (hasSideEffectsOrReadsThis(e.getTgt().method(), runList)) return true; } } } // Variable is not read methodSideEffects.put(method, false); return false; }