private void instrumentEachBranchAccess(Body body, Unit unit){ SootClass sootClass = Scene.v().getSootClass( UtilInstrumenter.JAVA_CLASS_FOR_PATH_INSTRUMENTATION); // Create the method invocation SootMethod createAndAdd = sootClass.getMethod("reportConditionOutcomeSynchronous", Collections.<Type>singletonList(BooleanType.v())); StaticInvokeExpr sieThen = Jimple.v().newStaticInvokeExpr( createAndAdd.makeRef(), IntConstant.v(1)); StaticInvokeExpr sieElse = Jimple.v().newStaticInvokeExpr( createAndAdd.makeRef(), IntConstant.v(0)); Unit sieThenUnit = Jimple.v().newInvokeStmt(sieThen); sieThenUnit.addTag(new InstrumentedCodeTag()); Unit sieElseUnit = Jimple.v().newInvokeStmt(sieElse); sieElseUnit.addTag(new InstrumentedCodeTag()); //treatment of target statement ("true"-branch) IfStmt ifStmt = (IfStmt)unit; Stmt targetStmt = ifStmt.getTarget(); if(!branchTargetStmt.contains(targetStmt.toString())) { branchTargetStmt.add(sieThenUnit.toString()); body.getUnits().insertBefore(sieThenUnit, targetStmt); NopStmt nop = Jimple.v().newNopStmt(); GotoStmt gotoNop = Jimple.v().newGotoStmt(nop); body.getUnits().insertBeforeNoRedirect(nop, targetStmt); body.getUnits().insertBeforeNoRedirect(gotoNop, sieThenUnit); } //treatment of "else"-branch body.getUnits().insertAfter(sieElseUnit, unit); }
public void caseGotoStmt(GotoStmt stmt) { Unit target = stmt.getTarget(); vtp.suggestVariableName("target"); String targetName = vtp.getLastAssignedVarName(); p.println("Unit "+targetName+"=" + nameOfJumpTarget(target) + ";"); printStmt(stmt,targetName); }
@Override protected void internalTransform(Body body, String phaseName, Map<String, String> options) { Iterator<Unit> it = body.getUnits().snapshotIterator(); while (it.hasNext()) { Unit u = it.next(); if (u instanceof GotoStmt) { GotoStmt gtStmt = (GotoStmt) u; if (gtStmt.getTarget() instanceof AssignStmt) { AssignStmt assign = (AssignStmt) gtStmt.getTarget(); if (assign.getRightOp() instanceof CastExpr) { CastExpr ce = (CastExpr) assign.getRightOp(); // We have goto that ends up at a cast statement Unit nextStmt = body.getUnits().getSuccOf(assign); if (nextStmt instanceof ReturnStmt) { ReturnStmt retStmt = (ReturnStmt) nextStmt; if (retStmt.getOp() == assign.getLeftOp()) { // We need to replace the GOTO with the return ReturnStmt newStmt = (ReturnStmt) retStmt.clone(); newStmt.setOp(ce.getOp()); for (Trap t : body.getTraps()) for (UnitBox ubox : t.getUnitBoxes()) if (ubox.getUnit() == gtStmt) ubox.setUnit(newStmt); while (!gtStmt.getBoxesPointingToThis().isEmpty()) gtStmt.getBoxesPointingToThis().get(0).setUnit(newStmt); body.getUnits().swapWith(gtStmt, newStmt); } } } } } } }
@Override public void caseGotoStmt(GotoStmt arg0) { injectLabelStatements(arg0); String labelName = GlobalsCache.v().getUnitLabel( (Stmt) arg0.getTarget()); this.boogieStatements.add(this.pf.mkGotoStatement(labelName)); // if (labelName.contains("block324")) throw new // RuntimeException("there it is!"); }
public static boolean isBranch(Unit u){ if(u instanceof IfStmt || u instanceof GotoStmt || u instanceof SwitchStmt || u instanceof ThrowStmt || u instanceof ReturnStmt || u instanceof ReturnVoidStmt) return true; return false; }
private Unit seekTarget(Unit u) { int count = 10; Unit target = u; while(count-- > 0 && target != null && target instanceof GotoStmt) { target = ((GotoStmt) target).getTarget(); } return target; }
@Override public void caseGotoStmt(GotoStmt stmt) { throw new RuntimeException("todo"); }
public void caseGotoStmt(GotoStmt stmt) { }
@Override public void caseGotoStmt(GotoStmt stmt) { Stmt target = (Stmt) stmt.getTarget(); addInsn(buildGotoInsn(target), stmt); }
private boolean isInstanceofFlowChange(Unit u) { if (u instanceof GotoStmt || isInstanceofReturn(u)) return true; return false; }
private GotoStmt gotoStatement() { GotoStmt go = Jimple.v().newGotoStmt(targetInstruction.getUnit()); setUnit(go); addTags(go); return go; }
@Override public void caseGotoStmt(GotoStmt s) { }
private boolean isJumpStmt(Stmt st) { return ( st instanceof ThrowStmt || st instanceof GotoStmt || st instanceof ReturnStmt); }
@Override public void run(SpyResult result, AppDescription app) { Scene scene = Scene.v(); int count = 0; Iterator<SootClass> classes = scene.getApplicationClasses().iterator(); while(classes.hasNext()) { SootClass clazz = classes.next(); for (SootMethod method : clazz.getMethods()) { if(!method.hasActiveBody()) continue; Body body = method.getActiveBody(); Chain<Unit> code = body.getUnits(); Iterator<Trap> traps = body.getTraps().iterator(); while(traps.hasNext()) { boolean bogus = false; Trap trap = traps.next(); Unit lastOfCatch = trap.getEndUnit(); // System.err.println("Last of catch " + lastOfCatch); Unit firstHandler = trap.getHandlerUnit(); // System.err.println("First of handler " + firstHandler); Unit nextHandler = code.getSuccOf(firstHandler); // System.err.println("Next handler " + nextHandler); if (nextHandler == null) continue; Unit handlerTarget = seekTarget(nextHandler); if (handlerTarget == null) continue; // System.err.println("handler goto " + handlerTarget + handlerTarget.getClass()); if (handlerTarget instanceof ReturnVoidStmt) { bogus = true; } else if (lastOfCatch instanceof GotoStmt) { bogus = handlerTarget.equals(seekTarget(lastOfCatch)); } else { if (!lastOfCatch.fallsThrough()) continue; Unit targetCatch = code.getSuccOf(lastOfCatch); if (targetCatch == null) continue; // This had to be a return. // System.err.println("Target 1" + targetCatch); if (handlerTarget.equals(targetCatch)) bogus = true; if (targetCatch.fallsThrough() && !targetCatch.branches()) { targetCatch = code.getSuccOf(targetCatch); // System.err.println("Target 2" + targetCatch); if (handlerTarget.equals(targetCatch)) bogus = true; } } // System.err.println(bogus); if (bogus) { BytecodeOffsetTag tag = (BytecodeOffsetTag) firstHandler.getTag("BytecodeOffsetTag"); int offset = (tag == null) ? -1 : tag.getBytecodeOffset(); result.setCustomResult(listItem("android.empty.exception.class",count),clazz.getName()); result.setCustomResult(listItem("android.empty.exception.method",count),method.getSubSignature()); result.setCustomResult(listItem("android.empty.exception.pos",count),offset); count++; } } result.setCustomResult("android.empty.exception.error", count > 0); result.setCustomResult("android.empty.exception.count", count); } } }
@Override public void caseGotoStmt(GotoStmt stmt) { }
@Override public void caseGotoStmt(GotoStmt stmt) { logger.fine("\n > > > Goto statement identified < < <"); valueSwitch.callingStmt = stmt; logger.fine("GOTO: " + stmt.toString()); }
@Override public void caseGotoStmt(GotoStmt stmt) { logger.fine("\n > > > Goto statement identified < < <"); logger.fine("GOTO: " + stmt.toString()); }
/** * DOC * * @see soot.jimple.StmtSwitch#caseGotoStmt(soot.jimple.GotoStmt) */ @Override public void caseGotoStmt(GotoStmt stmt) { }
/** * Method, which should process the given statement of type {@link GotoStmt} * . In this case, there is no reason to check the statement in more detail. * Because of that nothing will be done for a goto statement. * * @param stmt * Statement that should be processed to check for security * violations. * @see soot.jimple.StmtSwitch#caseGotoStmt(soot.jimple.GotoStmt) */ @Override public void caseGotoStmt(GotoStmt stmt) { // Nothing to do in case of a goto stmt }