wuyongzheng/soot-error

## soot-error
$ git log -1
commit 6ec014ac4b72e309c561f01726c2c7c8e39284be
Author: Steven Arzt <Steven.Arzt@cased.de>
Date:   Thu May 15 11:39:04 2014 +0200

    Fixed some previously horribly hacky code for parsing annotations. Now it also works with malware samples that do not provide a full InnerClass annotation


$ git diff
diff --git a/src/soot/Scene.java b/src/soot/Scene.java
index 0a74412..ba4c3a7 100644
--- a/src/soot/Scene.java
+++ b/src/soot/Scene.java
@@ -283,6 +283,9 @@ public class Scene  //extends AbstractHost
     }

 	public String getAndroidJarPath(String jars, String apk) {
+		if (apk.endsWith(".dex"))
+			return jars + File.separator + "android-" + 15 + File.separator + "android.jar";
+
 		File jarsF = new File(jars);
 		File apkF = new File(apk);

@@ -464,11 +467,13 @@ public class Scene  //extends AbstractHost
 					for (String entry : classPathEntries) {
 						if(entry.toLowerCase().endsWith(".apk"))	// on Windows, file names are case-insensitive
 							targetApks.add(entry);
+						else if (entry.toLowerCase().endsWith(".dex"))
+							targetApks.add(entry);
 					}
 					if (targetApks.size() == 0)
 						throw new RuntimeException("no apk file given");
-					else if (targetApks.size() > 1)
-						throw new RuntimeException("only one Android application can be analyzed when using option -android-jars.");
+					//else if (targetApks.size() > 1)
+					//	throw new RuntimeException("only one Android application can be analyzed when using option -android-jars.");
 					jarPath = getAndroidJarPath (androidJars, (String)targetApks.toArray()[0]);
 				}
 				if (jarPath.equals(""))
diff --git a/src/soot/SourceLocator.java b/src/soot/SourceLocator.java
index 5ca79e6..6fffc65 100644
--- a/src/soot/SourceLocator.java
+++ b/src/soot/SourceLocator.java
@@ -165,7 +165,7 @@ public class SourceLocator
     private boolean isArchive(String path) {
         File f = new File(path);
         if (f.isFile() && f.canRead()) {
-            if (path.endsWith(".zip") || path.endsWith(".jar") || path.endsWith(".apk")) {
+            if (path.endsWith(".zip") || path.endsWith(".jar") || path.endsWith(".apk") || path.endsWith(".dex")) {
                 return true;
             } else {
             G.v().out.println("Warning: the following soot-classpath entry is not a supported archive file (must be .zip, .jar or .apk): " + path);
@@ -177,7 +177,7 @@ public class SourceLocator
 	public List<String> getClassesUnder(String aPath) {
 		List<String> classes = new ArrayList<String>();

-		if (isArchive(aPath)) {
+		if (isArchive(aPath) && !aPath.endsWith(".dex")) {
 			List<String> inputExtensions = new ArrayList<String>(3);
 			inputExtensions.add(".class");
 			inputExtensions.add(".jimple");
@@ -495,6 +495,8 @@ public class SourceLocator
         return null;
     }
     private FoundFile lookupInArchive(String archivePath, String fileName) {
+		if (archivePath.endsWith(".dex"))
+			return null;
         try {
             ZipFile archive = new ZipFile(archivePath);
             ZipEntry entry = archive.getEntry(fileName);


$ java -cp classes:libs/baksmali-1.3.2.jar:libs/baksmali-2.0b5.jar:libs/guava-17.0.jar soot.Main -cp x -src-prec apk -f dava -android-jars ~/install/android-sdk-linux/platforms -process-dir x/core.dex
Soot started on Fri May 16 13:51:54 SGT 2014
Using '/home/yz/install/android-sdk-linux/platforms/android-15/android.jar' as android.jar
array element type (narr range): int
array element type (narr range): int
array element type: (filled narr)int
second round from stmt: $u2 = $u5[$u0]
array element type: (filled narr)int
array element type (narr range): int
second round from stmt: $u1#3 = $u1#2[$u2#8]
array element type: (filled narr)int
array element type: (filled narr)int

Decompiling org.apache.harmony.xml.dom.DOMConfigurationImpl$Parameter...
Decompiling org.apache.harmony.security.x509.PolicyQualifierInfo...
Decompiling com.android.dex.EncodedValue...
Decompiling dalvik.system.profiler.BinaryHprofReader...
Decompiling org.apache.harmony.xml.ExpatParser$ExpatLocator...
Setting declaring class of methodint <init>(org.apache.harmony.xml.ExpatParser,DavaSuperHandler)
Decompiling com.android.dex.EncodedValueCodec...
Decompiling libcore.io.StructStat...
Decompiling org.apache.harmony.security.pkcs10.CertificationRequest...
Decompiling com.android.dex.ClassDef...
Decompiling org.xmlpull.v1.sax2.Driver...
Exception in thread "main" java.lang.NullPointerException
	at soot.dava.toolkits.base.finders.LabeledBlockFinder.perform_ChildOrder(LabeledBlockFinder.java:94)
	at soot.dava.internal.SET.SETNode.find_LabeledBlocks(SETNode.java:215)
	at soot.dava.internal.SET.SETNode.find_LabeledBlocks(SETNode.java:212)
	at soot.dava.toolkits.base.finders.LabeledBlockFinder.find(LabeledBlockFinder.java:44)
	at soot.dava.DavaBody.<init>(DavaBody.java:329)
	at soot.dava.Dava.newBody(Dava.java:84)
	at soot.PackManager.runBodyPacks(PackManager.java:932)
	at soot.PackManager.runBodyPacks(PackManager.java:584)
	at soot.PackManager.runBodyPacks(PackManager.java:487)
	at soot.PackManager.runPacksNormally(PackManager.java:464)
	at soot.PackManager.runPacks(PackManager.java:388)
	at soot.Main.run(Main.java:203)
	at soot.Main.main(Main.java:146)
	$ git log -1
	commit 6ec014ac4b72e309c561f01726c2c7c8e39284be
	Author: Steven Arzt <Steven.Arzt@cased.de>
	Date: Thu May 15 11:39:04 2014 +0200

	Fixed some previously horribly hacky code for parsing annotations. Now it also works with malware samples that do not provide a full InnerClass annotation


	$ git diff
	diff --git a/src/soot/Scene.java b/src/soot/Scene.java
	index 0a74412..ba4c3a7 100644
	--- a/src/soot/Scene.java
	+++ b/src/soot/Scene.java
	@@ -283,6 +283,9 @@ public class Scene //extends AbstractHost
	}

	public String getAndroidJarPath(String jars, String apk) {
	+ if (apk.endsWith(".dex"))
	+ return jars + File.separator + "android-" + 15 + File.separator + "android.jar";
	+
	File jarsF = new File(jars);
	File apkF = new File(apk);

	@@ -464,11 +467,13 @@ public class Scene //extends AbstractHost
	for (String entry : classPathEntries) {
	if(entry.toLowerCase().endsWith(".apk")) // on Windows, file names are case-insensitive
	targetApks.add(entry);
	+ else if (entry.toLowerCase().endsWith(".dex"))
	+ targetApks.add(entry);
	}
	if (targetApks.size() == 0)
	throw new RuntimeException("no apk file given");
	- else if (targetApks.size() > 1)
	- throw new RuntimeException("only one Android application can be analyzed when using option -android-jars.");
	+ //else if (targetApks.size() > 1)
	+ // throw new RuntimeException("only one Android application can be analyzed when using option -android-jars.");
	jarPath = getAndroidJarPath (androidJars, (String)targetApks.toArray()[0]);
	}
	if (jarPath.equals(""))
	diff --git a/src/soot/SourceLocator.java b/src/soot/SourceLocator.java
	index 5ca79e6..6fffc65 100644
	--- a/src/soot/SourceLocator.java
	+++ b/src/soot/SourceLocator.java
	@@ -165,7 +165,7 @@ public class SourceLocator
	private boolean isArchive(String path) {
	File f = new File(path);
	if (f.isFile() && f.canRead()) {
	- if (path.endsWith(".zip") \|\| path.endsWith(".jar") \|\| path.endsWith(".apk")) {
	+ if (path.endsWith(".zip") \|\| path.endsWith(".jar") \|\| path.endsWith(".apk") \|\| path.endsWith(".dex")) {
	return true;
	} else {
	G.v().out.println("Warning: the following soot-classpath entry is not a supported archive file (must be .zip, .jar or .apk): " + path);
	@@ -177,7 +177,7 @@ public class SourceLocator
	public List<String> getClassesUnder(String aPath) {
	List<String> classes = new ArrayList<String>();

	- if (isArchive(aPath)) {
	+ if (isArchive(aPath) && !aPath.endsWith(".dex")) {
	List<String> inputExtensions = new ArrayList<String>(3);
	inputExtensions.add(".class");
	inputExtensions.add(".jimple");
	@@ -495,6 +495,8 @@ public class SourceLocator
	return null;
	}
	private FoundFile lookupInArchive(String archivePath, String fileName) {
	+ if (archivePath.endsWith(".dex"))
	+ return null;
	try {
	ZipFile archive = new ZipFile(archivePath);
	ZipEntry entry = archive.getEntry(fileName);


	$ java -cp classes:libs/baksmali-1.3.2.jar:libs/baksmali-2.0b5.jar:libs/guava-17.0.jar soot.Main -cp x -src-prec apk -f dava -android-jars ~/install/android-sdk-linux/platforms -process-dir x/core.dex
	Soot started on Fri May 16 13:51:54 SGT 2014
	Using '/home/yz/install/android-sdk-linux/platforms/android-15/android.jar' as android.jar
	array element type (narr range): int
	array element type (narr range): int
	array element type: (filled narr)int
	second round from stmt: $u2 = $u5[$u0]
	array element type: (filled narr)int
	array element type (narr range): int
	second round from stmt: $u1#3 = $u1#2[$u2#8]
	array element type: (filled narr)int
	array element type: (filled narr)int

	Decompiling org.apache.harmony.xml.dom.DOMConfigurationImpl$Parameter...
	Decompiling org.apache.harmony.security.x509.PolicyQualifierInfo...
	Decompiling com.android.dex.EncodedValue...
	Decompiling dalvik.system.profiler.BinaryHprofReader...
	Decompiling org.apache.harmony.xml.ExpatParser$ExpatLocator...
	Setting declaring class of methodint <init>(org.apache.harmony.xml.ExpatParser,DavaSuperHandler)
	Decompiling com.android.dex.EncodedValueCodec...
	Decompiling libcore.io.StructStat...
	Decompiling org.apache.harmony.security.pkcs10.CertificationRequest...
	Decompiling com.android.dex.ClassDef...
	Decompiling org.xmlpull.v1.sax2.Driver...
	Exception in thread "main" java.lang.NullPointerException
	at soot.dava.toolkits.base.finders.LabeledBlockFinder.perform_ChildOrder(LabeledBlockFinder.java:94)
	at soot.dava.internal.SET.SETNode.find_LabeledBlocks(SETNode.java:215)
	at soot.dava.internal.SET.SETNode.find_LabeledBlocks(SETNode.java:212)
	at soot.dava.toolkits.base.finders.LabeledBlockFinder.find(LabeledBlockFinder.java:44)
	at soot.dava.DavaBody.<init>(DavaBody.java:329)
	at soot.dava.Dava.newBody(Dava.java:84)
	at soot.PackManager.runBodyPacks(PackManager.java:932)
	at soot.PackManager.runBodyPacks(PackManager.java:584)
	at soot.PackManager.runBodyPacks(PackManager.java:487)
	at soot.PackManager.runPacksNormally(PackManager.java:464)
	at soot.PackManager.runPacks(PackManager.java:388)
	at soot.Main.run(Main.java:203)
	at soot.Main.main(Main.java:146)