soot.jimple.NewArrayExpr Java Examples

The following examples show how to use soot.jimple.NewArrayExpr. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: FuzzDroid   Author: srasthofer   File: UtilInstrumenter.java    License: Apache License 2.0 6 votes vote down vote up
public static Pair<Value, List<Unit>> generateParameterArray(List<Value> parameterList, Body body){
	List<Unit> generated = new ArrayList<Unit>();
	
	NewArrayExpr arrayExpr = Jimple.v().newNewArrayExpr(RefType.v("java.lang.Object"), IntConstant.v(parameterList.size()));
	
	Value newArrayLocal = generateFreshLocal(body, getParameterArrayType());
	Unit newAssignStmt = Jimple.v().newAssignStmt(newArrayLocal, arrayExpr);
	generated.add(newAssignStmt);
	
	for(int i = 0; i < parameterList.size(); i++){
		Value index = IntConstant.v(i);
		ArrayRef leftSide = Jimple.v().newArrayRef(newArrayLocal, index);
		Value rightSide = generateCorrectObject(body, parameterList.get(i), generated);
		
		Unit parameterInArray = Jimple.v().newAssignStmt(leftSide, rightSide);
		generated.add(parameterInArray);
	}
	
	return new Pair<Value, List<Unit>>(newArrayLocal, generated);
}
 
Example #2
Source Project: JAADAS   Author: flankerhqd   File: BaseEntryPointCreator.java    License: GNU General Public License v3.0 6 votes vote down vote up
/**
 * Constructs an array of the given type with a single element of this type
 * in the given method
 * @param body The body of the method in which to create the array
 * @param gen The local generator
 * @param tp The type of which to create the array
 * @param constructionStack Set of classes currently being built to avoid
 * constructor loops
 * @param parentClasses If a requested type is compatible with one of the
 * types in this list, the already-created object is used instead of
 * creating a new one.
 * @return The local referencing the newly created array, or null if the
 * array generation failed
 */
private Value buildArrayOfType(Body body, LocalGenerator gen, ArrayType tp,
		Set<SootClass> constructionStack, Set<SootClass> parentClasses) {
	Local local = gen.generateLocal(tp);

	// Generate a new single-element array
	NewArrayExpr newArrayExpr = Jimple.v().newNewArrayExpr(tp.getElementType(),
			IntConstant.v(1));
	AssignStmt assignArray = Jimple.v().newAssignStmt(local, newArrayExpr);
	body.getUnits().add(assignArray);
	
	// Generate a single element in the array
	AssignStmt assign = Jimple.v().newAssignStmt
			(Jimple.v().newArrayRef(local, IntConstant.v(0)),
			getValueForType(body, gen, tp.getElementType(), constructionStack, parentClasses));
	body.getUnits().add(assign);
	return local;
}
 
Example #3
Source Project: JAADAS   Author: flankerhqd   File: ValueTemplatePrinter.java    License: GNU General Public License v3.0 6 votes vote down vote up
public void caseNewArrayExpr(NewArrayExpr v) {
	String oldName = varName;
	
	Value size = v.getSize();
	suggestVariableName("size");
	String sizeName = varName;
	size.apply(this);

	suggestVariableName("type");
	String lhsName = varName;
	ttp.setVariableName(varName);
	v.getType().apply(ttp);
	
	p.println("Value "+oldName+" = Jimple.v().newNewArrayExpr("+lhsName+", "+sizeName+");");
	varName = oldName;
}
 
Example #4
Source Project: JAADAS   Author: flankerhqd   File: DexNullTransformer.java    License: GNU General Public License v3.0 6 votes vote down vote up
private boolean isObjectArray(Value v, Body body) {
	for (Unit u : body.getUnits()) {
		if (u instanceof AssignStmt) {
			AssignStmt assign = (AssignStmt) u;
			if (assign.getLeftOp() == v) {
				if (assign.getRightOp() instanceof NewArrayExpr) {
					NewArrayExpr nea = (NewArrayExpr) assign.getRightOp();
					if (isObject(nea.getBaseType()))
						return true;
				}
				else if (assign.getRightOp() instanceof FieldRef) {
					FieldRef fr = (FieldRef) assign.getRightOp();
					if (fr.getType() instanceof ArrayType)
						if (isObject(((ArrayType) fr.getType())
								.getArrayElementType()))
							return true;
				}
			}
		}
	}
	return false;
}
 
Example #5
Source Project: JAADAS   Author: flankerhqd   File: DavaBody.java    License: GNU General Public License v3.0 6 votes vote down vote up
private void javafy_expr(ValueBox vb) {
	Expr e = (Expr) vb.getValue();

	if (e instanceof BinopExpr)
		javafy_binop_expr(vb);
	else if (e instanceof UnopExpr)
		javafy_unop_expr(vb);
	else if (e instanceof CastExpr)
		javafy_cast_expr(vb);
	else if (e instanceof NewArrayExpr)
		javafy_newarray_expr(vb);
	else if (e instanceof NewMultiArrayExpr)
		javafy_newmultiarray_expr(vb);
	else if (e instanceof InstanceOfExpr)
		javafy_instanceof_expr(vb);
	else if (e instanceof InvokeExpr)
		javafy_invoke_expr(vb);
	else if (e instanceof NewExpr)
		javafy_new_expr(vb);
}
 
Example #6
Source Project: DroidForce   Author: secure-software-engineering   File: PolicyEnforcementPoint.java    License: GNU Lesser General Public License v2.1 6 votes vote down vote up
/**
 * 
 * @param parameter
 * @param body
 * @return
 */
private Pair<Value, List<Unit>> generateParameterArray(List<Value> parameter, Body body){
	List<Unit> generated = new ArrayList<Unit>();
	
	NewArrayExpr arrayExpr = Jimple.v().newNewArrayExpr(RefType.v("java.lang.Object"), IntConstant.v(parameter.size()));
	
	Value newArrayLocal = generateFreshLocal(body, getParameterArrayType());
	Unit newAssignStmt = Jimple.v().newAssignStmt(newArrayLocal, arrayExpr);
	generated.add(newAssignStmt);
	
	for(int i = 0; i < parameter.size(); i++){
		Value index = IntConstant.v(i);
		ArrayRef leftSide = Jimple.v().newArrayRef(newArrayLocal, index);
		Value rightSide = generateCorrectObject(body, parameter.get(i), generated);
		
		Unit parameterInArray = Jimple.v().newAssignStmt(leftSide, rightSide);
		generated.add(parameterInArray);
	}
	
	return new Pair<Value, List<Unit>>(newArrayLocal, generated);
}
 
Example #7
Source Project: vasco   Author: rohanpadhye   File: PointsToAnalysis.java    License: GNU Lesser General Public License v2.1 6 votes vote down vote up
/**
 * Returns a points-to graph with the locals of main initialised to
 * <tt>null</tt>, except the command-line arguments which are
 * initialised to an array of strings.
 */
@Override
public PointsToGraph boundaryValue(SootMethod entryPoint) {
	// For now we only support entry to the main method
	assert(entryPoint == Scene.v().getMainMethod());
	
	// Ok, start setting up entry value
	PointsToGraph entryValue = new PointsToGraph();		

	// Locals of main... (only reference types)
	SootMethod mainMethod = Scene.v().getMainMethod();
	for (Local local : mainMethod.getActiveBody().getLocals()) {
		if (local.getType() instanceof RefLikeType) {
			entryValue.assign(local, null);
		}
	}		
	
	// Command-line arguments to main...
	Local argsLocal = mainMethod.getActiveBody().getParameterLocal(0);
	NewArrayExpr argsExpr = new JNewArrayExpr(Scene.v().getRefType("java.lang.String"), IntConstant.v(0));
	entryValue.assignNew(argsLocal, argsExpr);
	entryValue.setFieldConstant(argsLocal, PointsToGraph.ARRAY_FIELD, PointsToGraph.STRING_CONST);
	

	return entryValue;
}
 
Example #8
Source Project: JAADAS   Author: flankerhqd   File: NullnessAnalysis.java    License: GNU General Public License v3.0 5 votes vote down vote up
private void handleRefTypeAssignment(DefinitionStmt assignStmt, AnalysisInfo out) {
	Value left = assignStmt.getLeftOp();
	Value right = assignStmt.getRightOp();
	
	//unbox casted value
	if(right instanceof JCastExpr) {
		JCastExpr castExpr = (JCastExpr) right;
		right = castExpr.getOp();
	}
	
	//if we have a definition (assignment) statement to a ref-like type, handle it,
	if ( isAlwaysNonNull(right)
	|| right instanceof NewExpr || right instanceof NewArrayExpr
	|| right instanceof NewMultiArrayExpr || right instanceof ThisRef
	|| right instanceof StringConstant || right instanceof ClassConstant
	|| right instanceof CaughtExceptionRef) {
		//if we assign new... or @this, the result is non-null
		out.put(left,NON_NULL);
	} else if(right==NullConstant.v()) {
		//if we assign null, well, it's null
		out.put(left, NULL);
	} else if(left instanceof Local && right instanceof Local) {
		out.put(left, out.get(right));
	} else {
		out.put(left, TOP);
	}
}
 
Example #9
Source Project: JAADAS   Author: flankerhqd   File: ExprVisitor.java    License: GNU General Public License v3.0 5 votes vote down vote up
@Override
public void caseNewArrayExpr(NewArrayExpr nae) {
	Value size = nae.getSize();
	constantV.setOrigStmt(origStmt);
	Register sizeReg = regAlloc.asImmediate(size, constantV);
	ArrayType arrayType = nae.getBaseType().getArrayType();
	BuilderReference arrayTypeItem = DexPrinter.toTypeReference
			(arrayType, stmtV.getBelongingFile());
       stmtV.addInsn(new Insn22c(Opcode.NEW_ARRAY, destinationReg, sizeReg, arrayTypeItem), origStmt);
}
 
Example #10
Source Project: JAADAS   Author: flankerhqd   File: NewArrayInstruction.java    License: GNU General Public License v3.0 5 votes vote down vote up
public void jimplify (DexBody body) {

        if(!(instruction instanceof Instruction22c))
            throw new IllegalArgumentException("Expected Instruction22c but got: "+instruction.getClass());

        Instruction22c newArray = (Instruction22c)instruction;
        int dest = newArray.getRegisterA();

        Value size = body.getRegisterLocal(newArray.getRegisterB());

        Type t = DexType.toSoot((TypeReference) newArray.getReference());
        // NewArrayExpr needs the ElementType as it increases the array dimension by 1
        Type arrayType = ((ArrayType) t).getElementType();
        Debug.printDbg("new array element type: ", arrayType);
        
        NewArrayExpr newArrayExpr = Jimple.v().newNewArrayExpr(arrayType, size);

        Local l = body.getRegisterLocal(dest);
        assign = Jimple.v().newAssignStmt(l, newArrayExpr);

        setUnit(assign);
        addTags(assign);
        body.add(assign);

		if (IDalvikTyper.ENABLE_DVKTYPER) {
			Debug.printDbg(IDalvikTyper.DEBUG, "constraint: "+ assign);
          int op = (int)instruction.getOpcode().value;
          DalvikTyper.v().setType(newArrayExpr.getSizeBox(), IntType.v(), true);
          DalvikTyper.v().setType(assign.getLeftOpBox(), newArrayExpr.getType(), false);
        }
    }
 
Example #11
Source Project: JAADAS   Author: flankerhqd   File: UnitThrowAnalysis.java    License: GNU General Public License v3.0 5 votes vote down vote up
public void caseNewArrayExpr(NewArrayExpr expr) {
    if (expr.getBaseType() instanceof RefLikeType) {
	result = result.add(mgr.RESOLVE_CLASS_ERRORS);
    }
    Value count = expr.getSize();
    if ((! (count instanceof IntConstant)) ||
	(((IntConstant) count).lessThan(INT_CONSTANT_ZERO)
	                      .equals(INT_CONSTANT_ZERO))) {
	result = result.add(mgr.NEGATIVE_ARRAY_SIZE_EXCEPTION);
    }
    result = result.add(mightThrow(count));
}
 
Example #12
Source Project: FuzzDroid   Author: srasthofer   File: JimpleExprVisitorImpl.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public void caseNewArrayExpr(NewArrayExpr v) {
	throw new RuntimeException("todo");
	
}
 
Example #13
Source Project: JAADAS   Author: flankerhqd   File: FilledNewArrayRangeInstruction.java    License: GNU General Public License v3.0 4 votes vote down vote up
public void jimplify (DexBody body) {
        if(!(instruction instanceof Instruction3rc))
            throw new IllegalArgumentException("Expected Instruction3rc but got: "+instruction.getClass());

        Instruction3rc filledNewArrayInstr = (Instruction3rc)instruction;

//        NopStmt nopStmtBeginning = Jimple.v().newNopStmt();
//        body.add(nopStmtBeginning);

        int usedRegister = filledNewArrayInstr.getRegisterCount();
        Type t = DexType.toSoot((TypeReference) filledNewArrayInstr.getReference());
        // NewArrayExpr needs the ElementType as it increases the array dimension by 1
        Type arrayType = ((ArrayType) t).getElementType();
System.out.println("array element type (narr range): "+ arrayType);
        NewArrayExpr arrayExpr = Jimple.v().newNewArrayExpr(arrayType, IntConstant.v(usedRegister));
        arrayLocal = body.getStoreResultLocal();
        AssignStmt assignStmt = Jimple.v().newAssignStmt(arrayLocal, arrayExpr);
        body.add (assignStmt);

        for (int i = 0; i < usedRegister; i++) {
            ArrayRef arrayRef = Jimple.v().newArrayRef(arrayLocal, IntConstant.v(i));

            AssignStmt assign = Jimple.v().newAssignStmt(arrayRef, body.getRegisterLocal(i + filledNewArrayInstr.getStartRegister()));
            addTags(assign);
            body.add(assign);
        }
//        NopStmt nopStmtEnd = Jimple.v().newNopStmt();
//        body.add(nopStmtEnd);

//        defineBlock(nopStmtBeginning,nopStmtEnd);
        setUnit (assignStmt);

//        body.setDanglingInstruction(this);
        
        if (IDalvikTyper.ENABLE_DVKTYPER) {
            Debug.printDbg(IDalvikTyper.DEBUG, "constraint: "+ assignStmt);
          int op = (int)instruction.getOpcode().value;
          DalvikTyper.v().setType(assignStmt.getLeftOpBox(), arrayExpr.getType(), false);
          //DalvikTyper.v().addConstraint(assignStmt.getLeftOpBox(), assignStmt.getRightOpBox());
        }

    }
 
Example #14
Source Project: JAADAS   Author: flankerhqd   File: DavaBody.java    License: GNU General Public License v3.0 4 votes vote down vote up
private void javafy_newarray_expr(ValueBox vb) {
	NewArrayExpr nae = (NewArrayExpr) vb.getValue();
	javafy(nae.getSizeBox());
	vb.setValue(new DNewArrayExpr(nae.getBaseType(), nae.getSize()));
}
 
Example #15
Source Project: JAADAS   Author: flankerhqd   File: AsmMethodSource.java    License: GNU General Public License v3.0 4 votes vote down vote up
private void convertIntInsn(IntInsnNode insn) {
	int op = insn.getOpcode();
	StackFrame frame = getFrame(insn);
	Operand[] out = frame.out();
	Operand opr;
	if (out == null) {
		Value v;
		if (op == BIPUSH || op == SIPUSH) {
			v = IntConstant.v(insn.operand);
		} else {
			Type type;
			switch (insn.operand) {
			case T_BOOLEAN:
				type = BooleanType.v();
				break;
			case T_CHAR:
				type = CharType.v();
				break;
			case T_FLOAT:
				type = FloatType.v();
				break;
			case T_DOUBLE:
				type = DoubleType.v();
				break;
			case T_BYTE:
				type = ByteType.v();
				break;
			case T_SHORT:
				type = ShortType.v();
				break;
			case T_INT:
				type = IntType.v();
				break;
			case T_LONG:
				type = LongType.v();
				break;
			default:
				throw new AssertionError("Unknown NEWARRAY type!");
			}
			Operand size = popImmediate();
			NewArrayExpr anew = Jimple.v().newNewArrayExpr(type, size.stackOrValue());
			size.addBox(anew.getSizeBox());
			frame.in(size);
			frame.boxes(anew.getSizeBox());
			v = anew;
		}
		opr = new Operand(insn, v);
		frame.out(opr);
	} else {
		opr = out[0];
		if (op == NEWARRAY)
			frame.mergeIn(pop());
	}
	push(opr);
}
 
Example #16
Source Project: vasco   Author: rohanpadhye   File: PointsToAnalysis.java    License: GNU Lesser General Public License v2.1 4 votes vote down vote up
/**
 * Computes the targets of an invoke expression using a given points-to graph.
 * 
 * <p>For static invocations, there is only target. For instance method
 * invocations, the targets depend on the type of receiver objects pointed-to
 * by the instance variable whose method is being invoked.</p>
 * 
 * <p>If the instance variable points to a summary node, then the returned
 * value is <tt>null</tt> signifying a <em>default</em> call-site.</p>
 */
private Set<SootMethod> getTargets(SootMethod callerMethod, Stmt callStmt, InvokeExpr ie, PointsToGraph ptg) {
	Set<SootMethod> targets = new HashSet<SootMethod>();
	SootMethod invokedMethod = ie.getMethod();
	String subsignature = invokedMethod.getSubSignature();
	
	// Static and special invocations refer to the target method directly
	if (ie instanceof StaticInvokeExpr || ie instanceof SpecialInvokeExpr) {
		targets.add(invokedMethod);
		return targets;
	} else {
		assert (ie instanceof InterfaceInvokeExpr || ie instanceof VirtualInvokeExpr);
		// Get the receiver
		Local receiver = (Local) ((InstanceInvokeExpr) ie).getBase();
		// Get what objects the receiver points-to
		Set<AnyNewExpr> heapNodes = ptg.getTargets(receiver);
		if (heapNodes != null) {
			// For each object, find the invoked method for the declared type
			for (AnyNewExpr heapNode : heapNodes) {
				if (heapNode == PointsToGraph.SUMMARY_NODE) {						
					// If even one pointee is a summary node, then this is a default site
					return null;
				} else if (heapNode instanceof NewArrayExpr) {
					// Probably getClass() or something like that on an array
					return null;
				}
				// Find the top-most class that declares a method with the given
				// signature and add it to the resulting targets
				SootClass sootClass = ((RefType) heapNode.getType()).getSootClass();
				do {
					if (sootClass.declaresMethod(subsignature)) {
						targets.add(sootClass.getMethod(subsignature));
						break;
					} else if (sootClass.hasSuperclass()) {
						sootClass = sootClass.getSuperclass();
					} else {
						sootClass = null;
					}
				} while (sootClass != null);
			}
		}
		if (targets.isEmpty()) {
			// System.err.println("Warning! Null call at: " + callStmt+ " in " + callerMethod);
		}
		return targets;
	}
}