NullPointerException

[alexrhein]

Hi,

I started Amandroid like this:

.../Sireum$ ./sireum amandroid taintAnalysis -m 12 -p -o ../Amandroid-out/ com.acj0.formsxpressdemo.apk apps/amandroid/taintAnalysis/sourceAndSinks/TaintSourcesAndSinks.txt
Total apks: 1

Error: null
Written:../Amandroid-out/.errorlog
.../Sireum$ cat ../Amandroid-out/.errorlog
An error occured on 20150415-084659
java.lang.NullPointerException
at scala.collection.mutable.ArrayOps$ofRef$.length$extension(ArrayOps.scala:192)
at scala.collection.mutable.ArrayOps$ofRef.length(ArrayOps.scala:192)
at scala.collection.IndexedSeqOptimized$class.foreach(IndexedSeqOptimized.scala:32)
at scala.collection.mutable.ArrayOps$ofRef.foreach(ArrayOps.scala:186)
at org.sireum.util.FileUtil$.listFiles(File.scala:51)
at org.sireum.jawa.JawaCodeSource$.preLoad(JawaCodeSource.scala:60)
at org.sireum.amandroid.security.AmandroidSocket.preProcess(AmandroidSocket.scala:63)
at org.sireum.amandroid.cli.TanitAnalysis$.taintAnalyze(TaintAnalysis.scala:152)
at org.sireum.amandroid.cli.TanitAnalysis$.main(TaintAnalysis.scala:137)
at org.sireum.amandroid.cli.TanitAnalysis.main(TaintAnalysis.scala)

[fgwei]

Sorry for the inconvenience. It since the university server does not work properly.
Could you check is the Sireum/apps/Amandroid/androidlib/5.0 is there?
If not, do #30 again : P .

[alexrhein]

I tried to run #30 again, but
it failed.
Can you just give me a working setup of amandroid which does not need to
communicate with the university server any more?

--Alex

Am 04/15/2015 um 08:31 PM schrieb Fengguo Wei:

Sorry for the inconvenience. It since the university server does not work properly.
Could you check is the Sireum/apps/Amandroid/androidlib/5.0 is there?
If not, do #30 again : P .

---

Reply to this email directly or view it on GitHub:
#31 (comment)

[fgwei]

Try this:
http://amandroid.sireum.org/docs/tutorial.html#troubleshooting
number 3

[alexrhein]

I tried it, but it did not work.
I extracted the zip file and exported the path to AMANDROID_HOME.
Then I ran the analysis again:

./sireum amandroid taintAnalysis -m 12 -p -o
com.acj0.formsxpressdemo.apk
apps/amandroid/taintAnalysis/sourceAndSinks/TaintSourcesAndSinks.txt
Total apks: 1

Error: null
Written: /scratch/rhein/Sireum/../Amandroid-out/.errorlog
rhein@volpi:/scratch/rhein/Sireum$ cat
/scratch/rhein/Sireum/../Amandroid-out/.errorlogAn error occured on
20150421-164834
java.lang.NullPointerException
at
scala.collection.mutable.ArrayOps$ofRef$.length$extension(ArrayOps.scala:192)
at scala.collection.mutable.ArrayOps$ofRef.length(ArrayOps.scala:192)
at
scala.collection.IndexedSeqOptimized$class.foreach(IndexedSeqOptimized.scala:32)
at scala.collection.mutable.ArrayOps$ofRef.foreach(ArrayOps.scala:186)
at org.sireum.util.FileUtil$.listFiles(File.scala:51)
at org.sireum.jawa.JawaCodeSource$.preLoad(JawaCodeSource.scala:60)
at
org.sireum.amandroid.security.AmandroidSocket.preProcess(AmandroidSocket.scala:63)
at
org.sireum.amandroid.cli.TanitAnalysis$.taintAnalyze(TaintAnalysis.scala:152)
at org.sireum.amandroid.cli.TanitAnalysis$.main(TaintAnalysis.scala:137)
at org.sireum.amandroid.cli.TanitAnalysis.main(TaintAnalysis.scala)

--Alex

Am 04/16/2015 um 08:22 PM schrieb Fengguo Wei:

Try this:
http://amandroid.sireum.org/docs/tutorial.html#troubleshooting
number 3

---

Reply to this email directly or view it on GitHub:
#31 (comment)

[fgwei]

Are you using sireum developer version? The stable version will not work.

Is the $AMANDROID_HOME/androidlib/5.0 there?

[alexrhein]

Of course I used the stable version!
Now I downloaded the developer version and it also does not work,
probably due to undocumented dependencies on some scala version.

Please wait while Sireum is loading...

'jvm-1.7' is not a valid choice for '-target'
bad option: '-target:jvm-1.7'

Usage: scala [<script|class|object|jar> ]
or scala -help

All options to scalac (see scalac -help) are also allowed.

[Then I removed the -target:jvm-1.7]
Please wait while Sireum is loading...

./sireum:391: error: not found: value language
import language.reflectiveCalls
^
./sireum:420: error: not found: value language
import language.reflectiveCalls
^
./sireum:428: error: not found: value language
import language.reflectiveCalls
^
./sireum:1507: error: object duration is not a member of package concurrent
import scala.concurrent.duration._
^
Look, this obviously does not work. I cannot invest this much time in
debugging the setup of your tool.
Can you provide me with a working setup for Amandroid?

--Alex

Am 04/21/2015 um 07:10 PM schrieb Fengguo Wei:

Are you using sireum developer version? The stable version will not work

---

Reply to this email directly or view it on GitHub:
#31 (comment)

[fgwei]

Sorry for the long delay, we are investing a way to bypass the access to our university server, and now all the needed things are in bintry, and you can follow instructions in http://sireum.org/software.html#shortcake to setup.

[alexrhein]

There are two distributions, "stable" and "dev (weekly)".
Last time you said that stable does not work with amandroid.
Which one is good for amandroid in this case?

Am 05/07/2015 um 10:41 PM schrieb Fengguo Wei:

Sorry for the long delay, we are investing a way to bypass the access to our university server, and now all the needed things are in bintry, and you can follow instructions in http://sireum.org/software.html#shortcake to setup.

---

Reply to this email directly or view it on GitHub:
#31 (comment)

[fgwei]

I updated stable as well. So you can use stable.

[alexrhein]

I downloaded and unpacked the files.

1. When running amandroid on an apk I get the following
   FileNotFoundException. Did I configure something wrong?
2. Also, I thought that amandroid is able to analyze communication
   between apps. However, it seems that I can only specify one apk as
   parameter!?

/local/sireum/Sireum/$./sireum amandroid taintAnalysis -m 12 -p -o
./out/ com.acj0.formsxpressdemo.apk
apps/amandroid/taintAnalysis/sourceAndSinks/TaintSourcesAndSinks.txt
Total apks: 1

Error: null
Written: /local/sireum/Sireum/./out/.errorlog
/local/sireum/Sireum$ cat /local/sireum/Sireum/./out/.errorlog
An error occured on 20150508-095051
brut.androlib.err.InFileNotFoundException
at brut.androlib.ApkDecoder.decode(ApkDecoder.java:79)
at org.sireum.amandroid.decompile.AmDecoder$.decode(AmDecoder.scala:44)
at
org.sireum.amandroid.security.AmandroidSocket.loadApk(AmandroidSocket.scala:80)
at
org.sireum.amandroid.cli.TanitAnalysis$TaintTask.run(TaintAnalysis.scala:183)
at
org.sireum.amandroid.cli.TanitAnalysis$$anonfun$taintAnalyze$1.apply(TaintAnalysis.scala:159)
at
org.sireum.amandroid.cli.TanitAnalysis$$anonfun$taintAnalyze$1.apply(TaintAnalysis.scala:155)
at scala.collection.immutable.Set$Set1.foreach(Set.scala:79)
at
org.sireum.amandroid.cli.TanitAnalysis$.taintAnalyze(TaintAnalysis.scala:154)
at org.sireum.amandroid.cli.TanitAnalysis$.main(TaintAnalysis.scala:135)
at org.sireum.amandroid.cli.TanitAnalysis.main(TaintAnalysis.scala)

Am 05/08/2015 um 09:02 AM schrieb Fengguo Wei:

I updated stable as well. So you can use stable.

---

Reply to this email directly or view it on GitHub:
#31 (comment)

[fgwei]

you can try
sireum amandroid taint -k 1 -ns -to 30 -m 6 -msg CRITICAL -t DIR -o /pathofoutput /somepathforsourcedir apps/amandroid/taintAnalysis/sourceAndSinks/TaintSourcesAndSinks.txt

-t DIR will allow you run multiple apps under one folder. But Amandroid cannot find path between apps. It can find problem between components in one app.

/pathofoutput and /somepathforsourcedir you need to fill in your own.
And you error probably caused by the source apk path are not correct

[alexrhein]

That produced another error:
I tried it with an apk from the DroidBench benchmark
(https://github.com/secure-software-engineering/DroidBench/blob/iccta/apk/InterCompCommunication_startActivity1/InterCompCommunication_startActivity1.apk?raw=true).
I was actually searching for a tool for analysis of communication
between apps. I must have misinterpreted your paper there.

$ ./sireum amandroid taint -k 1 -ns -to 30 -m 6 -msg CRITICAL -o ./out
InterCompCommunication_startActivity1.apk
apps/amandroid/taintAnalysis/sourceAndSinks/TaintSourcesAndSinks.txt
Total apks: 1
[CRITICAL]Analyzing
#1:file:/local/sireum/Sireum/InterCompCommunication_startActivity1.apk

Error: Error on running:
/local/sireum/Sireum/apps/amandroid/dex2pilar/linux64/newdex2pilar
Message:
StringResult(/local/sireum/Sireum/apps/amandroid/dex2pilar/linux64/newdex2pilar:
error while loading shared libraries: libc++.so: cannot open shared
object file: No such file or directory
,127)
Written: /local/sireum/Sireum/./out/.errorlog
$ cat /local/sireum/Sireum/./out/.errorlog
An error occured on 20150508-101420
java.lang.RuntimeException: Error on running:
/local/sireum/Sireum/apps/amandroid/dex2pilar/linux64/newdex2pilar
Message:
StringResult(/local/sireum/Sireum/apps/amandroid/dex2pilar/linux64/newdex2pilar:
error while loading shared libraries: libc++.so: cannot open shared
object file: No such file or directory
,127)
at
org.sireum.amandroid.decompile.Dex2PilarConverter$.convert(Dex2PilarConverter.scala:36)
at
org.sireum.amandroid.security.AmandroidSocket.loadApk(AmandroidSocket.scala:84)
at
org.sireum.amandroid.cli.TanitAnalysis$TaintTask.run(TaintAnalysis.scala:183)
at
org.sireum.amandroid.cli.TanitAnalysis$$anonfun$taintAnalyze$1.apply(TaintAnalysis.scala:159)
at
org.sireum.amandroid.cli.TanitAnalysis$$anonfun$taintAnalyze$1.apply(TaintAnalysis.scala:155)
at scala.collection.immutable.Set$Set1.foreach(Set.scala:79)
at
org.sireum.amandroid.cli.TanitAnalysis$.taintAnalyze(TaintAnalysis.scala:154)
at org.sireum.amandroid.cli.TanitAnalysis$.main(TaintAnalysis.scala:135)
at org.sireum.amandroid.cli.TanitAnalysis.main(TaintAnalysis.scala)

Am 05/08/2015 um 10:02 AM schrieb Fengguo Wei:

you can try
sireum amandroid taint -k 1 -ns -to 30 -m 6 -msg CRITICAL -t DIR -o /pathofoutput /somepathforsourcedir apps/amandroid/taintAnalysis/sourceAndSinks/TaintSourcesAndSinks.txt

-t DIR will allow you run multiple apps under one folder. But Amandroid cannot find path between apps. It can find problem between components in one app.

And you error probably caused by the source apk path are not correct

---

Reply to this email directly or view it on GitHub:
#31 (comment)