first commit
This commit is contained in:
Jean-Marie Mineau
commit
cd1e91bb99
GPG key ID:
B66AEEDA9B645AD2
287 changed files with 86425 additions and 0 deletions
9
rasta_exp/docker/a3e/README.md
Normal file
9
rasta_exp/docker/a3e/README.md
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
# A3E
|
||||
|
||||
- [source](https://github.com/tanzirul/a3e)
|
||||
- [fork](https://github.com/imdea-software/a3e)
|
||||
- [paper](https://dl.acm.org/doi/abs/10.1145/2509136.2509549)
|
||||
- language: Ruby 2
|
||||
- dependencies: java
|
||||
- number of years without at least 1 commit since first commit: 7
|
||||
- License: BSD-3-clause
|
||||
1
rasta_exp/docker/adagio/RASTA_VERSION
Normal file
1
rasta_exp/docker/adagio/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
adagio
|
||||
7
rasta_exp/docker/adagio/README.md
Normal file
7
rasta_exp/docker/adagio/README.md
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
# Adagio
|
||||
|
||||
- [source](https://github.com/hgascon/adagio)
|
||||
- [paper](https://dl.acm.org/doi/10.1145/2517312.2517315)
|
||||
- language: Python 3.8 (could not find an exacte version that works, python3.8 is just the one that required the less tweaking)
|
||||
- number of years without at least 1 commit since first commit: 4 (2020, 2018, 2017, 2023)
|
||||
- License: GPL2
|
||||
19
rasta_exp/docker/adagio/adagio/Dockerfile
Normal file
19
rasta_exp/docker/adagio/adagio/Dockerfile
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
FROM ubuntu:20.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time
|
||||
|
||||
RUN mkdir /workspace
|
||||
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
RUN apt-get update && apt-get install -y python3.8 python3-pip python3-scipy python3-matplotlib python3-sklearn-lib
|
||||
|
||||
RUN git clone https://github.com/hgascon/adagio.git /workspace/adagio &&\
|
||||
cd /workspace/adagio && git checkout 8a2c1445df638d9c2fd2b1008a079cb092a63f0b &&\
|
||||
sed -i 's/matplotlib==3.1.1/#matplotlib==3.1.1/' /workspace/adagio/requirements.txt &&\
|
||||
sed -i 's/scikit-learn==0.21.2/#scikit-learn==0.21.2/' /workspace/adagio/requirements.txt &&\
|
||||
sed -i 's/scipy==1.3.0/#scipy==1.3.0/' /workspace/adagio/requirements.txt &&\
|
||||
pip3 install -r /workspace/adagio/requirements.txt
|
||||
|
||||
COPY run.sh /
|
||||
24
rasta_exp/docker/adagio/adagio/run.sh
Executable file
24
rasta_exp/docker/adagio/adagio/run.sh
Executable file
|
|
@ -0,0 +1,24 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
WORKDIR="/workspace/adagio"
|
||||
|
||||
cd ${WORKDIR}
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} python3 adagio.py -d /mnt/ -o /mnt -f > /mnt/stdout 2> /mnt/stderr
|
||||
98
rasta_exp/docker/adagio/test.py
Normal file
98
rasta_exp/docker/adagio/test.py
Normal file
|
|
@ -0,0 +1,98 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
import hashlib
|
||||
|
||||
from typing import Any, Type
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/workspace/adagio"
|
||||
CMD = f"python3 adagio.py -d {GUEST_MNT} -o {GUEST_MNT} -f"
|
||||
|
||||
TOOL_NAME = "adagio"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"adagio": "adagio",
|
||||
# "latest": "latest_2022", # the current master is not stable
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "adagio"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.PythonError
|
||||
] # Because androguard, but adagio doest really crash
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
apks = list(path.glob("*.apk"))
|
||||
if len(apks) != 1:
|
||||
raise RuntimeError(
|
||||
f"Expected to found exactly 1 apk in the root of {TOOL_VERSIONS} artifact folder, found {apks}"
|
||||
)
|
||||
apk = apks[0]
|
||||
path_result = path / utils.sha256_sum(apk).lower()
|
||||
return path_result.exists()
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/amandroid/RASTA_VERSION
Normal file
1
rasta_exp/docker/amandroid/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
10
rasta_exp/docker/amandroid/README.md
Normal file
10
rasta_exp/docker/amandroid/README.md
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
# Amandroid
|
||||
|
||||
- [source](https://github.com/arguslab/Argus-SAF)
|
||||
- [fork](https://github.com/ForceOfp/Argus-SAF)
|
||||
- [paper](https://dl.acm.org/doi/10.1145/3183575)
|
||||
- language: Scala/Java (Python2 for native droid, but != amandroid)
|
||||
- JVM: Java 10 ? Hard to find and looks like java 8 works
|
||||
- Build: sbt
|
||||
- number of years without at least 1 commit since first commit: 3
|
||||
- License: Apache 2.0
|
||||
33
rasta_exp/docker/amandroid/home_build/Dockerfile
Normal file
33
rasta_exp/docker/amandroid/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
FROM ubuntu:22.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time unzip wget
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git init /workspace/amandroid && \
|
||||
cd /workspace/amandroid && \
|
||||
git remote add origin https://github.com/arguslab/Argus-SAF.git && \
|
||||
git fetch --depth=1 origin v3.2.0 && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
# Avoid downloading this each time we launch a new docker
|
||||
RUN mkdir -p /workspace/.amandroid_stash && \
|
||||
cd /workspace/.amandroid_stash && \
|
||||
wget https://www.fengguow.dev/resources/amandroid.zip && \
|
||||
wget https://www.fengguow.dev/resources/amandroid.checksum && \
|
||||
unzip amandroid.zip
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-8-jdk
|
||||
|
||||
RUN cd /workspace/amandroid && \
|
||||
sed -i 's/val remotec = getRemoteChecksum("amandroid.checksum")/\/\/val remotec = getRemoteChecksum("amandroid.checksum")/' /workspace/amandroid/amandroid/src/main/scala/org/argus/amandroid/core/AndroidGlobalConfig.scala && \
|
||||
sed -i '46i\\ val remotec = localc' /workspace/amandroid/amandroid/src/main/scala/org/argus/amandroid/core/AndroidGlobalConfig.scala && \
|
||||
sed -i '164i javacOptions in jawa ++= Seq("-encoding", "UTF-8")' /workspace/amandroid/build.sbt
|
||||
|
||||
RUN cd /workspace/amandroid && \
|
||||
./tools/bin/sbt -Duser.home=/workspace clean compile assembly test
|
||||
|
||||
RUN ln -s /workspace/amandroid/target/scala-2.12/argus-saf-3.2.0-assembly.jar /workspace/amandroid/argus-saf.jar
|
||||
|
||||
COPY run.sh /
|
||||
20
rasta_exp/docker/amandroid/home_build/run.sh
Executable file
20
rasta_exp/docker/amandroid/home_build/run.sh
Executable file
|
|
@ -0,0 +1,20 @@
|
|||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -Duser.home=/workspace -jar /workspace/amandroid/argus-saf.jar taint -a COMPONENT_BASED -o /mnt/out /mnt/${APK_filename} > /mnt/stdout 2> /mnt/stderr
|
||||
23
rasta_exp/docker/amandroid/provided_build/Dockerfile
Normal file
23
rasta_exp/docker/amandroid/provided_build/Dockerfile
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
FROM ubuntu:18.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time unzip wget
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git init /workspace/amandroid && \
|
||||
cd /workspace/amandroid && \
|
||||
git remote add origin https://github.com/arguslab/Argus-SAF.git && \
|
||||
git fetch --depth=1 origin 06596c6bb03fe2560030b52bf2b47d17d1bd3068 && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
# Avoid downloading this each time we launch a new docker
|
||||
RUN mkdir -p /root/.amandroid_stash && \
|
||||
cd /root/.amandroid_stash && \
|
||||
wget https://www.fengguow.dev/resources/amandroid.zip && \
|
||||
wget https://www.fengguow.dev/resources/amandroid.checksum && \
|
||||
unzip amandroid.zip
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-8-jdk
|
||||
|
||||
RUN ln -s /workspace/amandroid/binaries/argus-saf-3.2.1-SNAPSHOT-assembly.jar /workspace/amandroid/argus-saf.jar
|
||||
98
rasta_exp/docker/amandroid/test.py
Normal file
98
rasta_exp/docker/amandroid/test.py
Normal file
|
|
@ -0,0 +1,98 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
|
||||
from typing import Any, Type
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/"
|
||||
CMD = f"java -jar /workspace/amandroid/argus-saf.jar taint -a COMPONENT_BASED -o /mnt/out {PATH_APK}"
|
||||
|
||||
TOOL_NAME = "amandroid"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"home_build": "home_build",
|
||||
"provided_build": "provided_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
# Not much parsable error with this tool, so I just try to catch java errors just in case
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stdout", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
return (path / "out" / "app" / "result" / "AppData.txt").exists()
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/anadroid/RASTA_VERSION
Normal file
1
rasta_exp/docker/anadroid/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
10
rasta_exp/docker/anadroid/README.md
Normal file
10
rasta_exp/docker/anadroid/README.md
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
# Anadroid
|
||||
|
||||
- [source](https://github.com/maggieddie/pushdownoo)
|
||||
- [or maybe?](https://github.com/maggieddie/anadroid), the paper link to the other repo
|
||||
- [paper](https://dl.acm.org/doi/10.1145/2516760.2516769)
|
||||
- language: Scala 2.9.1 / Java 6 / Python2
|
||||
- JVM: OpenJDK Runtime Environment (IcedTea6 1.11.5) ubuntu 12.04.1
|
||||
- Build: Ant
|
||||
- number of years without at least 1 commit since first commit: 9
|
||||
- license: CRAPL
|
||||
30
rasta_exp/docker/anadroid/home_build/Dockerfile
Normal file
30
rasta_exp/docker/anadroid/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
FROM ubuntu:12.04
|
||||
|
||||
RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git python2.7 time
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git clone https://github.com/maggieddie/pushdownoo.git /workspace/pushdownoo
|
||||
|
||||
RUN cd /workspace/pushdownoo && git checkout c06e03f6501d1441389d17271e44b9f345f637ff
|
||||
|
||||
RUN apt-get update && apt-get install -y ant openjdk-6-jdk make graphviz && \
|
||||
ln -s /usr/bin/dot /usr/local/bin/dot
|
||||
|
||||
RUN cd /workspace/pushdownoo/jdex2sex && make clean && make
|
||||
RUN mkdir /workspace/pushdownoo/pdafordalvik/test && \
|
||||
cd /workspace/pushdownoo/pdafordalvik && \
|
||||
sed -i '266d' /workspace/pushdownoo/pdafordalvik/build.xml && \
|
||||
sed -i '262,264d' /workspace/pushdownoo/pdafordalvik/build.xml && \
|
||||
sed -i '163,164d' /workspace/pushdownoo/pdafordalvik/android-knowledge/sinks.txt && \
|
||||
sed -i '158d' /workspace/pushdownoo/pdafordalvik/android-knowledge/sinks.txt && \
|
||||
sed -i '80,83d' /workspace/pushdownoo/pdafordalvik/android-knowledge/classes.txt && \
|
||||
sed -i '410,412d' /workspace/pushdownoo/pdafordalvik/android-knowledge/callbacks.txt && \
|
||||
sed -i '407,408d' /workspace/pushdownoo/pdafordalvik/android-knowledge/callbacks.txt && \
|
||||
sed -i '263i\\ println("ee3d6c7015b83b3dc84b21a2e79506175f07c00ecf03e7b3b8edea4e445618bd: END OF ANALYSIS.")' /workspace/pushdownoo/pdafordalvik/src/org/ucombinator/playhelpers/PlayHelper.scala && \
|
||||
sed -i '116i\\ println("ee3d6c7015b83b3dc84b21a2e79506175f07c00ecf03e7b3b8edea4e445618bd: START OF ANALYSIS.")' /workspace/pushdownoo/pdafordalvik/src/org/ucombinator/playhelpers/PlayHelper.scala && \
|
||||
sed -i 's#^exec java# exec java -Duser.home=/tmp/user/#' ../apktool/apktool && \
|
||||
export ANT_OPTS="-Xmx2048M -Xms2048M -Xss512M -XX:MaxPermSize=512m" && \
|
||||
make
|
||||
COPY run.sh /
|
||||
22
rasta_exp/docker/anadroid/home_build/run.sh
Executable file
22
rasta_exp/docker/anadroid/home_build/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
cd ${WORKDIR}
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} org.ucombinator.dalvik.cfa.cesk.RunAnalysis --k 1 --gc --lra --aco --godel /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
23
rasta_exp/docker/anadroid/provided_build/Dockerfile
Normal file
23
rasta_exp/docker/anadroid/provided_build/Dockerfile
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
FROM ubuntu:12.04
|
||||
|
||||
RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git python2.7 time
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git clone https://github.com/maggieddie/pushdownoo.git /workspace/pushdownoo
|
||||
|
||||
RUN cd /workspace/pushdownoo && git checkout c06e03f6501d1441389d17271e44b9f345f637ff
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-6-jdk make graphviz && \
|
||||
ln -s /usr/bin/dot /usr/local/bin/dot
|
||||
|
||||
RUN sed -i '266d' /workspace/pushdownoo/pdafordalvik/build.xml && \
|
||||
sed -i '262,264d' /workspace/pushdownoo/pdafordalvik/build.xml && \
|
||||
sed -i '163,164d' /workspace/pushdownoo/pdafordalvik/android-knowledge/sinks.txt && \
|
||||
sed -i '158d' /workspace/pushdownoo/pdafordalvik/android-knowledge/sinks.txt && \
|
||||
sed -i '80,83d' /workspace/pushdownoo/pdafordalvik/android-knowledge/classes.txt && \
|
||||
sed -i '410,412d' /workspace/pushdownoo/pdafordalvik/android-knowledge/callbacks.txt && \
|
||||
sed -i '407,408d' /workspace/pushdownoo/pdafordalvik/android-knowledge/callbacks.txt && \
|
||||
cd /workspace/pushdownoo/jdex2sex && make clean && make
|
||||
COPY run.sh /
|
||||
23
rasta_exp/docker/anadroid/provided_build/run.sh
Executable file
23
rasta_exp/docker/anadroid/provided_build/run.sh
Executable file
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
cd ${WORKDIR}
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} org.ucombinator.dalvik.cfa.cesk.RunAnalysis --k 1 --gc --lra --aco --godel /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
23
rasta_exp/docker/anadroid/run.sh
Executable file
23
rasta_exp/docker/anadroid/run.sh
Executable file
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
cd ${WORKDIR}
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} org.ucombinator.dalvik.cfa.cesk.RunAnalysis --k 1 --gc --lra --aco --godel /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
122
rasta_exp/docker/anadroid/test.py
Normal file
122
rasta_exp/docker/anadroid/test.py
Normal file
|
|
@ -0,0 +1,122 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
|
||||
from typing import Any
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
JAVA_PARAM = "-XX:MaxPermSize=512m -Xms512m -Xmx1024M -Xss1024m"
|
||||
WORKDIR = "/workspace/pushdownoo/pdafordalvik"
|
||||
JAR_FILE = "/workspace/pushdownoo/pdafordalvik/artifacts/PushdownOO_Exflow.jar"
|
||||
# CMD = f"java {JAVA_PARAM} -jar {JAR_FILE} org.ucombinator.dalvik.cfa.cesk.RunAnalysis --k 1 --gc --lra --aco --godel --dump-graph {PATH_APK}" # --dump-graph takes so much time!
|
||||
CMD = f"java {JAVA_PARAM} -jar {JAR_FILE} org.ucombinator.dalvik.cfa.cesk.RunAnalysis --k 1 --gc --lra --aco --godel {PATH_APK}"
|
||||
|
||||
TOOL_NAME = "anadroid"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"home_build": "home_build",
|
||||
"provided_build": "provided_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
EXPECTED_ERROR_TYPES = [errors.JavaError, errors.PythonError]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
stdout = path / "stdout"
|
||||
with stdout.open("r", errors="replace") as f:
|
||||
# Check if the version of the tool used is the one with the add println
|
||||
modified_version = (
|
||||
"ee3d6c7015b83b3dc84b21a2e79506175f07c00ecf03e7b3b8edea4e445618bd: START OF ANALYSIS."
|
||||
in f.readline()
|
||||
)
|
||||
with stdout.open("r", errors="replace") as f:
|
||||
for line in f:
|
||||
if modified_version and (
|
||||
"ee3d6c7015b83b3dc84b21a2e79506175f07c00ecf03e7b3b8edea4e445618bd: END OF ANALYSIS."
|
||||
in line
|
||||
):
|
||||
return True
|
||||
# If we use the orginal tool and the tool worked, this line should appear
|
||||
# WARNING: the path to the graph depend on the name and location of the app, the one
|
||||
# use hear is the one for /mnt/app.apk
|
||||
if (
|
||||
not modified_version
|
||||
and "--dump-graph" in CMD
|
||||
and "Dyck State Graph dumped into /mnt/app/graphs/graph-1-pdcfa-gc-lra.dot"
|
||||
in line
|
||||
):
|
||||
return True
|
||||
if (
|
||||
not modified_version
|
||||
and "--dump-graph" not in CMD
|
||||
and "Dyck State Graph dumped into /mnt/app/graphs/graph-1-pdcfa-gc-lra.dot"
|
||||
in line
|
||||
):
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/androguard/RASTA_VERSION
Normal file
1
rasta_exp/docker/androguard/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
v3_3_5
|
||||
5
rasta_exp/docker/androguard/README.md
Normal file
5
rasta_exp/docker/androguard/README.md
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
# Androguard
|
||||
|
||||
- [source](https://github.com/androguard/androguard/)
|
||||
- language: Python3 javascript (for frida)
|
||||
- License: Apache 2.0
|
||||
22
rasta_exp/docker/androguard/run.sh
Executable file
22
rasta_exp/docker/androguard/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} androguard decompile -o /mnt/out /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
10
rasta_exp/docker/androguard/v3_3_5/Dockerfile
Normal file
10
rasta_exp/docker/androguard/v3_3_5/Dockerfile
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
FROM python:3.11-slim
|
||||
RUN apt-get update && apt-get -y install time python3-pip git
|
||||
COPY run.sh /
|
||||
|
||||
|
||||
RUN mkdir /workspace
|
||||
|
||||
RUN git clone --depth 1 --branch v3.3.5 https://github.com/androguard/androguard.git /workspace/androguard
|
||||
RUN python3 -m pip install -e /workspace/androguard
|
||||
COPY main.py /workspace/
|
||||
8
rasta_exp/docker/androguard/v3_3_5/main.py
Normal file
8
rasta_exp/docker/androguard/v3_3_5/main.py
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
from androguard.misc import AnalyzeAPK
|
||||
import sys
|
||||
|
||||
a, d, dx = AnalyzeAPK(sys.argv[1])
|
||||
|
||||
print(
|
||||
"ee3d6c7015b83b3dc84b21a2e79506175f07c00ecf03e7b3b8edea4e445618bd: END OF ANALYSIS."
|
||||
)
|
||||
22
rasta_exp/docker/androguard/v3_3_5/run.sh
Executable file
22
rasta_exp/docker/androguard/v3_3_5/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} python3 /workspace/main.py /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
1
rasta_exp/docker/androguard_dad/RASTA_VERSION
Normal file
1
rasta_exp/docker/androguard_dad/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
v3_3_5
|
||||
7
rasta_exp/docker/androguard_dad/README.md
Normal file
7
rasta_exp/docker/androguard_dad/README.md
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
# Androguard
|
||||
|
||||
- [source](https://github.com/androguard/androguard/)
|
||||
- [paper]() TODO
|
||||
- language: Python3 javascript (for frida)
|
||||
- number of years without at least 1 commit since first commit: 0 (2010 - 2022)
|
||||
- License: Apache 2.0
|
||||
14
rasta_exp/docker/androguard_dad/latest_2022/Dockerfile
Normal file
14
rasta_exp/docker/androguard_dad/latest_2022/Dockerfile
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
FROM python:3.11-slim
|
||||
RUN apt-get update && apt-get -y install time python3-pip git
|
||||
COPY run.sh /
|
||||
|
||||
|
||||
RUN mkdir /workspace
|
||||
|
||||
RUN git init /workspace/androguard && \
|
||||
cd /workspace/androguard && \
|
||||
git remote add origin https://github.com/androguard/androguard.git && \
|
||||
git fetch --depth=1 origin 832104db3eb5dc3cc66b30883fa8ce8712dfa200 && \
|
||||
git reset --hard FETCH_HEAD
|
||||
RUN cd /workspace/androguard && \
|
||||
python3 -m pip install -r requirements.txt
|
||||
23
rasta_exp/docker/androguard_dad/latest_2022/run.sh
Executable file
23
rasta_exp/docker/androguard_dad/latest_2022/run.sh
Executable file
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} androguard decompile -o /mnt/out /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
5
rasta_exp/docker/androguard_dad/pip/Dockerfile
Normal file
5
rasta_exp/docker/androguard_dad/pip/Dockerfile
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
FROM python:3.11-slim
|
||||
RUN apt-get update && apt-get -y install time
|
||||
COPY run.sh /
|
||||
|
||||
RUN python3 -m pip install androguard
|
||||
22
rasta_exp/docker/androguard_dad/pip/run.sh
Executable file
22
rasta_exp/docker/androguard_dad/pip/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} androguard decompile -o /mnt/out /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
22
rasta_exp/docker/androguard_dad/run.sh
Executable file
22
rasta_exp/docker/androguard_dad/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} androguard decompile -o /mnt/out /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
96
rasta_exp/docker/androguard_dad/test.py
Normal file
96
rasta_exp/docker/androguard_dad/test.py
Normal file
|
|
@ -0,0 +1,96 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
|
||||
from typing import Any, Type
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
#import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/"
|
||||
CMD = f"androguard decompile -o {GUEST_MNT}/out {PATH_APK}"
|
||||
|
||||
TOOL_NAME = "androguard"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"v3.3.5": "v3_3_5",
|
||||
# "latest": "latest_2022", # the current master is not stable
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "v3.3.5"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [errors.PythonError]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
stdout = path / "stdout"
|
||||
with stdout.open("r", errors="replace") as f:
|
||||
for line in f:
|
||||
if (
|
||||
"ee3d6c7015b83b3dc84b21a2e79506175f07c00ecf03e7b3b8edea4e445618bd: END OF ANALYSIS."
|
||||
in line
|
||||
):
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
10
rasta_exp/docker/androguard_dad/v3_3_5/Dockerfile
Normal file
10
rasta_exp/docker/androguard_dad/v3_3_5/Dockerfile
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
FROM python:3.11-slim
|
||||
RUN apt-get update && apt-get -y install time python3-pip git
|
||||
COPY run.sh /
|
||||
|
||||
|
||||
RUN mkdir /workspace
|
||||
|
||||
RUN git clone --depth 1 --branch v3.3.5 https://github.com/androguard/androguard.git /workspace/androguard
|
||||
RUN sed -i '396i\\ print("ee3d6c7015b83b3dc84b21a2e79506175f07c00ecf03e7b3b8edea4e445618bd: END OF ANALYSIS.")' /workspace/androguard/androguard/cli/entry_points.py && \
|
||||
python3 -m pip install -e /workspace/androguard
|
||||
22
rasta_exp/docker/androguard_dad/v3_3_5/run.sh
Executable file
22
rasta_exp/docker/androguard_dad/v3_3_5/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} androguard decompile -o /mnt/out /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
1
rasta_exp/docker/apparecium/RASTA_VERSION
Normal file
1
rasta_exp/docker/apparecium/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
latest
|
||||
9
rasta_exp/docker/apparecium/README.md
Normal file
9
rasta_exp/docker/apparecium/README.md
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
# apparecium
|
||||
|
||||
- [source](https://github.com/askk/apparecium)
|
||||
- [fork](https://github.com/cogbee/apparecium)
|
||||
- [paper](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7098024&tag=1)
|
||||
- language: Python 2 (+some C++ in old version of androguard)
|
||||
- number of years without at least 1 commit since first commit: 9
|
||||
- License: MIT
|
||||
|
||||
23
rasta_exp/docker/apparecium/latest/Dockerfile
Normal file
23
rasta_exp/docker/apparecium/latest/Dockerfile
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
FROM ubuntu:22.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git init /workspace/apparecium && \
|
||||
cd /workspace/apparecium && \
|
||||
git remote add origin https://github.com/askk/apparecium.git && \
|
||||
git fetch --depth=1 origin e27e108950e56b69f34fa97262c07d154b9163e8 && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
RUN apt-get update && apt-get install -y python2.7 wget && \
|
||||
ln -s /usr/bin/python2.7 /usr/bin/python
|
||||
|
||||
RUN wget https://bootstrap.pypa.io/pip/2.7/get-pip.py && \
|
||||
python2.7 get-pip.py && \
|
||||
rm get-pip.py && \
|
||||
python2.7 -m pip install pydot
|
||||
RUN sed -i 's#d3-visualization#/mnt#' /workspace/apparecium/dftest.py
|
||||
|
||||
COPY run.sh /
|
||||
25
rasta_exp/docker/apparecium/latest/run.sh
Executable file
25
rasta_exp/docker/apparecium/latest/run.sh
Executable file
|
|
@ -0,0 +1,25 @@
|
|||
#!/usr/bin/env bash
|
||||
#
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
WORKDIR="/workspace/apparecium"
|
||||
cd ${WORKDIR}
|
||||
mkdir /mnt/data
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} python dftest.py /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
99
rasta_exp/docker/apparecium/test.py
Normal file
99
rasta_exp/docker/apparecium/test.py
Normal file
|
|
@ -0,0 +1,99 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
|
||||
from typing import Any, Type
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/workspace/apparecium"
|
||||
CMD = f"python runner.py {PATH_APK} >> '{GUEST_MNT}/stdout' 2>> '{GUEST_MNT}/stderr'; cp -r /workspace/apparecium/d3-visualization/data {GUEST_MNT}/"
|
||||
|
||||
TOOL_NAME = "apparecium"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"latest": "latest",
|
||||
"fork_latest": "fork_latest",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "latest"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [errors.PythonError]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
if (path / "data" / "app.apk.json").exists():
|
||||
return True
|
||||
l1 = False
|
||||
with (path / "stdout").open(errors="replace") as file:
|
||||
for line in file:
|
||||
if "Complete Analysis took" in line: # check if androguard worked
|
||||
l1 = True
|
||||
if (
|
||||
l1 and "\t\tDone in " in line
|
||||
): # check if apparecium worked after androguard
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/blueseal/RASTA_VERSION
Normal file
1
rasta_exp/docker/blueseal/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
25
rasta_exp/docker/blueseal/README.md
Normal file
25
rasta_exp/docker/blueseal/README.md
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
# Blueseal
|
||||
|
||||
- [source](https://github.com/ub-rms/blueseal)
|
||||
- [paper](https://dl.acm.org/doi/10.1145/2642937.2643018)
|
||||
- language: Java7
|
||||
- Build: Ant
|
||||
- number of years without at least 1 commit since first commit: 7
|
||||
- License: None
|
||||
|
||||
## Notes
|
||||
|
||||
Troubles on laptop:
|
||||
|
||||
Build:
|
||||
|
||||
```
|
||||
docker build --ulimit nofile=65536:65536 .
|
||||
```
|
||||
|
||||
Run
|
||||
|
||||
```
|
||||
docker run --ulimit nofile=65536:65536 -it -v ...
|
||||
```
|
||||
|
||||
21
rasta_exp/docker/blueseal/home_build/Dockerfile
Normal file
21
rasta_exp/docker/blueseal/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
FROM ubuntu:14.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
RUN apt-get update && apt-get install -y git time
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git clone https://github.com/ub-rms/blueseal.git /workspace/blueseal && \
|
||||
cd /workspace/blueseal && git checkout 95e820049f9ded681019724d0b4a86dc028bd78b
|
||||
|
||||
RUN rm -rf /workspace/blueseal/BlueSeal/android-jars && \
|
||||
git clone https://github.com/Sable/android-platforms.git /workspace/blueseal/BlueSeal/android-jars && \
|
||||
cd /workspace/blueseal/BlueSeal/android-jars && git checkout 74c993c02160cdeb1d52e46017a2ecd536ea1d5d
|
||||
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-7-jdk ant
|
||||
|
||||
RUN cd /workspace/blueseal/BlueSeal && mkdir /workspace/blueseal/BlueSeal/bin && \
|
||||
ant build
|
||||
|
||||
RUN sed -i 's#^exec java# exec java -Duser.home=/tmp/user/#' /workspace/blueseal/BlueSeal/tools/apktool
|
||||
COPY run.sh /
|
||||
29
rasta_exp/docker/blueseal/home_build/run.sh
Executable file
29
rasta_exp/docker/blueseal/home_build/run.sh
Executable file
|
|
@ -0,0 +1,29 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# params: APK_FILENAME
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
WORKDIR="/mnt"
|
||||
cd ${WORKDIR}
|
||||
ln -s /workspace/blueseal/BlueSeal/input /mnt/
|
||||
ln -s /workspace/blueseal/BlueSeal/tools /mnt/
|
||||
ln -s /workspace/blueseal/BlueSeal/android-jars /mnt/
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} edu.buffalo.cse.blueseal.BSFlow.InterProceduralMain /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
29
rasta_exp/docker/blueseal/run.sh
Executable file
29
rasta_exp/docker/blueseal/run.sh
Executable file
|
|
@ -0,0 +1,29 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# params: APK_FILENAME
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
WORKDIR="/mnt"
|
||||
cd ${WORKDIR}
|
||||
ln -s /workspace/blueseal/BlueSeal/input /mnt/
|
||||
ln -s /workspace/blueseal/BlueSeal/tools /mnt/
|
||||
ln -s /workspace/blueseal/BlueSeal/android-jars /mnt/
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} edu.buffalo.cse.blueseal.BSFlow.InterProceduralMain /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
104
rasta_exp/docker/blueseal/test.py
Normal file
104
rasta_exp/docker/blueseal/test.py
Normal file
|
|
@ -0,0 +1,104 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
import re
|
||||
|
||||
from typing import Any, Type, Optional
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/workspace/blueseal/BlueSeal"
|
||||
|
||||
JAVA_PARAM = "-cp 'libs/AXMLPrinter2.jar:libs/commons-io-2.4.jar:libs/polyglotclasses-1.3.5.jar:libs/baksmali-1.3.2.jar:libs/jasminclasses-2.5.0.jar:libs/soot.jar:bin'"
|
||||
CMD = (
|
||||
f"java {JAVA_PARAM} edu.buffalo.cse.blueseal.BSFlow.InterProceduralMain {PATH_APK}"
|
||||
)
|
||||
|
||||
TOOL_NAME = "blueseal"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"home_build": "home_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
l1 = False
|
||||
with (path / "stdout").open("r", errors="replace") as stdout:
|
||||
for line in stdout:
|
||||
if l1 and "Soot has run for " in line:
|
||||
return True
|
||||
l1 = False
|
||||
if "Soot finished on " in line:
|
||||
l1 = True
|
||||
return False
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/choi_et_al/RASTA_VERSION
Normal file
1
rasta_exp/docker/choi_et_al/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
7
rasta_exp/docker/choi_et_al/README.md
Normal file
7
rasta_exp/docker/choi_et_al/README.md
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
# Choi et al.
|
||||
|
||||
- [source](https://github.com/kwanghoon/JavaAnalysis)
|
||||
- [paper](https://www.sciencedirect.com/science/article/pii/S0020019014001069)
|
||||
- language: Haskell (GHC < 7.8 ? GHC 7.0.4 should works, 7.6.3 looks good too)
|
||||
- number of years without at least 1 release since first release: 9
|
||||
- License: None
|
||||
28
rasta_exp/docker/choi_et_al/home_build/Dockerfile
Normal file
28
rasta_exp/docker/choi_et_al/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
FROM ubuntu:14.04
|
||||
|
||||
#RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y time git
|
||||
|
||||
RUN mkdir /workspace && git init /workspace/JavaAnalysis && \
|
||||
cd /workspace/JavaAnalysis && \
|
||||
git remote add origin https://github.com/kwanghoon/JavaAnalysis.git && \
|
||||
git fetch --depth=1 origin fba12cc22338b6f425a0c71168dc55afe964345d && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
RUN apt-get update && apt-get install -y ghc libghc-mtl-dev
|
||||
|
||||
RUN cd /workspace/JavaAnalysis && \
|
||||
ghc Main
|
||||
|
||||
# Install JADX to convert apk to .java
|
||||
# Use nixpkgs because older versions of jadx are really unstable and the more
|
||||
# recent version require java 8, which is not available on ubuntu 14, which is the
|
||||
# only distro I fond that can compile and run this tool
|
||||
RUN apt-get update && apt-get install -y curl xz-utils && \
|
||||
useradd -b /home -G sudo -m nix && \
|
||||
echo 'nix ALL=(ALL) NOPASSWD:ALL' | EDITOR='tee -a' visudo && \
|
||||
HOME=/home/nix sudo -u nix bash -c 'sh <(curl -k -L https://nixos.org/nix/install) --no-daemon' && \
|
||||
HOME=/home/nix sudo -u nix bash -c '. /home/nix/.nix-profile/etc/profile.d/nix.sh && nix-env -iA nixpkgs.jadx'
|
||||
|
||||
COPY run.sh /workspace/run.sh
|
||||
6
rasta_exp/docker/choi_et_al/home_build/run.sh
Executable file
6
rasta_exp/docker/choi_et_al/home_build/run.sh
Executable file
|
|
@ -0,0 +1,6 @@
|
|||
#!/bin/sh
|
||||
|
||||
chown -R nix /mnt
|
||||
# Run jadx on /mnt/app.apk
|
||||
HOME=/home/nix sudo -u nix bash -c '. /home/nix/.nix-profile/etc/profile.d/nix.sh && cd /mnt && nix-shell -p jadx --run "jadx app.apk"'
|
||||
find /mnt/app -name '*.java' -print | xargs /workspace/JavaAnalysis/Main
|
||||
185
rasta_exp/docker/choi_et_al/test.py
Normal file
185
rasta_exp/docker/choi_et_al/test.py
Normal file
|
|
@ -0,0 +1,185 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
import re
|
||||
|
||||
from typing import Any, Type, Optional
|
||||
from pathlib import Path
|
||||
from more_itertools import peekable
|
||||
|
||||
#
|
||||
# ██╗ ██╗ ██╗ ██████╗
|
||||
# ██║ ██║ ██║ ██╔══██╗
|
||||
# ██║ █╗ ██║ ██║ ██████╔╝
|
||||
# ██║███╗██║ ██║ ██╔═══╝
|
||||
# ╚███╔███╔╝ ██║ ██║
|
||||
# ╚══╝╚══╝ ╚═╝ ╚═╝
|
||||
#
|
||||
# Looks like JADX is not good enought, waiting for the author response
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = f"{GUEST_MNT}"
|
||||
CMD = f"/workspace/run.sh"
|
||||
|
||||
TOOL_NAME = "choi_et_al"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"home_build": "home_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
|
||||
class HaskellError(errors.LoggedError):
|
||||
error_re = re.compile(r"([a-zA-Z0-9])+: (.*)$")
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
first_line_nb: int,
|
||||
last_line_nb: int,
|
||||
origin: str,
|
||||
msg: str,
|
||||
logfile_name: str = "",
|
||||
):
|
||||
self.first_line_nb = first_line_nb
|
||||
self.last_line_nb = last_line_nb
|
||||
self.origin = origin
|
||||
self.msg = msg
|
||||
self.logfile_name = logfile_name
|
||||
|
||||
def __str__(self) -> str:
|
||||
return f"{self.origin}: {self.msg}"
|
||||
|
||||
def get_dict(self) -> dict[str, Any]:
|
||||
return {
|
||||
"error_type": "haskell",
|
||||
"origin": self.origin,
|
||||
"msg": self.msg,
|
||||
"first_line": self.first_line_nb,
|
||||
"last_line": self.last_line_nb,
|
||||
"logfile_name": self.logfile_name,
|
||||
}
|
||||
|
||||
@staticmethod
|
||||
def parse_error(logs: peekable) -> Optional["HaskellError"]:
|
||||
line_nb, line = logs.peek((None, None))
|
||||
if line is None or line_nb is None:
|
||||
return None
|
||||
match = HaskellError.error_re.match(line)
|
||||
if match is None:
|
||||
return None
|
||||
error = HaskellError(
|
||||
line_nb,
|
||||
line_nb,
|
||||
match.group(1),
|
||||
match.group(2),
|
||||
)
|
||||
next(logs)
|
||||
return error
|
||||
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError, # JADX
|
||||
errors.NoPrefixJavaError,
|
||||
]
|
||||
EXPECTED_ERROR_TYPES_STDERR: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError, # JADX
|
||||
errors.NoPrefixJavaError,
|
||||
HaskellError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES_STDERR),
|
||||
)
|
||||
)
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stdout", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path, report):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path, report: dict[str, Any]) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
if report["exit-status"] != 0:
|
||||
return False
|
||||
# If jadx failed the tool failed
|
||||
if not (path / "app").exists():
|
||||
return False
|
||||
if len(list((path / "app").glob("**/*.java"))) == 0:
|
||||
return False
|
||||
l1 = False
|
||||
l2 = False
|
||||
with (path / "stdout").open("r", errors="replace") as file:
|
||||
for line in file:
|
||||
if l2 and line == "done.\n":
|
||||
return True
|
||||
else:
|
||||
l2 = False
|
||||
if l1 and "seconds in total" in line:
|
||||
l1 = False
|
||||
l2 = True
|
||||
else:
|
||||
l1 = False
|
||||
if line == "Points-to graph: \n":
|
||||
l1 = True
|
||||
return False
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/dialdroid/RASTA_VERSION
Normal file
1
rasta_exp/docker/dialdroid/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
7
rasta_exp/docker/dialdroid/README.md
Normal file
7
rasta_exp/docker/dialdroid/README.md
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
# DialDroid
|
||||
|
||||
- [source](https://github.com/dialdroid-android/DIALDroid/tree/master)
|
||||
- [paper]()
|
||||
- language: Java 8
|
||||
- number of years without at least 1 commit since first commit: 5
|
||||
- License: GPLv3
|
||||
37
rasta_exp/docker/dialdroid/home_build/Dockerfile
Normal file
37
rasta_exp/docker/dialdroid/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
FROM ubuntu:18.04
|
||||
|
||||
RUN apt-get update && apt-get install -y git wget time openjdk-8-jdk ant mysql-server unzip
|
||||
|
||||
RUN mkdir /workspace && \
|
||||
git init /workspace/dialdroid && \
|
||||
cd /workspace/dialdroid && \
|
||||
git remote add origin https://github.com/dialdroid-android/DIALDroid.git && \
|
||||
git fetch --depth=1 origin 968577d43de9c2377a024593e2b2fcecb4b3e875 && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
RUN git clone https://github.com/dialdroid-android/android-platforms.git /workspace/platforms && \
|
||||
git clone https://github.com/Sable/android-platforms.git /workspace/sable-platforms && \
|
||||
cp -R -n /workspace/sable-platforms/* /workspace/platforms/ && \
|
||||
rm -rf /workspace/sable-platforms
|
||||
|
||||
RUN git init /workspace/dialdroid_db && \
|
||||
cd /workspace/dialdroid_db && \
|
||||
git remote add origin https://github.com/dialdroid-android/dialdroid-db.git && \
|
||||
git fetch --depth=1 origin c8d364c11eaced258057d2b214547ccbd32edfc5 && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
# RUN sed -i 's/mysql-connector-java-5.1.31.jar/mysql-connector-java-8.0.18.jar/g' /workspace/dialdroid/build.xml
|
||||
RUN cd /workspace/dialdroid && \
|
||||
mkdir bin && \
|
||||
cp build/*.txt . && \
|
||||
cp build/cc.properties . && \
|
||||
rm -rf build/* && rm -rf target/* && \
|
||||
update-java-alternatives -s java-1.8.0-openjdk-amd64 && \
|
||||
ant create_run_jar
|
||||
|
||||
# jar in jar + singularity = problems... so:
|
||||
RUN mkdir /workspace/dialdroid_bin && \
|
||||
mv /workspace/dialdroid/build/dialdroid.jar /workspace/dialdroid_bin && \
|
||||
cd /workspace/dialdroid_bin && \
|
||||
unzip dialdroid.jar
|
||||
COPY run.sh /
|
||||
59
rasta_exp/docker/dialdroid/home_build/run.sh
Executable file
59
rasta_exp/docker/dialdroid/home_build/run.sh
Executable file
|
|
@ -0,0 +1,59 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
export CLASS_PATH='/workspace/dialdroid_bin::/workspace/dialdroid_bin/infoflow-android-dialdroid.jar:/workspace/dialdroid_bin/infoflow-dialdroid.jar:/workspace/dialdroid_bin/soot-dialdroid.jar:/workspace/dialdroid_bin/ic3-dialdroid-classes.jar:/workspace/dialdroid_bin/axml-2.0.0.jar:/workspace/dialdroid_bin/coal-0.1.7.jar:/workspace/dialdroid_bin/coal-strings-0.1.2.jar:/workspace/dialdroid_bin/commons-cli-1.3.1.jar:/workspace/dialdroid_bin/jsch-0.1.51.jar:/workspace/dialdroid_bin/log4j-1.2.17.jar:/workspace/dialdroid_bin/mysql-connector-java-5.1.31.jar:/workspace/dialdroid_bin/protobuf-java-2.5.0.jar:/workspace/dialdroid_bin/slf4j-api-1.7.7.jar:/workspace/dialdroid_bin/slf4j-log4j12-1.7.13.jar:/workspace/dialdroid_bin/herosclasses-trunk.jar:/workspace/dialdroid_bin/soot-dialdroid.jar:/workspace/dialdroid_bin/infoflow-android-dialdroid.jar:/workspace/dialdroid_bin/infoflow-dialdroid.jar'
|
||||
|
||||
|
||||
# Create and run database as current user on specific file
|
||||
#SQL_DATA=`mktemp -d`
|
||||
#
|
||||
SQL_DATA=/mnt/mysql
|
||||
LOG_FILE="$SQL_DATA/log"
|
||||
mkdir $SQL_DATA
|
||||
chmod 777 $SQL_DATA
|
||||
chmod +x $SQL_DATA/..
|
||||
mysqld --datadir=$SQL_DATA --log-error=$LOG_FILE --default-time-zone='+00:00' --initialize-insecure
|
||||
#mysqld --datadir=$SQL_DATA --skip-name-resolve --log-error=$LOG_FILE --default-time-zone='+00:00' --bind-address=127.0.0.1 --mysqlx=OFF --socket=$SQL_DATA/mysqld.sock &
|
||||
mysqld --datadir=$SQL_DATA --skip-name-resolve --log-error=$LOG_FILE --default-time-zone='+00:00' --bind-address=127.0.0.1 --pid-file=/mnt/mysql/pid.pid --socket=$SQL_DATA/mysqld.sock &
|
||||
DB_PID="$!"
|
||||
|
||||
# Wait for connection
|
||||
until mysql -u root --socket="$SQL_DATA/mysqld.sock" -e 'CREATE DATABASE dialdroid_test'
|
||||
do
|
||||
echo 'Waiting for DB, error 2002 ^ is normal'
|
||||
sleep 1
|
||||
done
|
||||
mysql -u root --socket="$SQL_DATA/mysqld.sock" dialdroid_test < /workspace/dialdroid_db/DIALDroid.sql
|
||||
mysql -u root --socket="$SQL_DATA/mysqld.sock" -e "CREATE USER 'root' IDENTIFIED BY 'Nice2Hear';"
|
||||
mysql -u root --socket="$SQL_DATA/mysqld.sock" -e "GRANT ALL PRIVILEGES ON dialdroid_test.* TO 'root';"
|
||||
|
||||
cd /mnt
|
||||
|
||||
ln -s /workspace/dialdroid/build/cc.properties .
|
||||
ln -s /workspace/dialdroid/build/AndroidCallbacks.txt .
|
||||
ln -s /workspace/dialdroid/build/EasyTaintWrapperSource.txt .
|
||||
ln -s /workspace/dialdroid/build/ic3-android.jar .
|
||||
|
||||
#/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar /workspace/dialdroid/build/dialdroid.jar appanalysis /workspace/platforms/ dialdroid_test 127.0.0.1 /mnt/${APK_FILENAME} SOCIAL > /mnt/stdout 2> /mnt/stderr
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -cp ${CLASS_PATH} com.yaogroup.collusion.AppAnalysis appanalysis /workspace/platforms/ dialdroid_test 127.0.0.1 /mnt/${APK_FILENAME} SOCIAL > /mnt/stdout 2> /mnt/stderr
|
||||
|
||||
|
||||
kill -9 ${DB_PID}
|
||||
1
rasta_exp/docker/didfail/RASTA_VERSION
Normal file
1
rasta_exp/docker/didfail/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
16
rasta_exp/docker/didfail/README.md
Normal file
16
rasta_exp/docker/didfail/README.md
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
# Didfail
|
||||
|
||||
- [source](https://bitbucket.org/wklieber/didfail/src/master/)
|
||||
- [paper](https://dl.acm.org/doi/10.1145/2614628.2614633)
|
||||
- language: Java, Python2
|
||||
- Build: Makefile
|
||||
- number of years without at least 1 commit since first commit: 8
|
||||
- license: BSD-3-Clause
|
||||
|
||||
# Notes:
|
||||
|
||||
Trouble on the laptop with ulimit:
|
||||
```
|
||||
docker run --ulimit nofile=65536:65536 -it ...
|
||||
```
|
||||
|
||||
167
rasta_exp/docker/didfail/home_build/Dockerfile
Normal file
167
rasta_exp/docker/didfail/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,167 @@
|
|||
FROM ubuntu:12.04
|
||||
|
||||
RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time
|
||||
|
||||
RUN mkdir -p /workspace/didfail
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y wget unzip make ant && \
|
||||
apt-get install -y openjdk-7-jdk openjdk-7-jre-headless && \
|
||||
apt-get remove -y openjdk-6-jre openjdk-6-jre-headless && \
|
||||
apt-get install -y gcc-4.6-multilib && \
|
||||
apt-get install -y lib32stdc++6 && \
|
||||
apt-get install -y zlib1g-dev:i386
|
||||
|
||||
# Download the android-sdk (no sdk-manager on 12.04)
|
||||
RUN apt-get update && apt-get install -y bsdtar && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-3 && \
|
||||
wget -O /opt/android-sdk/platforms/android-3/zip.zip https://dl.google.com/android/repository/android-1.5_r04-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-4 && \
|
||||
wget -O /opt/android-sdk/platforms/android-4/zip.zip https://dl.google.com/android/repository/android-1.6_r03-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-5 && \
|
||||
wget -O /opt/android-sdk/platforms/android-5/zip.zip https://dl.google.com/android/repository/android-2.0_r01-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-6 && \
|
||||
wget -O /opt/android-sdk/platforms/android-6/zip.zip https://dl.google.com/android/repository/android-2.0.1_r01-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-7 && \
|
||||
wget -O /opt/android-sdk/platforms/android-7/zip.zip https://dl.google.com/android/repository/android-2.1_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-8 && \
|
||||
wget -O /opt/android-sdk/platforms/android-8/zip.zip https://dl.google.com/android/repository/android-2.2_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-10 && \
|
||||
wget -O /opt/android-sdk/platforms/android-10/zip.zip https://dl.google.com/android/repository/android-2.3.3_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-11 && \
|
||||
wget -O /opt/android-sdk/platforms/android-11/zip.zip https://dl.google.com/android/repository/android-3.0_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-12 && \
|
||||
wget -O /opt/android-sdk/platforms/android-12/zip.zip https://dl.google.com/android/repository/android-3.1_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-13 && \
|
||||
wget -O /opt/android-sdk/platforms/android-13/zip.zip https://dl.google.com/android/repository/android-3.2_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-14 && \
|
||||
wget -O /opt/android-sdk/platforms/android-14/zip.zip https://dl.google.com/android/repository/android-14_r04.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-15 && \
|
||||
wget -O /opt/android-sdk/platforms/android-15/zip.zip https://dl.google.com/android/repository/android-15_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-16 && \
|
||||
wget -O /opt/android-sdk/platforms/android-16/zip.zip https://dl.google.com/android/repository/android-16_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-17 && \
|
||||
wget -O /opt/android-sdk/platforms/android-17/zip.zip https://dl.google.com/android/repository/android-17_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-18 && \
|
||||
wget -O /opt/android-sdk/platforms/android-18/zip.zip https://dl.google.com/android/repository/android-18_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-19 && \
|
||||
wget -O /opt/android-sdk/platforms/android-19/zip.zip https://dl.google.com/android/repository/android-19_r04.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-21 && \
|
||||
wget -O /opt/android-sdk/platforms/android-21/zip.zip https://dl.google.com/android/repository/android-21_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-22 && \
|
||||
wget -O /opt/android-sdk/platforms/android-22/zip.zip https://dl.google.com/android/repository/android-22_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-23 && \
|
||||
wget -O /opt/android-sdk/platforms/android-23/zip.zip https://dl.google.com/android/repository/platform-23_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-24 && \
|
||||
wget -O /opt/android-sdk/platforms/android-24/zip.zip https://dl.google.com/android/repository/platform-24_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-25 && \
|
||||
wget -O /opt/android-sdk/platforms/android-25/zip.zip https://dl.google.com/android/repository/platform-25_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-26 && \
|
||||
wget -O /opt/android-sdk/platforms/android-26/zip.zip https://dl.google.com/android/repository/platform-26_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-27 && \
|
||||
wget -O /opt/android-sdk/platforms/android-27/zip.zip https://dl.google.com/android/repository/platform-27_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-28 && \
|
||||
wget -O /opt/android-sdk/platforms/android-28/zip.zip https://dl.google.com/android/repository/platform-28_r06.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-29 && \
|
||||
wget -O /opt/android-sdk/platforms/android-29/zip.zip https://dl.google.com/android/repository/platform-29_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-20 && \
|
||||
wget -O /opt/android-sdk/platforms/android-20/zip.zip https://dl.google.com/android/repository/android-20_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-30 && \
|
||||
wget -O /opt/android-sdk/platforms/android-30/zip.zip https://dl.google.com/android/repository/platform-30_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-31 && \
|
||||
wget -O /opt/android-sdk/platforms/android-31/zip.zip https://dl.google.com/android/repository/platform-Sv2_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-32 && \
|
||||
wget -O /opt/android-sdk/platforms/android-32/zip.zip https://dl.google.com/android/repository/platform-32_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-33 && \
|
||||
wget -O /opt/android-sdk/platforms/android-33/zip.zip https://dl.google.com/android/repository/platform-TiramisuPrivacySandbox_r08.zip && \
|
||||
/usr/bin/find /opt/android-sdk/platforms/ -name '*.zip' -execdir bsdtar -x --strip-components=1 -f {} \;
|
||||
|
||||
# Build jasmin
|
||||
RUN cd /workspace && \
|
||||
wget https://github.com/Sable/jasmin/archive/79c79f314297e28037cfa91fa9316325e3a515bb.zip && \
|
||||
unzip 79c79f314297e28037cfa91fa9316325e3a515bb.zip && \
|
||||
rm 79c79f314297e28037cfa91fa9316325e3a515bb.zip && \
|
||||
mv jasmin-79c79f314297e28037cfa91fa9316325e3a515bb/ jasmin && \
|
||||
cd jasmin && cp ant.settings.template ant.settings && \
|
||||
sed -i 's/java_cup.jar=.*/java_cup.jar=libs\/java_cup.jar/' ant.settings && \
|
||||
ant jasmin-jar
|
||||
|
||||
# Build hero
|
||||
RUN cd /workspace && \
|
||||
wget https://github.com/Sable/heros/archive/5b8180ebf9ba0eb869579425a7adb3d967da8c61.zip && \
|
||||
unzip 5b8180ebf9ba0eb869579425a7adb3d967da8c61.zip && \
|
||||
rm 5b8180ebf9ba0eb869579425a7adb3d967da8c61.zip && \
|
||||
mv heros-5b8180ebf9ba0eb869579425a7adb3d967da8c61/ heros && \
|
||||
cd heros && cp ant.settings.template ant.settings && \
|
||||
echo '' >> ant.settings && echo 'slf4j-api.jar=slf4j-api-1.7.5.jar' >> ant.settings && \
|
||||
echo 'slf4j-simple.jar=slf4j-simple-1.7.5.jar' >> ant.settings && \
|
||||
ant jar && \
|
||||
cp -r build/classes bin
|
||||
|
||||
# Build soot
|
||||
RUN cd /workspace && \
|
||||
wget https://github.com/soot-oss/soot/archive/b4e51615db0effbb2ddc847035664b45756f4f82.zip && \
|
||||
unzip b4e51615db0effbb2ddc847035664b45756f4f82.zip && \
|
||||
rm b4e51615db0effbb2ddc847035664b45756f4f82.zip && \
|
||||
mv soot-b4e51615db0effbb2ddc847035664b45756f4f82/ soot && \
|
||||
cd soot && cp ant.settings.template ant.settings && mkdir -p ../JastAddExtensions/SootJastAddJ && \
|
||||
sed -i 's/jasmin.jar=..\/libs\/jasminclasses-custom.jar/jasmin.jar=..\/jasmin\/lib\/jasminclasses-2.2.1.jar/' ant.settings && \
|
||||
sed -i 's/javacup.jar=..\/libs\/java_cup.jar/javacup.jar=libs\/java_cup.jar/' ant.settings && \
|
||||
ant fulljar
|
||||
|
||||
# Commit specific for nov 2014
|
||||
RUN cd /workspace && \
|
||||
wget https://bitbucket.org/wsnavely/soot-infoflow-latest/get/3ff51b5fb9f551aef0b3598585f83fe334c0b99b.tar.gz && \
|
||||
tar -xvzf 3ff51b5fb9f551aef0b3598585f83fe334c0b99b.tar.gz && \
|
||||
mv wsnavely-soot-infoflow-latest-3ff51b5fb9f5 soot-infoflow && \
|
||||
cd soot-infoflow && mv ant.settings.jenkins ant.settings && \
|
||||
sed -i 's/soot.jar=.*/soot.jar=..\/soot\/lib\/soot-trunk.jar/' ant.settings && \
|
||||
ant jar && \
|
||||
cp -r build/classes bin
|
||||
|
||||
# Commit specific for nov 2014
|
||||
RUN cd /workspace && \
|
||||
wget https://bitbucket.org/wsnavely/soot-infoflow-android-latest/get/31620d664220dfa86de4b5fcc876e866eb41979f.tar.gz && \
|
||||
tar -xvzf 31620d664220dfa86de4b5fcc876e866eb41979f.tar.gz && rm 31620d664220dfa86de4b5fcc876e866eb41979f.tar.gz && \
|
||||
mv wsnavely-soot-infoflow-android-latest-31620d664220 soot-infoflow-android && \
|
||||
cd soot-infoflow-android && mv ant.settings.jenkins ant.settings && \
|
||||
sed -i 's/soot.jar=.*/soot.jar=..\/soot\/lib\/soot-trunk.jar/' ant.settings && \
|
||||
sed -i 's/infoflow.jar=.*/infoflow.jar=..\/soot-infoflow\/build\/jar\/soot-infoflow.jar/' ant.settings && \
|
||||
ant jar && \
|
||||
cp -r build/classes bin
|
||||
|
||||
SHELL ["/bin/bash", "-c"]
|
||||
RUN cd /workspace/didfail && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/epicc-0.1.tgz && \
|
||||
wget -nc https://github.com/dare-android/platform_dalvik/releases/download/dare-1.1.0/dare-1.1.0-linux.tgz && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/platform-16.zip && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/platform-19.zip && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/toyapps-2014-04-28.zip && \
|
||||
mkdir epicc && \
|
||||
tar xzf epicc-0.1.tgz -C epicc && \
|
||||
tar xzf dare-1.1.0-linux.tgz && \
|
||||
unzip platform-16.zip && \
|
||||
unzip platform-19.zip && \
|
||||
unzip -q toyapps-2014-04-28.zip && \
|
||||
wget -O didfail.zip https://bitbucket.org/wklieber/didfail/get/99bc1187c822b216fca81237c16225d7540d80dd.zip && \
|
||||
unzip didfail.zip -d cert && \
|
||||
mv cert/*/* cert/ && \
|
||||
cp cert/paths.distrib.sh cert/paths.local.sh && \
|
||||
sed -i 's/export didfail=.*/export didfail=\/workspace\/didfail/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export sdk_platforms=.*/export sdk_platforms=\/opt\/android-sdk\/platforms/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export wkspc=.*/export wkspc=\/workspace/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export soot_base=.*/export soot_base=\/workspace/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export jvm_flags=.*/# export jvm_flags="-Xmx16g -Xss16g"/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export max_mem=.*/# export max_mem=17179869184/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export max_time=.*/# export max_time=4200/' /workspace/didfail/cert/paths.local.sh && \
|
||||
source /workspace/didfail/cert/paths.local.sh; \
|
||||
cd /workspace/didfail/cert/transformApk && make
|
||||
|
||||
|
||||
# sed -i 's/export jvm_flags=.*/export jvm_flags="-Xmx16g -Xss16g"/' /workspace/didfail/cert/paths.local.sh && \
|
||||
# sed -i 's/export max_mem=.*/export max_mem=17179869184/' /workspace/didfail/cert/paths.local.sh && \
|
||||
# sed -i 's/export max_time=.*/export max_time=4200/' /workspace/didfail/cert/paths.local.sh && \
|
||||
|
||||
COPY run.sh /
|
||||
22
rasta_exp/docker/didfail/home_build/run.sh
Executable file
22
rasta_exp/docker/didfail/home_build/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} /workspace/didfail/cert/run-didfail.sh /mnt/out/ /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
110
rasta_exp/docker/didfail/provided_build/Dockerfile
Normal file
110
rasta_exp/docker/didfail/provided_build/Dockerfile
Normal file
|
|
@ -0,0 +1,110 @@
|
|||
FROM ubuntu:12.04
|
||||
|
||||
RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time
|
||||
|
||||
RUN mkdir -p /workspace/didfail
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y wget unzip bzip2 && \
|
||||
apt-get install -y openjdk-7-jdk openjdk-7-jre-headless && \
|
||||
apt-get remove -y openjdk-6-jre openjdk-6-jre-headless && \
|
||||
apt-get install -y gcc-4.6-multilib && \
|
||||
apt-get install -y lib32stdc++6 && \
|
||||
apt-get install -y zlib1g-dev:i386
|
||||
|
||||
# Download the android-sdk (no sdk-manager on 12.04)
|
||||
RUN apt-get update && apt-get install -y bsdtar && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-3 && \
|
||||
wget -O /opt/android-sdk/platforms/android-3/zip.zip https://dl.google.com/android/repository/android-1.5_r04-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-4 && \
|
||||
wget -O /opt/android-sdk/platforms/android-4/zip.zip https://dl.google.com/android/repository/android-1.6_r03-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-5 && \
|
||||
wget -O /opt/android-sdk/platforms/android-5/zip.zip https://dl.google.com/android/repository/android-2.0_r01-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-6 && \
|
||||
wget -O /opt/android-sdk/platforms/android-6/zip.zip https://dl.google.com/android/repository/android-2.0.1_r01-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-7 && \
|
||||
wget -O /opt/android-sdk/platforms/android-7/zip.zip https://dl.google.com/android/repository/android-2.1_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-8 && \
|
||||
wget -O /opt/android-sdk/platforms/android-8/zip.zip https://dl.google.com/android/repository/android-2.2_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-10 && \
|
||||
wget -O /opt/android-sdk/platforms/android-10/zip.zip https://dl.google.com/android/repository/android-2.3.3_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-11 && \
|
||||
wget -O /opt/android-sdk/platforms/android-11/zip.zip https://dl.google.com/android/repository/android-3.0_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-12 && \
|
||||
wget -O /opt/android-sdk/platforms/android-12/zip.zip https://dl.google.com/android/repository/android-3.1_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-13 && \
|
||||
wget -O /opt/android-sdk/platforms/android-13/zip.zip https://dl.google.com/android/repository/android-3.2_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-14 && \
|
||||
wget -O /opt/android-sdk/platforms/android-14/zip.zip https://dl.google.com/android/repository/android-14_r04.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-15 && \
|
||||
wget -O /opt/android-sdk/platforms/android-15/zip.zip https://dl.google.com/android/repository/android-15_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-16 && \
|
||||
wget -O /opt/android-sdk/platforms/android-16/zip.zip https://dl.google.com/android/repository/android-16_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-17 && \
|
||||
wget -O /opt/android-sdk/platforms/android-17/zip.zip https://dl.google.com/android/repository/android-17_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-18 && \
|
||||
wget -O /opt/android-sdk/platforms/android-18/zip.zip https://dl.google.com/android/repository/android-18_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-19 && \
|
||||
wget -O /opt/android-sdk/platforms/android-19/zip.zip https://dl.google.com/android/repository/android-19_r04.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-21 && \
|
||||
wget -O /opt/android-sdk/platforms/android-21/zip.zip https://dl.google.com/android/repository/android-21_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-22 && \
|
||||
wget -O /opt/android-sdk/platforms/android-22/zip.zip https://dl.google.com/android/repository/android-22_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-23 && \
|
||||
wget -O /opt/android-sdk/platforms/android-23/zip.zip https://dl.google.com/android/repository/platform-23_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-24 && \
|
||||
wget -O /opt/android-sdk/platforms/android-24/zip.zip https://dl.google.com/android/repository/platform-24_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-25 && \
|
||||
wget -O /opt/android-sdk/platforms/android-25/zip.zip https://dl.google.com/android/repository/platform-25_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-26 && \
|
||||
wget -O /opt/android-sdk/platforms/android-26/zip.zip https://dl.google.com/android/repository/platform-26_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-27 && \
|
||||
wget -O /opt/android-sdk/platforms/android-27/zip.zip https://dl.google.com/android/repository/platform-27_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-28 && \
|
||||
wget -O /opt/android-sdk/platforms/android-28/zip.zip https://dl.google.com/android/repository/platform-28_r06.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-29 && \
|
||||
wget -O /opt/android-sdk/platforms/android-29/zip.zip https://dl.google.com/android/repository/platform-29_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-20 && \
|
||||
wget -O /opt/android-sdk/platforms/android-20/zip.zip https://dl.google.com/android/repository/android-20_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-30 && \
|
||||
wget -O /opt/android-sdk/platforms/android-30/zip.zip https://dl.google.com/android/repository/platform-30_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-31 && \
|
||||
wget -O /opt/android-sdk/platforms/android-31/zip.zip https://dl.google.com/android/repository/platform-Sv2_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-32 && \
|
||||
wget -O /opt/android-sdk/platforms/android-32/zip.zip https://dl.google.com/android/repository/platform-32_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-33 && \
|
||||
wget -O /opt/android-sdk/platforms/android-33/zip.zip https://dl.google.com/android/repository/platform-TiramisuPrivacySandbox_r08.zip && \
|
||||
/usr/bin/find /opt/android-sdk/platforms/ -name '*.zip' -execdir bsdtar -x --strip-components=1 -f {} \;
|
||||
|
||||
RUN cd /workspace/didfail && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/epicc-0.1.tgz && \
|
||||
wget -nc https://github.com/dare-android/platform_dalvik/releases/download/dare-1.1.0/dare-1.1.0-linux.tgz && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/platform-16.zip && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/platform-19.zip && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/toyapps-2014-04-28.zip && \
|
||||
mkdir epicc && \
|
||||
tar xzf epicc-0.1.tgz -C epicc && \
|
||||
tar xzf dare-1.1.0-linux.tgz && \
|
||||
unzip platform-16.zip && \
|
||||
unzip platform-19.zip && \
|
||||
unzip -q toyapps-2014-04-28.zip && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/didfail.zip && \
|
||||
unzip -q -d /workspace/didfail/cert didfail.zip && \
|
||||
cp cert/paths.distrib.sh cert/paths.local.sh && \
|
||||
sed -i 's/export didfail=.*/export didfail=\/workspace\/didfail/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export sdk_platforms=.*/export sdk_platforms=\/opt\/android-sdk\/platforms/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export wkspc=.*/export wkspc=\/workspace/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export soot_base=.*/export soot_base=\/workspace/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export jvm_flags=.*/# export jvm_flags="-Xmx16g -Xss16g"/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export max_mem=.*/# export max_mem=17179869184/' /workspace/didfail/cert/paths.local.sh && \
|
||||
sed -i 's/export max_time=.*/# export max_time=4200/' /workspace/didfail/cert/paths.local.sh && \
|
||||
wget -nc http://www.cs.cmu.edu/~wklieber/didfail/workspace.tar.bz2 && \
|
||||
tar xjf workspace.tar.bz2 -C /workspace
|
||||
|
||||
# sed -i 's/export jvm_flags=.*/export jvm_flags="-Xmx16g -Xss16g"/' /workspace/didfail/cert/paths.local.sh && \
|
||||
# sed -i 's/export max_mem=.*/export max_mem=17179869184/' /workspace/didfail/cert/paths.local.sh && \
|
||||
# sed -i 's/export max_time=.*/export max_time=4200/' /workspace/didfail/cert/paths.local.sh && \
|
||||
|
||||
COPY run.sh /workspace/run.sh
|
||||
22
rasta_exp/docker/didfail/provided_build/run.sh
Executable file
22
rasta_exp/docker/didfail/provided_build/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} /workspace/didfail/cert/run-didfail.sh /mnt/out/ /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
142
rasta_exp/docker/didfail/test.py
Normal file
142
rasta_exp/docker/didfail/test.py
Normal file
|
|
@ -0,0 +1,142 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
import re
|
||||
|
||||
from typing import Any, Type, Optional
|
||||
from pathlib import Path
|
||||
from more_itertools import peekable
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/"
|
||||
CMD = "/workspace/run.sh"
|
||||
|
||||
TOOL_NAME = "didfail"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"provided_build": "provided_build",
|
||||
"home_build": "home_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [errors.PythonError]
|
||||
|
||||
EXPECTED_ERROR_TYPES_FLOWDROID: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
errors.FlowdroidLog4jError,
|
||||
]
|
||||
|
||||
EXPECTED_ERROR_TYPES_XFORM: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
errors.FlowdroidLog4jError,
|
||||
]
|
||||
|
||||
EXPECTED_ERROR_TYPES_DARE: list[Type[errors.LoggedError]] = []
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = []
|
||||
flowdroid_log = path / "out" / "log" / "app.flowdroid.log"
|
||||
dare_log = path / "out" / "log" / "app.dare.log"
|
||||
xform_log = path / "out" / "log" / "app.xform.log"
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stdout", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if flowdroid_log.exists():
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(flowdroid_log, EXPECTED_ERROR_TYPES_FLOWDROID),
|
||||
)
|
||||
)
|
||||
if dare_log.exists():
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(dare_log, EXPECTED_ERROR_TYPES_DARE),
|
||||
)
|
||||
)
|
||||
if xform_log.exists():
|
||||
print
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(xform_log, EXPECTED_ERROR_TYPES_XFORM),
|
||||
)
|
||||
)
|
||||
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path, report):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path, report: dict[str, Any]) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
with (path / "stdout").open("r", errors="replace") as file:
|
||||
for line in file:
|
||||
if line == "Failure!\n":
|
||||
return False
|
||||
if report["exit-status"] != 0:
|
||||
return False
|
||||
flowfile = path / "out" / "flows.out"
|
||||
if not flowfile.exists():
|
||||
return False
|
||||
return flowfile.stat().st_size > 1
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/droidsafe/RASTA_VERSION
Normal file
1
rasta_exp/docker/droidsafe/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
9
rasta_exp/docker/droidsafe/README.md
Normal file
9
rasta_exp/docker/droidsafe/README.md
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
# Droidsafe
|
||||
|
||||
- [source](https://github.com/MIT-PAC/droidsafe-src)
|
||||
- [fork](https://github.com/mas2tg/droidsafe-src)
|
||||
- [paper](https://people.csail.mit.edu/rinard/paper/ndss15.droidsafe.pdf)
|
||||
- language: Java 7, Python 2 (not much but still needed)
|
||||
- Build: Ant
|
||||
- number of years without at least 1 commit since first commit: 6
|
||||
- License: GPLv2
|
||||
87
rasta_exp/docker/droidsafe/home_build/Dockerfile
Normal file
87
rasta_exp/docker/droidsafe/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,87 @@
|
|||
FROM ubuntu:14.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git init /workspace/droidsafe && \
|
||||
cd /workspace/droidsafe && \
|
||||
git remote add origin https://github.com/MIT-PAC/droidsafe-src.git && \
|
||||
git fetch --depth=1 origin 1eab2fc473f3d32ba352280a6c520b216bd1b5df && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
RUN apt-get update && apt-get install -y ant openjdk-7-jdk wget unzip make python
|
||||
|
||||
# Download the android-sdk (no sdk-manager on 12.04)
|
||||
RUN apt-get update && apt-get install -y bsdtar && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-3 && \
|
||||
wget -O /opt/android-sdk/platforms/android-3/zip.zip https://dl.google.com/android/repository/android-1.5_r04-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-4 && \
|
||||
wget -O /opt/android-sdk/platforms/android-4/zip.zip https://dl.google.com/android/repository/android-1.6_r03-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-5 && \
|
||||
wget -O /opt/android-sdk/platforms/android-5/zip.zip https://dl.google.com/android/repository/android-2.0_r01-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-6 && \
|
||||
wget -O /opt/android-sdk/platforms/android-6/zip.zip https://dl.google.com/android/repository/android-2.0.1_r01-linux.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-7 && \
|
||||
wget -O /opt/android-sdk/platforms/android-7/zip.zip https://dl.google.com/android/repository/android-2.1_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-8 && \
|
||||
wget -O /opt/android-sdk/platforms/android-8/zip.zip https://dl.google.com/android/repository/android-2.2_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-10 && \
|
||||
wget -O /opt/android-sdk/platforms/android-10/zip.zip https://dl.google.com/android/repository/android-2.3.3_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-11 && \
|
||||
wget -O /opt/android-sdk/platforms/android-11/zip.zip https://dl.google.com/android/repository/android-3.0_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-12 && \
|
||||
wget -O /opt/android-sdk/platforms/android-12/zip.zip https://dl.google.com/android/repository/android-3.1_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-13 && \
|
||||
wget -O /opt/android-sdk/platforms/android-13/zip.zip https://dl.google.com/android/repository/android-3.2_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-14 && \
|
||||
wget -O /opt/android-sdk/platforms/android-14/zip.zip https://dl.google.com/android/repository/android-14_r04.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-15 && \
|
||||
wget -O /opt/android-sdk/platforms/android-15/zip.zip https://dl.google.com/android/repository/android-15_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-16 && \
|
||||
wget -O /opt/android-sdk/platforms/android-16/zip.zip https://dl.google.com/android/repository/android-16_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-17 && \
|
||||
wget -O /opt/android-sdk/platforms/android-17/zip.zip https://dl.google.com/android/repository/android-17_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-18 && \
|
||||
wget -O /opt/android-sdk/platforms/android-18/zip.zip https://dl.google.com/android/repository/android-18_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-19 && \
|
||||
wget -O /opt/android-sdk/platforms/android-19/zip.zip https://dl.google.com/android/repository/android-19_r04.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-21 && \
|
||||
wget -O /opt/android-sdk/platforms/android-21/zip.zip https://dl.google.com/android/repository/android-21_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-22 && \
|
||||
wget -O /opt/android-sdk/platforms/android-22/zip.zip https://dl.google.com/android/repository/android-22_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-23 && \
|
||||
wget -O /opt/android-sdk/platforms/android-23/zip.zip https://dl.google.com/android/repository/platform-23_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-24 && \
|
||||
wget -O /opt/android-sdk/platforms/android-24/zip.zip https://dl.google.com/android/repository/platform-24_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-25 && \
|
||||
wget -O /opt/android-sdk/platforms/android-25/zip.zip https://dl.google.com/android/repository/platform-25_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-26 && \
|
||||
wget -O /opt/android-sdk/platforms/android-26/zip.zip https://dl.google.com/android/repository/platform-26_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-27 && \
|
||||
wget -O /opt/android-sdk/platforms/android-27/zip.zip https://dl.google.com/android/repository/platform-27_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-28 && \
|
||||
wget -O /opt/android-sdk/platforms/android-28/zip.zip https://dl.google.com/android/repository/platform-28_r06.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-29 && \
|
||||
wget -O /opt/android-sdk/platforms/android-29/zip.zip https://dl.google.com/android/repository/platform-29_r05.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-20 && \
|
||||
wget -O /opt/android-sdk/platforms/android-20/zip.zip https://dl.google.com/android/repository/android-20_r02.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-30 && \
|
||||
wget -O /opt/android-sdk/platforms/android-30/zip.zip https://dl.google.com/android/repository/platform-30_r03.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-31 && \
|
||||
wget -O /opt/android-sdk/platforms/android-31/zip.zip https://dl.google.com/android/repository/platform-Sv2_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-32 && \
|
||||
wget -O /opt/android-sdk/platforms/android-32/zip.zip https://dl.google.com/android/repository/platform-32_r01.zip && \
|
||||
mkdir -p /opt/android-sdk/platforms/android-33 && \
|
||||
wget -O /opt/android-sdk/platforms/android-33/zip.zip https://dl.google.com/android/repository/platform-TiramisuPrivacySandbox_r08.zip && \
|
||||
/usr/bin/find /opt/android-sdk/platforms/ -name '*.zip' -execdir bsdtar -x --strip-components=1 -f {} \;
|
||||
|
||||
ENV ANDROID_SDK_HOME=/opt/android-sdk
|
||||
ENV DROIDSAFE_SRC_HOME=/workspace/droidsafe/
|
||||
ENV CLASSPATH=".:/workspace/droidsafe/classes/main:/workspace/droidsafe/bin/*:/workspace/droidsafe/lib/asmutil.jar:/workspace/droidsafe/lib/slf4j-api-1.7.2.jar:/workspace/droidsafe/lib/logback-classic-1.0.7.jar:/workspace/droidsafe/lib/logback-core-1.0.7.jar:/workspace/droidsafe/lib/soot-2.5.0.jar"
|
||||
|
||||
RUN cd /workspace/droidsafe && sed -i '213i\\ encoding="UTF-8"' /workspace/droidsafe/build.xml && \
|
||||
ant -Dfile.encoding=UTF-8 compile
|
||||
|
||||
COPY run.sh /
|
||||
34
rasta_exp/docker/droidsafe/home_build/run.sh
Executable file
34
rasta_exp/docker/droidsafe/home_build/run.sh
Executable file
|
|
@ -0,0 +1,34 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
#cd /mnt/
|
||||
#cp /workspace/droidsafe/android-apps/Makefile_apk /mnt/Makefile
|
||||
#basename=$(basename -s .apk ${APK_FILENAME})
|
||||
#sed -i "s#^NAME := APPNAME#NAME := ${basename}#" /mnt/Makefile
|
||||
#/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} make -f /mnt/Makefile specdump-apk > /mnt/stdout 2> /mnt/stderr
|
||||
|
||||
export ANDROID_SDK_HOME=/opt/android-sdk/
|
||||
export DROIDSAFE_SRC_HOME=/workspace/droidsafe/
|
||||
# export DROIDSAFE_MEMORY=16
|
||||
|
||||
|
||||
cd /mnt
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} sh -c "/workspace/droidsafe/bin/unpack-apk -f ${1} && /workspace/droidsafe/bin/droidsafe -approot /mnt -apkfile ${1} -t specdump" >> /mnt/stdout 2>> /mnt/stderr
|
||||
140
rasta_exp/docker/droidsafe/test.py
Normal file
140
rasta_exp/docker/droidsafe/test.py
Normal file
|
|
@ -0,0 +1,140 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
import re
|
||||
|
||||
from typing import Any, Type, Optional
|
||||
from pathlib import Path
|
||||
from more_itertools import peekable
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
|
||||
class DroidsafeLog4jError(errors.LoggedError):
|
||||
error_re = re.compile(r"(ERROR|FATAL): (.*)")
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
first_line_nb: int,
|
||||
last_line_nb: int,
|
||||
level: str,
|
||||
msg: str,
|
||||
logfile_name: str = "",
|
||||
):
|
||||
self.first_line_nb = first_line_nb
|
||||
self.last_line_nb = last_line_nb
|
||||
self.level = level
|
||||
self.msg = msg
|
||||
self.logfile_name = logfile_name
|
||||
|
||||
def __str__(self) -> str:
|
||||
return f"{self.level}: {self.msg}"
|
||||
|
||||
def get_dict(self) -> dict[str, Any]:
|
||||
return {
|
||||
"error_type": "Log4jSimpleMsg",
|
||||
"level": self.level,
|
||||
"msg": self.msg,
|
||||
"first_line": self.first_line_nb,
|
||||
"last_line": self.last_line_nb,
|
||||
"logfile_name": self.logfile_name,
|
||||
}
|
||||
|
||||
@staticmethod
|
||||
def parse_error(logs: peekable) -> Optional["DroidsafeLog4jError"]:
|
||||
line_nb, line = logs.peek((None, None))
|
||||
if line is None or line_nb is None:
|
||||
return None
|
||||
match = DroidsafeLog4jError.error_re.match(line)
|
||||
if match is None:
|
||||
return None
|
||||
error = DroidsafeLog4jError(line_nb, line_nb, match.group(1), match.group(2))
|
||||
next(logs)
|
||||
return error
|
||||
|
||||
|
||||
TIMEOUT = 900 # Doc says up to 2 hours
|
||||
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/mnt"
|
||||
CMD = "make -f /workspace/Makefile specdump-apk"
|
||||
|
||||
TOOL_NAME = "droidsafe"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"home_build": "home_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
DroidsafeLog4jError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
return (path / "droidsafe-gen" / "info-flow-results.txt").exists() and (
|
||||
path / "droidsafe-gen" / "template-spec.ssl"
|
||||
).exists()
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/flowdroid/RASTA_VERSION
Normal file
1
rasta_exp/docker/flowdroid/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
8
rasta_exp/docker/flowdroid/README.md
Normal file
8
rasta_exp/docker/flowdroid/README.md
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
# Flowdroid
|
||||
|
||||
- [source](https://github.com/secure-software-engineering/FlowDroid)
|
||||
- [paper](https://dl.acm.org/doi/10.1145/2666356.2594299)
|
||||
- language: Java 8
|
||||
- Build: Maven
|
||||
- number of years without at least 1 commit since first commit: 0
|
||||
- License: LGPL 2.1
|
||||
57
rasta_exp/docker/flowdroid/home_build/Dockerfile
Normal file
57
rasta_exp/docker/flowdroid/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,57 @@
|
|||
FROM ubuntu:22.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git clone --recurse-submodules https://github.com/secure-software-engineering/FlowDroid.git --branch v2.111.1 --single-branch /workspace/flowdroid
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-8-jdk sdkmanager maven
|
||||
|
||||
RUN sdkmanager "platforms;android-10" &&\
|
||||
sdkmanager "platforms;android-11" &&\
|
||||
sdkmanager "platforms;android-12" &&\
|
||||
sdkmanager "platforms;android-13" &&\
|
||||
sdkmanager "platforms;android-14" &&\
|
||||
sdkmanager "platforms;android-15" &&\
|
||||
sdkmanager "platforms;android-16" &&\
|
||||
sdkmanager "platforms;android-17" &&\
|
||||
sdkmanager "platforms;android-18" &&\
|
||||
sdkmanager "platforms;android-19" &&\
|
||||
sdkmanager "platforms;android-20" &&\
|
||||
sdkmanager "platforms;android-21" &&\
|
||||
sdkmanager "platforms;android-22" &&\
|
||||
sdkmanager "platforms;android-23" &&\
|
||||
sdkmanager "platforms;android-24" &&\
|
||||
sdkmanager "platforms;android-25" &&\
|
||||
sdkmanager "platforms;android-26" &&\
|
||||
sdkmanager "platforms;android-27" &&\
|
||||
sdkmanager "platforms;android-28" &&\
|
||||
sdkmanager "platforms;android-29" &&\
|
||||
sdkmanager "platforms;android-3" &&\
|
||||
sdkmanager "platforms;android-30" &&\
|
||||
sdkmanager "platforms;android-31" &&\
|
||||
sdkmanager "platforms;android-32" &&\
|
||||
sdkmanager "platforms;android-33" &&\
|
||||
sdkmanager "platforms;android-4" &&\
|
||||
sdkmanager "platforms;android-5" &&\
|
||||
sdkmanager "platforms;android-6" &&\
|
||||
sdkmanager "platforms;android-7" &&\
|
||||
sdkmanager "platforms;android-8"
|
||||
#sdkmanager "platforms;android-9" for some reason this one 404
|
||||
|
||||
RUN cd /workspace/flowdroid &&\
|
||||
# Test only works with java8, and it looks like the test apps are misplaced?
|
||||
# It still fails though
|
||||
update-java-alternatives -s /usr/lib/jvm/java-1.8.0-openjdk-amd64 &&\
|
||||
mv DroidBench/apk/* DroidBench/ &&\
|
||||
export ANDROID_JARS=/opt/android-sdk/platforms &&\
|
||||
export DROIDBENCH=/workspace/flowdroid/DroidBench &&\
|
||||
# mvn install # install & test with droidbench
|
||||
mvn -DskipTests install # for a quick build without tests
|
||||
|
||||
# Run for one app:
|
||||
# cd /workspace/flowdroid && java -jar soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar -a DroidBench/apk/Lifecycle/ActivityLifecycle1.apk -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt
|
||||
|
||||
COPY run.sh /
|
||||
22
rasta_exp/docker/flowdroid/home_build/run.sh
Executable file
22
rasta_exp/docker/flowdroid/home_build/run.sh
Executable file
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
cd /mnt
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} -a /mnt/${APK_FILENAME} -p /opt/android-sdk/platforms/ -s /workspace/flowdroid/soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles > /mnt/stdout 2> /mnt/stderr
|
||||
51
rasta_exp/docker/flowdroid/provided_build/Dockerfile
Normal file
51
rasta_exp/docker/flowdroid/provided_build/Dockerfile
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
FROM ubuntu:22.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y wget time
|
||||
|
||||
RUN mkdir -p /workspace/flowdroid/soot-infoflow-cmd/target &&\
|
||||
mkdir -p /workspace/flowdroid/soot-infoflow-android &&\
|
||||
wget -O /workspace/flowdroid/soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar https://github.com/secure-software-engineering/FlowDroid/releases/download/v2.10/soot-infoflow-cmd-jar-with-dependencies.jar &&\
|
||||
wget -O /workspace/flowdroid/soot-infoflow-android/SourcesAndSinks.txt https://raw.githubusercontent.com/secure-software-engineering/FlowDroid/v2.10/soot-infoflow-android/SourcesAndSinks.txt
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-8-jdk sdkmanager
|
||||
|
||||
RUN sdkmanager "platforms;android-10" &&\
|
||||
sdkmanager "platforms;android-11" &&\
|
||||
sdkmanager "platforms;android-12" &&\
|
||||
sdkmanager "platforms;android-13" &&\
|
||||
sdkmanager "platforms;android-14" &&\
|
||||
sdkmanager "platforms;android-15" &&\
|
||||
sdkmanager "platforms;android-16" &&\
|
||||
sdkmanager "platforms;android-17" &&\
|
||||
sdkmanager "platforms;android-18" &&\
|
||||
sdkmanager "platforms;android-19" &&\
|
||||
sdkmanager "platforms;android-20" &&\
|
||||
sdkmanager "platforms;android-21" &&\
|
||||
sdkmanager "platforms;android-22" &&\
|
||||
sdkmanager "platforms;android-23" &&\
|
||||
sdkmanager "platforms;android-24" &&\
|
||||
sdkmanager "platforms;android-25" &&\
|
||||
sdkmanager "platforms;android-26" &&\
|
||||
sdkmanager "platforms;android-27" &&\
|
||||
sdkmanager "platforms;android-28" &&\
|
||||
sdkmanager "platforms;android-29" &&\
|
||||
sdkmanager "platforms;android-3" &&\
|
||||
sdkmanager "platforms;android-30" &&\
|
||||
sdkmanager "platforms;android-31" &&\
|
||||
sdkmanager "platforms;android-32" &&\
|
||||
sdkmanager "platforms;android-33" &&\
|
||||
sdkmanager "platforms;android-4" &&\
|
||||
sdkmanager "platforms;android-5" &&\
|
||||
sdkmanager "platforms;android-6" &&\
|
||||
sdkmanager "platforms;android-7" &&\
|
||||
sdkmanager "platforms;android-8"
|
||||
#sdkmanager "platforms;android-9" for some reason this one 404
|
||||
|
||||
RUN update-java-alternatives -s /usr/lib/jvm/java-1.8.0-openjdk-amd64
|
||||
|
||||
# Run for one app:
|
||||
# cd /workspace/flowdroid && java -jar soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar -a DroidBench/apk/Lifecycle/ActivityLifecycle1.apk -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt
|
||||
|
||||
COPY run.sh /
|
||||
23
rasta_exp/docker/flowdroid/provided_build/run.sh
Executable file
23
rasta_exp/docker/flowdroid/provided_build/run.sh
Executable file
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
cd /workspace/flowdroid
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} -a /mnt/${APK_FILENAME} -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles > /mnt/stdout 2> /mnt/stderr
|
||||
23
rasta_exp/docker/flowdroid/run.sh
Executable file
23
rasta_exp/docker/flowdroid/run.sh
Executable file
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} -a /mnt/${APK_FILENAME} -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles > /mnt/stdout 2> /mnt/stderr
|
||||
118
rasta_exp/docker/flowdroid/test.py
Normal file
118
rasta_exp/docker/flowdroid/test.py
Normal file
|
|
@ -0,0 +1,118 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
import re
|
||||
|
||||
from typing import Any, Type, Optional
|
||||
from pathlib import Path
|
||||
from more_itertools import peekable
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
JAVA_PARAM = ""
|
||||
WORKDIR = "/workspace/flowdroid"
|
||||
JAR_FILE = "soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar"
|
||||
CMD = f"java {JAVA_PARAM} -jar {JAR_FILE} -a {PATH_APK} -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles"
|
||||
|
||||
TOOL_NAME = "flowdroid"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"home_build": "home_build",
|
||||
"provided_build": "provided_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
# TODO: add reg = re.compile(r"^\[main\] ERROR .*$", re.MULTILINE)
|
||||
# and strange backtrace without log4j prefixe
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
errors.FlowdroidLog4jError,
|
||||
]
|
||||
|
||||
|
||||
success_re = re.compile(
|
||||
r"\[.*?\] INFO soot.jimple.infoflow.android.SetupApplication\$InPlaceInfoflow - Data flow solver took (\d*) seconds. Maximum memory consumption: (\d*) MB\n"
|
||||
r"\[.*?\] INFO soot.jimple.infoflow.android.SetupApplication - Found (\d*) leaks",
|
||||
re.MULTILINE,
|
||||
)
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
l1, l2 = "", ""
|
||||
# TODO: find a better way to do it
|
||||
with (path / "stderr").open("r", errors="replace") as file:
|
||||
for l in file:
|
||||
l1, l2 = l2, l
|
||||
last_lines = l1 + l2
|
||||
match = success_re.match(last_lines)
|
||||
tool_specific = {}
|
||||
if match is not None:
|
||||
tool_specific["time"] = int(match.group(1))
|
||||
tool_specific["mem"] = (
|
||||
int(match.group(2)) * 1024 * 1024
|
||||
) # Memory unit is B, not MB
|
||||
tool_specific["nb_leaks_found"] = int(match.group(3))
|
||||
report["tool_specific"] = tool_specific
|
||||
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif match is not None:
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/gator/RASTA_VERSION
Normal file
1
rasta_exp/docker/gator/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
7
rasta_exp/docker/gator/README.md
Normal file
7
rasta_exp/docker/gator/README.md
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
# Gator
|
||||
|
||||
- [source](http://web.cse.ohio-state.edu/presto/software/gator/)
|
||||
- [paper](https://dl.acm.org/doi/10.1145/2544137.2544159), [paper](https://dl.acm.org/doi/abs/10.1145/2544137.2544159)
|
||||
- language: Java 8, python3
|
||||
- number of years without at least 1 release since first release: 4
|
||||
- License: BSD-3-Clause
|
||||
96
rasta_exp/docker/gator/home_build/Dockerfile
Normal file
96
rasta_exp/docker/gator/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,96 @@
|
|||
FROM ubuntu:22.04
|
||||
|
||||
RUN apt-get update && apt-get install -y time wget
|
||||
|
||||
ENV GatorRoot /workspace/gator
|
||||
RUN mkdir /workspace && cd /workspace && \
|
||||
wget http://web.cse.ohio-state.edu/presto/software/gator/downloads/gator-3.8.tar.gz && \
|
||||
tar xzf gator-3.8.tar.gz && rm gator-3.8.tar.gz && \
|
||||
mv gator-3.8 gator
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-8-jdk python3 openjdk-19-jdk unzip
|
||||
|
||||
# We need to download some API that are not available from the linux sdkmanager
|
||||
# like 'addon-google_apis-google-23', funny thing: the sdkmanager from google is not
|
||||
# java-8 compatible, but there is no garenty that gator is compatible with java > 8
|
||||
RUN mkdir -p /opt/android-sdk && \
|
||||
cd /opt/android-sdk && \
|
||||
wget https://dl.google.com/android/repository/commandlinetools-linux-9477386_latest.zip && \
|
||||
unzip commandlinetools-linux-9477386_latest.zip && rm commandlinetools-linux-9477386_latest.zip
|
||||
|
||||
ENV PATH="/opt/android-sdk/cmdline-tools/bin:$PATH"
|
||||
|
||||
RUN yes | sdkmanager --sdk_root=/opt/android-sdk --licenses &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-10" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-11" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-12" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-13" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-14" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-15" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-16" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-17" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-18" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-19" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-20" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-21" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-22" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-23" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-24" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-25" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-26" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-27" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-28" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-29" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-3" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-30" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-31" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-32" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-33" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-4" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-5" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-6" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-7" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "platforms;android-8"
|
||||
RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-3" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-4" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-5" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-6" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-7" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-8" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-9" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-10" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-11" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-12" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-13" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-14" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-15" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-16" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-17" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-18" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-19" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-21" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-22" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-23" &&\
|
||||
sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-24"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-20"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-25"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-26"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-27"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-28"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-29"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-30"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-31"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-32"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-33"
|
||||
#RUN sdkmanager --sdk_root=/opt/android-sdk "add-ons;addon-google_apis-google-34"
|
||||
|
||||
ENV GatorRoot=/workspace/gator
|
||||
ENV ANDROID_SDK=/opt/android-sdk
|
||||
RUN mkdir -p /opt/android-sdk/tools/bin/ && \
|
||||
ln -s /opt/android-sdk/cmdline-tools/bin/sdkmanager /opt/android-sdk/tools/bin/sdkmanager && \
|
||||
update-java-alternatives -s /usr/lib/jvm/java-1.8.0-openjdk-amd64
|
||||
|
||||
RUN cd /workspace/gator/gator && ./gator b
|
||||
RUN sed -i "s/cmd = \['java', '-Xmx12G',/cmd = ['java', *os.environ.get('JAVA_PARAM', '-Xmx12G').split(),/" /workspace/gator/gator/gator
|
||||
|
||||
COPY ./run.sh /
|
||||
23
rasta_exp/docker/gator/home_build/run.sh
Executable file
23
rasta_exp/docker/gator/home_build/run.sh
Executable file
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
cd /mnt
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} /workspace/gator/gator/gator analyze -g -t ${TIMEOUT} -p ${APK_FILENAME} -client GUIHierarchyPrinterClient -cp print2stdout > /mnt/stdout 2> /mnt/stderr
|
||||
cp /tmp/null-DEBUG-*.txt /mnt/
|
||||
103
rasta_exp/docker/gator/test.py
Normal file
103
rasta_exp/docker/gator/test.py
Normal file
|
|
@ -0,0 +1,103 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
import re
|
||||
|
||||
from typing import Any, Type, Optional
|
||||
from pathlib import Path
|
||||
from more_itertools import peekable
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = f"{GUEST_MNT}"
|
||||
# hacky (run 2 cmd instead of one, not compatible with the audit cmd), whould be cleanner in a run.sh TODO
|
||||
CMD = f"/workspace/gator/gator/gator analyze -g -t {TIMEOUT} -p {PATH_APK} -client GUIHierarchyPrinterClient -cp print2stdout >> '{GUEST_MNT}/stdout' 2>> '{GUEST_MNT}/stderr'; cp /tmp/null-DEBUG-*.txt /mnt/"
|
||||
|
||||
TOOL_NAME = "gator"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"home_build": "home_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "home_build"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
errors.FlowdroidLog4jError,
|
||||
errors.PythonError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
if len(list(path.glob("null-DEBUG-*.txt"))) == 0:
|
||||
return False
|
||||
with (path / "stdout").open("r", errors="replace") as file:
|
||||
for line in file:
|
||||
if "</GUIHierarchy>" in line:
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/ic3/RASTA_VERSION
Normal file
1
rasta_exp/docker/ic3/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
8
rasta_exp/docker/ic3/README.md
Normal file
8
rasta_exp/docker/ic3/README.md
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
# IC3
|
||||
|
||||
- [source](https://github.com/siis/ic3)
|
||||
- [paper](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7194563&tag=1)
|
||||
- language: Java 7
|
||||
- Build: Maven
|
||||
- number of years without at least 1 commit since first commit: 8
|
||||
- License: Apache 2.0
|
||||
32
rasta_exp/docker/ic3/home_build/Dockerfile
Normal file
32
rasta_exp/docker/ic3/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,32 @@
|
|||
FROM ubuntu:12.04
|
||||
|
||||
RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y wget time
|
||||
|
||||
RUN mkdir -p /workspace/dare && mkdir /workspace/ic3_bin /workspace/ic3 /workspace/maven
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-7-jdk
|
||||
|
||||
# Install dare
|
||||
RUN apt-get update && apt-get install -y ia32-libs
|
||||
RUN wget https://github.com/dare-android/platform_dalvik/releases/download/dare-1.1.0/dare-1.1.0-linux.tgz && \
|
||||
tar -xzf dare-1.1.0-linux.tgz -C /workspace/dare --strip-components=1 && rm dare-1.1.0-linux.tgz && \
|
||||
cd /workspace/dare && ./dex-preopt --bootstrap
|
||||
|
||||
#RUN wget https://github.com/siis/ic3/releases/download/v0.2.0/ic3-0.2.0-bin.tgz && \
|
||||
# tar -xzf ic3-0.2.0-bin.tgz -C /workspace/ic3_bin --strip-components=1 && rm ic3-0.2.0-bin.tgz
|
||||
|
||||
# Install recent maven (for https)
|
||||
RUN wget https://archive.apache.org/dist/maven/maven-3/3.8.7/binaries/apache-maven-3.8.7-bin.tar.gz --no-check-certificate && \
|
||||
echo '21c2be0a180a326353e8f6d12289f74bc7cd53080305f05358936f3a1b6dd4d91203f4cc799e81761cf5c53c5bbe9dcc13bdb27ec8f57ecf21b2f9ceec3c8d27 apache-maven-3.8.7-bin.tar.gz' | sha512sum --check &&\
|
||||
tar -xzf apache-maven-3.8.7-bin.tar.gz -C /workspace/maven --strip-components=1 && rm apache-maven-3.8.7-bin.tar.gz
|
||||
|
||||
ENV PATH="${PATH}://workspace/maven/bin"
|
||||
|
||||
RUN wget https://github.com/siis/ic3/archive/refs/tags/v0.2.0.tar.gz && \
|
||||
tar -xzf v0.2.0.tar.gz -C /workspace/ic3 --strip-components=1 && rm v0.2.0.tar.gz && \
|
||||
cd /workspace/ic3 && \
|
||||
mvn -Dhttps.protocols=TLSv1.2 clean compile package -P standalone
|
||||
|
||||
COPY run.sh /
|
||||
47
rasta_exp/docker/ic3/home_build/run.sh
Executable file
47
rasta_exp/docker/ic3/home_build/run.sh
Executable file
|
|
@ -0,0 +1,47 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
cd /workspace/dare
|
||||
mkdir -p /mnt/dare_out
|
||||
mkdir -p /mnt/ic3_out
|
||||
|
||||
# Expand Java Params: -Xmx16g -Xss16g ===> -x -Xmx16g -x -Xss16g
|
||||
DARE_JAVA_PARAM=`echo "${JAVA_PARAM}" | sed "s/-X/-x -X/g"`
|
||||
|
||||
#./dare -d /mnt/dare_out $@ /mnt/app.apk && echo 'DARE FINISHED' || echo 'DARE FAILED'
|
||||
echo "Doing: ./dare -d /mnt/dare_out ${DARE_JAVA_PARAM} /mnt/${APK_FILENAME}"
|
||||
|
||||
# Monitoring time of DARE (but time measurement will be lost)
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} ./dare -d /mnt/dare_out ${DARE_JAVA_PARAM} /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr
|
||||
|
||||
echo 'DARE FINISHED'
|
||||
|
||||
#java "${newargs[@]}" -jar /workspace/ic3/target/ic3-0.2.0-full.jar -protobuf /mnt/ic3_out -apkormanifest /mnt/app.apk -input /mnt/dare_out/retargeted/app/ -cp /workspace/ic3/src/main/resources/android.jar -out /mnt/ic3_out
|
||||
|
||||
HASH=`echo ${APK_FILENAME} | cut -d '.' -f '1'`
|
||||
|
||||
echo "Doing: java ${JAVA_PARAM} -jar /workspace/ic3/target/ic3-0.2.0-full.jar -protobuf /mnt/ic3_out -apkormanifest /mnt/${APK_FILENAME} -input /mnt/dare_out/retargeted/${HASH}/ -cp /workspace/ic3/src/main/resources/android.jar -out /mnt/ic3_out"
|
||||
|
||||
# Monitoring time of IC3
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar /workspace/ic3/target/ic3-0.2.0-full.jar -protobuf /mnt/ic3_out -apkormanifest /mnt/${APK_FILENAME} -input /mnt/dare_out/retargeted/${HASH}/ -cp /workspace/ic3/src/main/resources/android.jar -out /mnt/ic3_out >> /mnt/stdout 2>> /mnt/stderr
|
||||
|
||||
echo "IC3 finished"
|
||||
20
rasta_exp/docker/ic3/provided_build/Dockerfile
Normal file
20
rasta_exp/docker/ic3/provided_build/Dockerfile
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
FROM ubuntu:12.04
|
||||
|
||||
RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y wget time
|
||||
|
||||
RUN mkdir -p /workspace/dare && mkdir /workspace/ic3_bin /workspace/ic3 /workspace/maven
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-7-jdk
|
||||
|
||||
# Install dare
|
||||
RUN apt-get update && apt-get install -y ia32-libs
|
||||
RUN wget https://github.com/dare-android/platform_dalvik/releases/download/dare-1.1.0/dare-1.1.0-linux.tgz && \
|
||||
tar -xzf dare-1.1.0-linux.tgz -C /workspace/dare --strip-components=1 && rm dare-1.1.0-linux.tgz && \
|
||||
cd /workspace/dare && ./dex-preopt --bootstrap
|
||||
|
||||
RUN wget https://github.com/siis/ic3/releases/download/v0.2.0/ic3-0.2.0-bin.tgz && \
|
||||
tar -xzf ic3-0.2.0-bin.tgz -C /workspace/ic3_bin --strip-components=1 && rm ic3-0.2.0-bin.tgz
|
||||
|
||||
COPY run.sh /workspace/run.sh
|
||||
17
rasta_exp/docker/ic3/provided_build/run.sh
Executable file
17
rasta_exp/docker/ic3/provided_build/run.sh
Executable file
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/bash
|
||||
|
||||
cd /workspace/dare
|
||||
mkdir -p /mnt/dare_out
|
||||
mkdir -p /mnt/ic3_out
|
||||
|
||||
./dare -d /mnt/dare_out $@ /mnt/app.apk && echo 'DARE FINISHED' || echo 'DARE FAILED'
|
||||
|
||||
echo 'DARE FINISHED' 1>&2
|
||||
|
||||
newargs=( "$@" )
|
||||
# Filter out '-x' from args
|
||||
for index in "${!newargs[@]}" ; do
|
||||
[[ ${newargs[$index]} = '-x' ]] && unset -v 'newargs[$index]' ;
|
||||
done
|
||||
|
||||
java "${newargs[@]}" -jar /workspace/ic3_bin/ic3-0.2.0-full.jar -protobuf /mnt/ic3_out -apkormanifest /mnt/app.apk -input /mnt/dare_out/retargeted/app/ -cp /workspace/ic3/src/main/resources/android.jar -out /mnt/ic3_out
|
||||
103
rasta_exp/docker/ic3/test.py
Normal file
103
rasta_exp/docker/ic3/test.py
Normal file
|
|
@ -0,0 +1,103 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
|
||||
from typing import Any, Type
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/workspace"
|
||||
PARAM = "-x -Xmx950m -x -Xss32m"
|
||||
CMD = f"./run.sh {PARAM}"
|
||||
|
||||
TOOL_NAME = "ic3"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"fork_home_build": "fork_home_build",
|
||||
"home_build": "home_build",
|
||||
"provided_build": "provided_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "fork_home_build"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stdout", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
if (path / "dare_out").exists():
|
||||
# if the tool use dare, check that dare succed
|
||||
if not (path / "dare_out" / "retargeted" / "app" / "classes.txt").exists():
|
||||
return False
|
||||
return len(list((path / "ic3_out").iterdir())) >= 1
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/ic3_fork/RASTA_VERSION
Normal file
1
rasta_exp/docker/ic3_fork/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
home_build
|
||||
8
rasta_exp/docker/ic3_fork/README.md
Normal file
8
rasta_exp/docker/ic3_fork/README.md
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
# IC3
|
||||
|
||||
- [fork](https://github.com/JordanSamhi/ic3)
|
||||
- [paper](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7194563&tag=1)
|
||||
- language: Java 7
|
||||
- Build: Maven
|
||||
- number of years without at least 1 commit since first commit: 0
|
||||
- License: Apache 2.0
|
||||
54
rasta_exp/docker/ic3_fork/home_build/Dockerfile
Normal file
54
rasta_exp/docker/ic3_fork/home_build/Dockerfile
Normal file
|
|
@ -0,0 +1,54 @@
|
|||
FROM ubuntu:22.04
|
||||
|
||||
#RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y wget time git
|
||||
|
||||
RUN mkdir /workspace
|
||||
|
||||
RUN git init /workspace/ic3 && \
|
||||
cd /workspace/ic3 && \
|
||||
git remote add origin https://github.com/JordanSamhi/ic3.git && \
|
||||
git fetch --depth=1 origin 6a7828a5b7c7fb8d21f19086e27e0acb937769ba && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
RUN apt-get update && apt-get install -y maven openjdk-8-jdk sdkmanager
|
||||
RUN update-java-alternatives -s /usr/lib/jvm/java-1.8.0-openjdk-amd64
|
||||
|
||||
RUN sdkmanager "platforms;android-10" &&\
|
||||
sdkmanager "platforms;android-11" &&\
|
||||
sdkmanager "platforms;android-12" &&\
|
||||
sdkmanager "platforms;android-13" &&\
|
||||
sdkmanager "platforms;android-14" &&\
|
||||
sdkmanager "platforms;android-15" &&\
|
||||
sdkmanager "platforms;android-16" &&\
|
||||
sdkmanager "platforms;android-17" &&\
|
||||
sdkmanager "platforms;android-18" &&\
|
||||
sdkmanager "platforms;android-19" &&\
|
||||
sdkmanager "platforms;android-20" &&\
|
||||
sdkmanager "platforms;android-21" &&\
|
||||
sdkmanager "platforms;android-22" &&\
|
||||
sdkmanager "platforms;android-23" &&\
|
||||
sdkmanager "platforms;android-24" &&\
|
||||
sdkmanager "platforms;android-25" &&\
|
||||
sdkmanager "platforms;android-26" &&\
|
||||
sdkmanager "platforms;android-27" &&\
|
||||
sdkmanager "platforms;android-28" &&\
|
||||
sdkmanager "platforms;android-29" &&\
|
||||
sdkmanager "platforms;android-3" &&\
|
||||
sdkmanager "platforms;android-30" &&\
|
||||
sdkmanager "platforms;android-31" &&\
|
||||
sdkmanager "platforms;android-32" &&\
|
||||
sdkmanager "platforms;android-33" &&\
|
||||
sdkmanager "platforms;android-4" &&\
|
||||
sdkmanager "platforms;android-5" &&\
|
||||
sdkmanager "platforms;android-6" &&\
|
||||
sdkmanager "platforms;android-7" &&\
|
||||
sdkmanager "platforms;android-8"
|
||||
#sdkmanager "platforms;android-9" for some reason this one 404
|
||||
|
||||
RUN cd /workspace/ic3 && \
|
||||
mvn clean install:install-file -Dfile=libs/coal-all-0.1.7.jar -DgroupId=edu.psu.cse.siis -DartifactId=coal -Dversion=0.1.7 -Dpackaging=jar && \
|
||||
mvn clean package -P standalone
|
||||
|
||||
COPY run.sh /
|
||||
37
rasta_exp/docker/ic3_fork/home_build/run.sh
Executable file
37
rasta_exp/docker/ic3_fork/home_build/run.sh
Executable file
|
|
@ -0,0 +1,37 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
|
||||
cd /workspace/ic3
|
||||
mkdir -p /mnt/ic3_out
|
||||
|
||||
HASH=`echo ${APK_FILENAME} | cut -d '.' -f '1'`
|
||||
|
||||
# Command to execute
|
||||
CMD="java ${JAVA_PARAM} -jar /workspace/ic3/target/ic3-0.2.1-full.jar -protobuf /mnt/ic3_out -out /mnt/ic3_out -a /mnt/${APK_FILENAME} -cp /opt/android-sdk/platforms"
|
||||
|
||||
echo "Doing: ${CMD}"
|
||||
|
||||
# Monitoring time of IC3 FORK
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} ${CMD} >> /mnt/stdout 2>> /mnt/stderr
|
||||
|
||||
echo "IC3 FORK finished"
|
||||
|
||||
103
rasta_exp/docker/ic3_fork/test.py
Normal file
103
rasta_exp/docker/ic3_fork/test.py
Normal file
|
|
@ -0,0 +1,103 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
|
||||
from typing import Any, Type
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/workspace"
|
||||
PARAM = "-x -Xmx950m -x -Xss32m"
|
||||
CMD = f"./run.sh {PARAM}"
|
||||
|
||||
TOOL_NAME = "ic3"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"fork_home_build": "fork_home_build",
|
||||
"home_build": "home_build",
|
||||
"provided_build": "provided_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "fork_home_build"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stdout", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
if (path / "dare_out").exists():
|
||||
# if the tool use dare, check that dare succed
|
||||
if not (path / "dare_out" / "retargeted" / "app" / "classes.txt").exists():
|
||||
return False
|
||||
return len(list((path / "ic3_out").iterdir())) >= 1
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
1
rasta_exp/docker/iccta/RASTA_VERSION
Normal file
1
rasta_exp/docker/iccta/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
provided_build
|
||||
8
rasta_exp/docker/iccta/README.md
Normal file
8
rasta_exp/docker/iccta/README.md
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
# IccTA
|
||||
|
||||
- [source](https://github.com/lilicoding/soot-infoflow-android-iccta.git)
|
||||
- [paper](https://ieeexplore.ieee.org/document/7194581)
|
||||
|
||||
- language: Java 8
|
||||
- number of years without at least 1 commit since first commit: 7
|
||||
- License: LGPL 2.1
|
||||
79
rasta_exp/docker/iccta/provided_build/Dockerfile
Normal file
79
rasta_exp/docker/iccta/provided_build/Dockerfile
Normal file
|
|
@ -0,0 +1,79 @@
|
|||
FROM ubuntu:22.04
|
||||
|
||||
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
|
||||
|
||||
RUN apt-get update && apt-get install -y git time unzip wget
|
||||
|
||||
RUN mkdir /workspace
|
||||
RUN git init /workspace/iccta && \
|
||||
cd /workspace/iccta && \
|
||||
git remote add origin https://github.com/lilicoding/soot-infoflow-android-iccta.git && \
|
||||
git fetch --depth=1 origin 831afaaf7b4320a11f9453afb3d02cf41cfa6b69 && \
|
||||
git reset --hard FETCH_HEAD
|
||||
|
||||
RUN apt-get update && apt-get install -y openjdk-8-jdk mysql-server sdkmanager
|
||||
|
||||
RUN sdkmanager "platforms;android-10" &&\
|
||||
sdkmanager "platforms;android-11" &&\
|
||||
sdkmanager "platforms;android-12" &&\
|
||||
sdkmanager "platforms;android-13" &&\
|
||||
sdkmanager "platforms;android-14" &&\
|
||||
sdkmanager "platforms;android-15" &&\
|
||||
sdkmanager "platforms;android-16" &&\
|
||||
sdkmanager "platforms;android-17" &&\
|
||||
sdkmanager "platforms;android-18" &&\
|
||||
sdkmanager "platforms;android-19" &&\
|
||||
sdkmanager "platforms;android-20" &&\
|
||||
sdkmanager "platforms;android-21" &&\
|
||||
sdkmanager "platforms;android-22" &&\
|
||||
sdkmanager "platforms;android-23" &&\
|
||||
sdkmanager "platforms;android-24" &&\
|
||||
sdkmanager "platforms;android-25" &&\
|
||||
sdkmanager "platforms;android-26" &&\
|
||||
sdkmanager "platforms;android-27" &&\
|
||||
sdkmanager "platforms;android-28" &&\
|
||||
sdkmanager "platforms;android-29" &&\
|
||||
sdkmanager "platforms;android-3" &&\
|
||||
sdkmanager "platforms;android-30" &&\
|
||||
sdkmanager "platforms;android-31" &&\
|
||||
sdkmanager "platforms;android-32" &&\
|
||||
sdkmanager "platforms;android-33" &&\
|
||||
sdkmanager "platforms;android-4" &&\
|
||||
sdkmanager "platforms;android-5" &&\
|
||||
sdkmanager "platforms;android-6" &&\
|
||||
sdkmanager "platforms;android-7" &&\
|
||||
sdkmanager "platforms;android-8"
|
||||
#sdkmanager "platforms;android-9" for some reason this one 404
|
||||
|
||||
|
||||
#RUN mysqld & sleep 3 && \
|
||||
RUN sed -i '211s/);/)ENGINE=InnoDB CHARACTER SET utf8;/' /workspace/iccta/res/schema
|
||||
# mysql -e 'CREATE DATABASE cc' && \
|
||||
# mysql cc < /workspace/iccta/res/schema && \
|
||||
# mysql -e "CREATE USER 'icc_ta_user' IDENTIFIED BY 'P@ssw0rd';" && \
|
||||
# mysql -e "GRANT ALL PRIVILEGES ON cc.* TO 'icc_ta_user';"
|
||||
|
||||
RUN sed -i 's/<name>.*<\/name>/<name>cc<\/name>/' /workspace/iccta/res/jdbc.xml && \
|
||||
sed -i 's/<username>.*<\/username>/<username>icc_ta_user<\/username>/' /workspace/iccta/res/jdbc.xml && \
|
||||
sed -i 's/<password>.*<\/password>/<password>P@ssw0rd<\/password>/' /workspace/iccta/res/jdbc.xml && \
|
||||
sed -i 's/<name>.*<\/name>/<name>cc<\/name>/' /workspace/iccta/release/res/jdbc.xml && \
|
||||
sed -i 's/<username>.*<\/username>/<username>icc_ta_user<\/username>/' /workspace/iccta/release/res/jdbc.xml && \
|
||||
sed -i 's/<password>.*<\/password>/<password>P@ssw0rd<\/password>/' /workspace/iccta/release/res/jdbc.xml && \
|
||||
sed -i 's/android_jars=.*/android_jars=\/opt\/android-sdk\/platforms/' /workspace/iccta/release/res/iccta.properties
|
||||
|
||||
RUN cd /workspace && \
|
||||
echo 'user=icc_ta_user' > cc.properties && \
|
||||
echo 'password=P@ssw0rd' >> cc.properties && \
|
||||
echo 'characterEncoding=ISO-8859-1' >> cc.properties && \
|
||||
echo 'useUnicode=true' >> cc.properties && \
|
||||
wget https://github.com/JordanSamhi/Tools/raw/master/ic3.jar
|
||||
|
||||
RUN cd /workspace/iccta && \
|
||||
wget https://github.com/JordanSamhi/Tools/raw/master/iccta.jar
|
||||
|
||||
# JarRsrcLoader is broken in singularity for some reason, so let's get rid of the jar stuff
|
||||
RUN mkdir /workspace/iccta/unzipped && \
|
||||
unzip /workspace/iccta/iccta.jar -d /workspace/iccta/unzipped
|
||||
|
||||
|
||||
COPY run.sh /
|
||||
60
rasta_exp/docker/iccta/provided_build/run.sh
Executable file
60
rasta_exp/docker/iccta/provided_build/run.sh
Executable file
|
|
@ -0,0 +1,60 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
APK_FILENAME=$1
|
||||
|
||||
export TIME="time: %e
|
||||
kernel-cpu-time: %S
|
||||
user-cpu-time: %U
|
||||
max-rss-mem: %M
|
||||
avg-rss-mem: %t
|
||||
avg-total-mem: %K
|
||||
page-size: %Z
|
||||
nb-major-page-fault: %F
|
||||
nb-minor-page-fault: %R
|
||||
nb-fs-input: %I
|
||||
nb-fs-output: %O
|
||||
nb-socket-msg-received: %r
|
||||
nb-socket-msg-sent: %s
|
||||
nb-signal-delivered: %k
|
||||
exit-status: %x"
|
||||
|
||||
export CLASS_PATH='/workspace/iccta/unzipped:/workspace/iccta/unzipped/c3p0-0.9.1.2.jar:/workspace/iccta/unzipped/jdom-2.0.5.jar:/workspace/iccta/unzipped/AXMLPrinter2.jar:/workspace/iccta/unzipped/android.jar:/workspace/iccta/unzipped/junit.jar:/workspace/iccta/unzipped/commons-cli-1.2.jar:/workspace/iccta/unzipped/axml-2.0.jar:/workspace/iccta/unzipped/slf4j-api-1.7.5.jar:/workspace/iccta/unzipped/slf4j-simple-1.7.5.jar:/workspace/iccta/unzipped/guava-18.0.jar:/workspace/iccta/unzipped/dexlib2-2.1.0-dev.jar:/workspace/iccta/unzipped/asm-debug-all-5.0.3.jar:/workspace/iccta/unzipped/cglib-nodep-2.2.2.jar:/workspace/iccta/unzipped/cos.jar:/workspace/iccta/unzipped/hamcrest-all-1.3.jar:/workspace/iccta/unzipped/j2ee.jar:/workspace/iccta/unzipped/java_cup.jar:/workspace/iccta/unzipped/javassist-3.18.2-GA.jar:/workspace/iccta/unzipped/jboss-common-core-2.5.0.Final.jar:/workspace/iccta/unzipped/junit-4.11.jar:/workspace/iccta/unzipped/mockito-all-1.10.8.jar:/workspace/iccta/unzipped/mockito-all-1.9.5.jar:/workspace/iccta/unzipped/org.hamcrest.core_1.3.0.jar:/workspace/iccta/unzipped/polyglot.jar:/workspace/iccta/unzipped/powermock-mockito-1.6.1-full.jar:/workspace/iccta/unzipped/util-2.1.0-dev.jar:/workspace/iccta/unzipped/FlowDroid.jar:/workspace/iccta/unzipped/mysql-connector-java-8.0.18.jar'
|
||||
|
||||
# Create and run database as current user on specific file
|
||||
#SQL_DATA=`mktemp -d`
|
||||
#
|
||||
SQL_DATA=/mnt/mysql
|
||||
LOG_FILE="$SQL_DATA/log"
|
||||
mkdir $SQL_DATA
|
||||
chmod 777 $SQL_DATA
|
||||
chmod +x $SQL_DATA/..
|
||||
mysqld --datadir=$SQL_DATA --log-error=$LOG_FILE --default-time-zone='+00:00' --initialize-insecure
|
||||
mysqld --datadir=$SQL_DATA --skip-name-resolve --log-error=$LOG_FILE --default-time-zone='+00:00' --bind-address=127.0.0.1 --mysqlx=OFF --socket=$SQL_DATA/mysqld.sock &
|
||||
DB_PID="$!"
|
||||
|
||||
# Wait for db connection
|
||||
until mysql -u root --socket="$SQL_DATA/mysqld.sock" -e 'CREATE DATABASE cc'
|
||||
do
|
||||
echo 'Waiting for DB, error 2002 ^ is normal'
|
||||
sleep 1
|
||||
done
|
||||
mysql -u root --socket="$SQL_DATA/mysqld.sock" cc < /workspace/iccta/res/schema
|
||||
mysql -u root --socket="$SQL_DATA/mysqld.sock" -e "CREATE USER 'icc_ta_user' IDENTIFIED BY 'P@ssw0rd';"
|
||||
mysql -u root --socket="$SQL_DATA/mysqld.sock" -e "GRANT ALL PRIVILEGES ON cc.* TO 'icc_ta_user';"
|
||||
|
||||
cd /mnt
|
||||
ln -s /workspace/iccta/res /mnt/
|
||||
ln -s /workspace/iccta/libs /mnt/
|
||||
ln -s /workspace/iccta/iccProvider /mnt/
|
||||
ln -s /workspace/iccta/release /mnt/
|
||||
ln -s /workspace/iccta/AndroidCallbacks.txt /mnt/
|
||||
|
||||
#java ${JAVA_PARAM} -jar /workspace/ic3.jar -a /mnt/${APK_FILENAME} -cp /opt/android-sdk/platforms -db /workspace/cc.properties
|
||||
# Normal command
|
||||
#echo "java ${JAVA_PARAM} -jar /workspace/iccta/iccta.jar /mnt/${APK_FILENAME} /opt/android-sdk/platforms"
|
||||
# Singularity because broken classloader for some reason
|
||||
#echo "java -cp \$CLASS_PATH soot.jimple.infoflow.android.iccta.TestApps.Test /mnt/${APK_FILENAME} /opt/android-sdk/platforms"
|
||||
|
||||
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} sh -c "java ${JAVA_PARAM} -jar /workspace/ic3.jar -a /mnt/${APK_FILENAME} -cp /opt/android-sdk/platforms -db /workspace/cc.properties && java ${JAVA_PARAM} -cp ${CLASS_PATH} soot.jimple.infoflow.android.iccta.TestApps.Test /mnt/${APK_FILENAME} /opt/android-sdk/platforms" > /mnt/stdout 2> /mnt/stderr
|
||||
|
||||
kill -9 ${DB_PID}
|
||||
106
rasta_exp/docker/iccta/test.py
Normal file
106
rasta_exp/docker/iccta/test.py
Normal file
|
|
@ -0,0 +1,106 @@
|
|||
import datetime
|
||||
import importlib.util
|
||||
import logging
|
||||
|
||||
from typing import Any, Type
|
||||
from pathlib import Path
|
||||
|
||||
if __name__ == "__main__":
|
||||
import sys
|
||||
|
||||
sys.path.append(str(Path(__file__).resolve().parent.parent))
|
||||
|
||||
import orchestrator
|
||||
|
||||
errors = orchestrator.error_collector
|
||||
utils = orchestrator.utils
|
||||
|
||||
TIMEOUT = 900
|
||||
|
||||
GUEST_MNT = "/mnt"
|
||||
PATH_APK = f"{GUEST_MNT}/app.apk"
|
||||
|
||||
WORKDIR = "/workspace"
|
||||
PARAM = "-Xmx4g -Xss4g"
|
||||
CMD = f"./run.sh {PARAM}"
|
||||
|
||||
TOOL_NAME = "iccta"
|
||||
|
||||
# Version name -> folder name
|
||||
TOOL_VERSIONS = {
|
||||
"provided_build": "provided_build",
|
||||
}
|
||||
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
|
||||
DEFAULT_TOOL_VERSION = "provided_build"
|
||||
|
||||
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
|
||||
errors.JavaError,
|
||||
errors.NoPrefixJavaError,
|
||||
errors.FlowdroidLog4jError,
|
||||
]
|
||||
|
||||
|
||||
def analyse_artifacts(path: Path) -> dict[str, Any]:
|
||||
"""Analyse the artifacts of a test located at `path`."""
|
||||
report = utils.parse_report(path / "report")
|
||||
report["errors"] = list(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
report["errors"].extend(
|
||||
map(
|
||||
lambda e: e.get_dict(),
|
||||
errors.get_errors(path / "stdout", EXPECTED_ERROR_TYPES),
|
||||
)
|
||||
)
|
||||
if report["timeout"]:
|
||||
report["tool-status"] = "TIMEOUT"
|
||||
elif check_success(path):
|
||||
report["tool-status"] = "FINISHED"
|
||||
else:
|
||||
report["tool-status"] = "FAILED"
|
||||
report["tool-name"] = TOOL_NAME
|
||||
report["date"] = str(datetime.datetime.now())
|
||||
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
|
||||
return report
|
||||
|
||||
|
||||
def check_success(path: Path) -> bool:
|
||||
"""Check if the analysis finished without crashing."""
|
||||
l1 = False
|
||||
with (path / "stdout").open(errors="replace") as file:
|
||||
for line in file:
|
||||
if l1 and "Analysis has run for" in line:
|
||||
return True
|
||||
l1 = False
|
||||
if "Maximum memory consumption:" in line:
|
||||
l1 = True
|
||||
return False
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
import docker # type: ignore
|
||||
|
||||
args = orchestrator.get_test_args(TOOL_NAME)
|
||||
|
||||
tool_folder = Path(__file__).resolve().parent
|
||||
api_key = orchestrator.get_androzoo_key()
|
||||
if args.get_apk_info:
|
||||
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
|
||||
client = docker.from_env()
|
||||
|
||||
logging.info("Command tested: ")
|
||||
logging.info(f"[{WORKDIR}]$ {CMD}")
|
||||
|
||||
for apk_ref in args.apk_refs:
|
||||
orchestrator.test_tool_on_apk(
|
||||
client,
|
||||
tool_folder,
|
||||
api_key,
|
||||
apk_ref,
|
||||
args.tool_version,
|
||||
args.keep_artifacts,
|
||||
args.force_test,
|
||||
)
|
||||
10
rasta_exp/docker/lotrack/README.md
Normal file
10
rasta_exp/docker/lotrack/README.md
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
# Lotrack
|
||||
|
||||
- [source](https://github.com/MaxLillack/Lotrack)
|
||||
- [fork](https://github.com/miguelvelezmj25/Lotrack)
|
||||
- [paper](https://dl.acm.org/doi/10.1145/2642937.2643001)
|
||||
- language: Java
|
||||
- JMV: java 8?
|
||||
- Build: maven/ant/sbt
|
||||
- number of years without at least 1 commit since first commit: 8
|
||||
- Licence: Apache 2 (loadtime-gui) LGPL (dependencies Soot/Hero)
|
||||
1
rasta_exp/docker/mallodroid/RASTA_VERSION
Normal file
1
rasta_exp/docker/mallodroid/RASTA_VERSION
Normal file
|
|
@ -0,0 +1 @@
|
|||
mallodroid
|
||||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue