first commit

rasta_exp/docker/droidsafe/RASTA_VERSION

@@ -0,0 +1 @@
+home_build

rasta_exp/docker/droidsafe/README.md

@@ -0,0 +1,9 @@
+# Droidsafe
+
+- [source](https://github.com/MIT-PAC/droidsafe-src)
+- [fork](https://github.com/mas2tg/droidsafe-src)
+- [paper](https://people.csail.mit.edu/rinard/paper/ndss15.droidsafe.pdf)
+- language: Java 7, Python 2 (not much but still needed)
+- Build: Ant
+- number of years without at least 1 commit since first commit: 6
+- License: GPLv2

rasta_exp/docker/droidsafe/home_build/Dockerfile

@@ -0,0 +1,87 @@
+FROM ubuntu:14.04
+
+# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
+
+RUN apt-get update && apt-get install -y git time
+
+RUN mkdir /workspace
+RUN git init /workspace/droidsafe && \
+    cd /workspace/droidsafe && \
+    git remote add origin https://github.com/MIT-PAC/droidsafe-src.git && \
+    git fetch --depth=1 origin 1eab2fc473f3d32ba352280a6c520b216bd1b5df && \
+    git reset --hard FETCH_HEAD
+
+RUN apt-get update && apt-get install -y ant openjdk-7-jdk wget unzip make python
+
+# Download the android-sdk (no sdk-manager on 12.04)
+RUN apt-get update && apt-get install -y bsdtar && \
+    mkdir -p /opt/android-sdk/platforms/android-3 && \
+    wget -O /opt/android-sdk/platforms/android-3/zip.zip https://dl.google.com/android/repository/android-1.5_r04-linux.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-4 && \
+    wget -O /opt/android-sdk/platforms/android-4/zip.zip https://dl.google.com/android/repository/android-1.6_r03-linux.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-5 && \
+    wget -O /opt/android-sdk/platforms/android-5/zip.zip https://dl.google.com/android/repository/android-2.0_r01-linux.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-6 && \
+    wget -O /opt/android-sdk/platforms/android-6/zip.zip https://dl.google.com/android/repository/android-2.0.1_r01-linux.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-7 && \
+    wget -O /opt/android-sdk/platforms/android-7/zip.zip https://dl.google.com/android/repository/android-2.1_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-8 && \
+    wget -O /opt/android-sdk/platforms/android-8/zip.zip https://dl.google.com/android/repository/android-2.2_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-10 && \
+    wget -O /opt/android-sdk/platforms/android-10/zip.zip https://dl.google.com/android/repository/android-2.3.3_r02.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-11 && \
+    wget -O /opt/android-sdk/platforms/android-11/zip.zip https://dl.google.com/android/repository/android-3.0_r02.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-12 && \
+    wget -O /opt/android-sdk/platforms/android-12/zip.zip https://dl.google.com/android/repository/android-3.1_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-13 && \
+    wget -O /opt/android-sdk/platforms/android-13/zip.zip https://dl.google.com/android/repository/android-3.2_r01.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-14 && \
+    wget -O /opt/android-sdk/platforms/android-14/zip.zip https://dl.google.com/android/repository/android-14_r04.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-15 && \
+    wget -O /opt/android-sdk/platforms/android-15/zip.zip https://dl.google.com/android/repository/android-15_r05.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-16 && \
+    wget -O /opt/android-sdk/platforms/android-16/zip.zip https://dl.google.com/android/repository/android-16_r05.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-17 && \
+    wget -O /opt/android-sdk/platforms/android-17/zip.zip https://dl.google.com/android/repository/android-17_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-18 && \
+    wget -O /opt/android-sdk/platforms/android-18/zip.zip https://dl.google.com/android/repository/android-18_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-19 && \
+    wget -O /opt/android-sdk/platforms/android-19/zip.zip https://dl.google.com/android/repository/android-19_r04.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-21 && \
+    wget -O /opt/android-sdk/platforms/android-21/zip.zip https://dl.google.com/android/repository/android-21_r02.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-22 && \
+    wget -O /opt/android-sdk/platforms/android-22/zip.zip https://dl.google.com/android/repository/android-22_r02.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-23 && \
+    wget -O /opt/android-sdk/platforms/android-23/zip.zip https://dl.google.com/android/repository/platform-23_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-24 && \
+    wget -O /opt/android-sdk/platforms/android-24/zip.zip https://dl.google.com/android/repository/platform-24_r02.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-25 && \
+    wget -O /opt/android-sdk/platforms/android-25/zip.zip https://dl.google.com/android/repository/platform-25_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-26 && \
+    wget -O /opt/android-sdk/platforms/android-26/zip.zip https://dl.google.com/android/repository/platform-26_r02.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-27 && \
+    wget -O /opt/android-sdk/platforms/android-27/zip.zip https://dl.google.com/android/repository/platform-27_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-28 && \
+    wget -O /opt/android-sdk/platforms/android-28/zip.zip https://dl.google.com/android/repository/platform-28_r06.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-29 && \
+    wget -O /opt/android-sdk/platforms/android-29/zip.zip https://dl.google.com/android/repository/platform-29_r05.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-20 && \
+    wget -O /opt/android-sdk/platforms/android-20/zip.zip https://dl.google.com/android/repository/android-20_r02.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-30 && \
+    wget -O /opt/android-sdk/platforms/android-30/zip.zip https://dl.google.com/android/repository/platform-30_r03.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-31 && \
+    wget -O /opt/android-sdk/platforms/android-31/zip.zip https://dl.google.com/android/repository/platform-Sv2_r01.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-32 && \
+    wget -O /opt/android-sdk/platforms/android-32/zip.zip https://dl.google.com/android/repository/platform-32_r01.zip && \
+    mkdir -p /opt/android-sdk/platforms/android-33 && \
+    wget -O /opt/android-sdk/platforms/android-33/zip.zip https://dl.google.com/android/repository/platform-TiramisuPrivacySandbox_r08.zip && \
+    /usr/bin/find /opt/android-sdk/platforms/ -name '*.zip' -execdir bsdtar -x --strip-components=1 -f {} \;
+
+ENV ANDROID_SDK_HOME=/opt/android-sdk
+ENV DROIDSAFE_SRC_HOME=/workspace/droidsafe/
+ENV CLASSPATH=".:/workspace/droidsafe/classes/main:/workspace/droidsafe/bin/*:/workspace/droidsafe/lib/asmutil.jar:/workspace/droidsafe/lib/slf4j-api-1.7.2.jar:/workspace/droidsafe/lib/logback-classic-1.0.7.jar:/workspace/droidsafe/lib/logback-core-1.0.7.jar:/workspace/droidsafe/lib/soot-2.5.0.jar"
+
+RUN cd /workspace/droidsafe && sed -i '213i\\             encoding="UTF-8"' /workspace/droidsafe/build.xml && \
+    ant -Dfile.encoding=UTF-8 compile
+
+COPY run.sh /

rasta_exp/docker/droidsafe/home_build/run.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+APK_FILENAME=$1
+
+export TIME="time: %e
+kernel-cpu-time: %S
+user-cpu-time: %U
+max-rss-mem: %M
+avg-rss-mem: %t
+avg-total-mem: %K
+page-size: %Z
+nb-major-page-fault: %F
+nb-minor-page-fault: %R
+nb-fs-input: %I
+nb-fs-output: %O
+nb-socket-msg-received: %r
+nb-socket-msg-sent: %s
+nb-signal-delivered: %k
+exit-status: %x"
+
+
+#cd /mnt/
+#cp /workspace/droidsafe/android-apps/Makefile_apk /mnt/Makefile
+#basename=$(basename -s .apk ${APK_FILENAME})
+#sed -i "s#^NAME := APPNAME#NAME := ${basename}#" /mnt/Makefile
+#/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} make -f /mnt/Makefile specdump-apk > /mnt/stdout 2> /mnt/stderr
+
+export ANDROID_SDK_HOME=/opt/android-sdk/
+export DROIDSAFE_SRC_HOME=/workspace/droidsafe/
+# export DROIDSAFE_MEMORY=16
+
+
+cd /mnt
+/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} sh -c "/workspace/droidsafe/bin/unpack-apk -f ${1} && /workspace/droidsafe/bin/droidsafe -approot /mnt -apkfile ${1} -t specdump" >> /mnt/stdout 2>> /mnt/stderr

rasta_exp/docker/droidsafe/test.py

@@ -0,0 +1,140 @@
+import datetime
+import importlib.util
+import logging
+import re
+
+from typing import Any, Type, Optional
+from pathlib import Path
+from more_itertools import peekable
+
+
+if __name__ == "__main__":
+    import sys
+
+    sys.path.append(str(Path(__file__).resolve().parent.parent))
+
+import orchestrator
+
+errors = orchestrator.error_collector
+utils = orchestrator.utils
+
+
+class DroidsafeLog4jError(errors.LoggedError):
+    error_re = re.compile(r"(ERROR|FATAL): (.*)")
+
+    def __init__(
+        self,
+        first_line_nb: int,
+        last_line_nb: int,
+        level: str,
+        msg: str,
+        logfile_name: str = "",
+    ):
+        self.first_line_nb = first_line_nb
+        self.last_line_nb = last_line_nb
+        self.level = level
+        self.msg = msg
+        self.logfile_name = logfile_name
+
+    def __str__(self) -> str:
+        return f"{self.level}: {self.msg}"
+
+    def get_dict(self) -> dict[str, Any]:
+        return {
+            "error_type": "Log4jSimpleMsg",
+            "level": self.level,
+            "msg": self.msg,
+            "first_line": self.first_line_nb,
+            "last_line": self.last_line_nb,
+            "logfile_name": self.logfile_name,
+        }
+
+    @staticmethod
+    def parse_error(logs: peekable) -> Optional["DroidsafeLog4jError"]:
+        line_nb, line = logs.peek((None, None))
+        if line is None or line_nb is None:
+            return None
+        match = DroidsafeLog4jError.error_re.match(line)
+        if match is None:
+            return None
+        error = DroidsafeLog4jError(line_nb, line_nb, match.group(1), match.group(2))
+        next(logs)
+        return error
+
+
+TIMEOUT = 900  # Doc says up to 2 hours
+
+
+GUEST_MNT = "/mnt"
+PATH_APK = f"{GUEST_MNT}/app.apk"
+
+WORKDIR = "/mnt"
+CMD = "make -f /workspace/Makefile specdump-apk"
+
+TOOL_NAME = "droidsafe"
+
+# Version name -> folder name
+TOOL_VERSIONS = {
+    "home_build": "home_build",
+}
+# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
+DEFAULT_TOOL_VERSION = "home_build"
+
+EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
+    errors.JavaError,
+    errors.NoPrefixJavaError,
+    DroidsafeLog4jError,
+]
+
+
+def analyse_artifacts(path: Path) -> dict[str, Any]:
+    """Analyse the artifacts of a test located at `path`."""
+    report = utils.parse_report(path / "report")
+    report["errors"] = list(
+        map(
+            lambda e: e.get_dict(),
+            errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
+        )
+    )
+    if report["timeout"]:
+        report["tool-status"] = "TIMEOUT"
+    elif check_success(path):
+        report["tool-status"] = "FINISHED"
+    else:
+        report["tool-status"] = "FAILED"
+    report["tool-name"] = TOOL_NAME
+    report["date"] = str(datetime.datetime.now())
+    report["apk"] = utils.sha256_sum(path / "app.apk").upper()
+    return report
+
+
+def check_success(path: Path) -> bool:
+    """Check if the analysis finished without crashing."""
+    return (path / "droidsafe-gen" / "info-flow-results.txt").exists() and (
+        path / "droidsafe-gen" / "template-spec.ssl"
+    ).exists()
+
+
+if __name__ == "__main__":
+    import docker  # type: ignore
+
+    args = orchestrator.get_test_args(TOOL_NAME)
+    tool_folder = Path(__file__).resolve().parent
+    api_key = orchestrator.get_androzoo_key()
+    if args.get_apk_info:
+        orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
+    client = docker.from_env()
+
+    logging.info("Command tested: ")
+    logging.info(f"[{WORKDIR}]$ {CMD}")
+
+    for apk_ref in args.apk_refs:
+        orchestrator.test_tool_on_apk(
+            client,
+            tool_folder,
+            api_key,
+            apk_ref,
+            args.tool_version,
+            args.keep_artifacts,
+            args.force_test,
+        )