first commit

rasta_exp/docker/flowdroid/RASTA_VERSION

@@ -0,0 +1 @@
+home_build

rasta_exp/docker/flowdroid/README.md

@@ -0,0 +1,8 @@
+# Flowdroid
+
+- [source](https://github.com/secure-software-engineering/FlowDroid)
+- [paper](https://dl.acm.org/doi/10.1145/2666356.2594299)
+- language: Java 8
+- Build: Maven
+- number of years without at least 1 commit since first commit: 0
+- License: LGPL 2.1

rasta_exp/docker/flowdroid/home_build/Dockerfile

@@ -0,0 +1,57 @@
+FROM ubuntu:22.04
+
+# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
+
+RUN apt-get update && apt-get install -y git time
+
+RUN mkdir /workspace
+RUN git clone --recurse-submodules https://github.com/secure-software-engineering/FlowDroid.git --branch v2.111.1 --single-branch /workspace/flowdroid
+
+RUN apt-get update && apt-get install -y openjdk-8-jdk sdkmanager maven
+
+RUN sdkmanager "platforms;android-10" &&\
+    sdkmanager "platforms;android-11" &&\
+    sdkmanager "platforms;android-12" &&\
+    sdkmanager "platforms;android-13" &&\
+    sdkmanager "platforms;android-14" &&\
+    sdkmanager "platforms;android-15" &&\
+    sdkmanager "platforms;android-16" &&\
+    sdkmanager "platforms;android-17" &&\
+    sdkmanager "platforms;android-18" &&\
+    sdkmanager "platforms;android-19" &&\
+    sdkmanager "platforms;android-20" &&\
+    sdkmanager "platforms;android-21" &&\
+    sdkmanager "platforms;android-22" &&\
+    sdkmanager "platforms;android-23" &&\
+    sdkmanager "platforms;android-24" &&\
+    sdkmanager "platforms;android-25" &&\
+    sdkmanager "platforms;android-26" &&\
+    sdkmanager "platforms;android-27" &&\
+    sdkmanager "platforms;android-28" &&\
+    sdkmanager "platforms;android-29" &&\
+    sdkmanager "platforms;android-3"  &&\
+    sdkmanager "platforms;android-30" &&\
+    sdkmanager "platforms;android-31" &&\
+    sdkmanager "platforms;android-32" &&\
+    sdkmanager "platforms;android-33" &&\
+    sdkmanager "platforms;android-4"  &&\
+    sdkmanager "platforms;android-5"  &&\
+    sdkmanager "platforms;android-6"  &&\
+    sdkmanager "platforms;android-7"  &&\
+    sdkmanager "platforms;android-8"
+    #sdkmanager "platforms;android-9" for some reason this one 404
+
+RUN cd /workspace/flowdroid &&\
+    # Test only works with java8, and it looks like the test apps are misplaced?
+    # It still fails though
+    update-java-alternatives -s /usr/lib/jvm/java-1.8.0-openjdk-amd64 &&\
+    mv DroidBench/apk/* DroidBench/ &&\
+    export ANDROID_JARS=/opt/android-sdk/platforms &&\
+    export DROIDBENCH=/workspace/flowdroid/DroidBench &&\
+    # mvn install # install & test with droidbench
+    mvn -DskipTests install # for a quick build without tests
+
+# Run for one app:
+# cd /workspace/flowdroid && java -jar soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar -a DroidBench/apk/Lifecycle/ActivityLifecycle1.apk -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt
+
+COPY run.sh /

rasta_exp/docker/flowdroid/home_build/run.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+APK_FILENAME=$1
+
+export TIME="time: %e
+kernel-cpu-time: %S
+user-cpu-time: %U
+max-rss-mem: %M
+avg-rss-mem: %t
+avg-total-mem: %K
+page-size: %Z
+nb-major-page-fault: %F
+nb-minor-page-fault: %R
+nb-fs-input: %I
+nb-fs-output: %O
+nb-socket-msg-received: %r
+nb-socket-msg-sent: %s
+nb-signal-delivered: %k
+exit-status: %x"
+
+cd /mnt
+/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} -a /mnt/${APK_FILENAME} -p /opt/android-sdk/platforms/ -s /workspace/flowdroid/soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles > /mnt/stdout 2> /mnt/stderr

rasta_exp/docker/flowdroid/provided_build/Dockerfile

@@ -0,0 +1,51 @@
+FROM ubuntu:22.04
+
+# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
+
+RUN apt-get update && apt-get install -y wget time
+
+RUN mkdir -p /workspace/flowdroid/soot-infoflow-cmd/target &&\
+    mkdir -p /workspace/flowdroid/soot-infoflow-android &&\
+    wget -O /workspace/flowdroid/soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar https://github.com/secure-software-engineering/FlowDroid/releases/download/v2.10/soot-infoflow-cmd-jar-with-dependencies.jar &&\
+    wget -O /workspace/flowdroid/soot-infoflow-android/SourcesAndSinks.txt https://raw.githubusercontent.com/secure-software-engineering/FlowDroid/v2.10/soot-infoflow-android/SourcesAndSinks.txt
+
+RUN apt-get update && apt-get install -y openjdk-8-jdk sdkmanager
+
+RUN sdkmanager "platforms;android-10" &&\
+    sdkmanager "platforms;android-11" &&\
+    sdkmanager "platforms;android-12" &&\
+    sdkmanager "platforms;android-13" &&\
+    sdkmanager "platforms;android-14" &&\
+    sdkmanager "platforms;android-15" &&\
+    sdkmanager "platforms;android-16" &&\
+    sdkmanager "platforms;android-17" &&\
+    sdkmanager "platforms;android-18" &&\
+    sdkmanager "platforms;android-19" &&\
+    sdkmanager "platforms;android-20" &&\
+    sdkmanager "platforms;android-21" &&\
+    sdkmanager "platforms;android-22" &&\
+    sdkmanager "platforms;android-23" &&\
+    sdkmanager "platforms;android-24" &&\
+    sdkmanager "platforms;android-25" &&\
+    sdkmanager "platforms;android-26" &&\
+    sdkmanager "platforms;android-27" &&\
+    sdkmanager "platforms;android-28" &&\
+    sdkmanager "platforms;android-29" &&\
+    sdkmanager "platforms;android-3"  &&\
+    sdkmanager "platforms;android-30" &&\
+    sdkmanager "platforms;android-31" &&\
+    sdkmanager "platforms;android-32" &&\
+    sdkmanager "platforms;android-33" &&\
+    sdkmanager "platforms;android-4"  &&\
+    sdkmanager "platforms;android-5"  &&\
+    sdkmanager "platforms;android-6"  &&\
+    sdkmanager "platforms;android-7"  &&\
+    sdkmanager "platforms;android-8"
+    #sdkmanager "platforms;android-9" for some reason this one 404
+
+RUN update-java-alternatives -s /usr/lib/jvm/java-1.8.0-openjdk-amd64
+
+# Run for one app:
+# cd /workspace/flowdroid && java -jar soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar -a DroidBench/apk/Lifecycle/ActivityLifecycle1.apk -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt
+
+COPY run.sh /

rasta_exp/docker/flowdroid/provided_build/run.sh

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+
+APK_FILENAME=$1
+
+export TIME="time: %e
+kernel-cpu-time: %S
+user-cpu-time: %U
+max-rss-mem: %M
+avg-rss-mem: %t
+avg-total-mem: %K
+page-size: %Z
+nb-major-page-fault: %F
+nb-minor-page-fault: %R
+nb-fs-input: %I
+nb-fs-output: %O
+nb-socket-msg-received: %r
+nb-socket-msg-sent: %s
+nb-signal-delivered: %k
+exit-status: %x"
+
+cd /workspace/flowdroid
+/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} -a /mnt/${APK_FILENAME} -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles > /mnt/stdout 2> /mnt/stderr

rasta_exp/docker/flowdroid/run.sh

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+
+APK_FILENAME=$1
+
+export TIME="time: %e
+kernel-cpu-time: %S
+user-cpu-time: %U
+max-rss-mem: %M
+avg-rss-mem: %t
+avg-total-mem: %K
+page-size: %Z
+nb-major-page-fault: %F
+nb-minor-page-fault: %R
+nb-fs-input: %I
+nb-fs-output: %O
+nb-socket-msg-received: %r
+nb-socket-msg-sent: %s
+nb-signal-delivered: %k
+exit-status: %x"
+
+
+/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar ${JAR_FILE} -a /mnt/${APK_FILENAME} -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles > /mnt/stdout 2> /mnt/stderr

rasta_exp/docker/flowdroid/test.py

@@ -0,0 +1,118 @@
+import datetime
+import importlib.util
+import logging
+import re
+
+from typing import Any, Type, Optional
+from pathlib import Path
+from more_itertools import peekable
+
+
+if __name__ == "__main__":
+    import sys
+
+    sys.path.append(str(Path(__file__).resolve().parent.parent))
+
+import orchestrator
+
+errors = orchestrator.error_collector
+utils = orchestrator.utils
+
+
+TIMEOUT = 900
+
+
+GUEST_MNT = "/mnt"
+PATH_APK = f"{GUEST_MNT}/app.apk"
+
+JAVA_PARAM = ""
+WORKDIR = "/workspace/flowdroid"
+JAR_FILE = "soot-infoflow-cmd/target/soot-infoflow-cmd-jar-with-dependencies.jar"
+CMD = f"java {JAVA_PARAM} -jar {JAR_FILE} -a {PATH_APK} -p /opt/android-sdk/platforms/ -s soot-infoflow-android/SourcesAndSinks.txt --mergedexfiles"
+
+TOOL_NAME = "flowdroid"
+
+# Version name -> folder name
+TOOL_VERSIONS = {
+    "home_build": "home_build",
+    "provided_build": "provided_build",
+}
+# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
+DEFAULT_TOOL_VERSION = "home_build"
+
+# TODO: add reg = re.compile(r"^\[main\] ERROR .*$", re.MULTILINE)
+#       and strange backtrace without log4j prefixe
+EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
+    errors.JavaError,
+    errors.NoPrefixJavaError,
+    errors.FlowdroidLog4jError,
+]
+
+
+success_re = re.compile(
+    r"\[.*?\] INFO soot.jimple.infoflow.android.SetupApplication\$InPlaceInfoflow - Data flow solver took (\d*) seconds. Maximum memory consumption: (\d*) MB\n"
+    r"\[.*?\] INFO soot.jimple.infoflow.android.SetupApplication - Found (\d*) leaks",
+    re.MULTILINE,
+)
+
+
+def analyse_artifacts(path: Path) -> dict[str, Any]:
+    """Analyse the artifacts of a test located at `path`."""
+    report = utils.parse_report(path / "report")
+    report["errors"] = list(
+        map(
+            lambda e: e.get_dict(),
+            errors.get_errors(path / "stderr", EXPECTED_ERROR_TYPES),
+        )
+    )
+    l1, l2 = "", ""
+    # TODO: find a better way to do it
+    with (path / "stderr").open("r", errors="replace") as file:
+        for l in file:
+            l1, l2 = l2, l
+    last_lines = l1 + l2
+    match = success_re.match(last_lines)
+    tool_specific = {}
+    if match is not None:
+        tool_specific["time"] = int(match.group(1))
+        tool_specific["mem"] = (
+            int(match.group(2)) * 1024 * 1024
+        )  # Memory unit is B, not MB
+        tool_specific["nb_leaks_found"] = int(match.group(3))
+    report["tool_specific"] = tool_specific
+
+    if report["timeout"]:
+        report["tool-status"] = "TIMEOUT"
+    elif match is not None:
+        report["tool-status"] = "FINISHED"
+    else:
+        report["tool-status"] = "FAILED"
+    report["tool-name"] = TOOL_NAME
+    report["date"] = str(datetime.datetime.now())
+    report["apk"] = utils.sha256_sum(path / "app.apk").upper()
+    return report
+
+
+if __name__ == "__main__":
+    import docker  # type: ignore
+
+    args = orchestrator.get_test_args(TOOL_NAME)
+    tool_folder = Path(__file__).resolve().parent
+    api_key = orchestrator.get_androzoo_key()
+    if args.get_apk_info:
+        orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
+    client = docker.from_env()
+
+    logging.info("Command tested: ")
+    logging.info(f"[{WORKDIR}]$ {CMD}")
+
+    for apk_ref in args.apk_refs:
+        orchestrator.test_tool_on_apk(
+            client,
+            tool_folder,
+            api_key,
+            apk_ref,
+            args.tool_version,
+            args.keep_artifacts,
+            args.force_test,
+        )