these-android-re/rasta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

first commit

Browse source
This commit is contained in:
Jean-Marie Mineau 2023-11-15 15:59:13 +01:00
commit cd1e91bb99
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
287 changed files with 86425 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
rasta_exp/docker/saaf/RASTA_VERSION Normal file
View file

@ -0,0 +1 @@
home_build

10
rasta_exp/docker/saaf/README.md Normal file
View file

@ -0,0 +1,10 @@
# SAAF
- [source](https://github.com/SAAF-Developers/saaf)
- [fork](https://github.com/jpksh90/saaf)
- [paper](https://dl.acm.org/doi/pdf/10.1145/2480362.2480706)
- language: Java 6
- JVM: OpenJDK 1.6
- Build: Ant
- number of years without at least 1 commit since first commit: 9
- license: GPL

28
rasta_exp/docker/saaf/home_build/Dockerfile Normal file
View file

@ -0,0 +1,28 @@
FROM ubuntu:14.04
# RUN sed -i -e "s/archive.ubuntu.com/old-releases.ubuntu.com/g" /etc/apt/sources.list
RUN apt-get update && apt-get install -y git time
RUN mkdir /workspace
RUN git init /workspace/saaf && \
cd /workspace/saaf && \
git remote add origin https://github.com/SAAF-Developers/saaf && \
git fetch --depth=1 origin fc8dd8c86da2fa3c98ae9902e00c95ae248ecadb && \
git reset --hard FETCH_HEAD
RUN apt-get update && apt-get install -y ant openjdk-6-jdk mysql-server
# This allows to pass the db tests, the db is not needed for running the tool
RUN mysqld & sleep 10 && \
mysql -e 'CREATE DATABASE saaftest;' && \
mysql -e "CREATE USER 'saafuser' IDENTIFIED BY 'saafpass';" && \
mysql -e "GRANT ALL PRIVILEGES ON saaftest.* TO 'saafuser';"
RUN mysqld & sleep 10 && \
update-java-alternatives -s /usr/lib/jvm/java-1.6.0-openjdk-amd64 && \
export JAVA_TOOL_OPTIONS=-Dfile.encoding=UTF8 && \
cd /workspace/saaf && ant clean && ant fat-jar
COPY run.sh /

28
rasta_exp/docker/saaf/home_build/run.sh Executable file
View file

@ -0,0 +1,28 @@
#!/usr/bin/env bash
APK_FILENAME=$1
export TIME="time: %e
kernel-cpu-time: %S
user-cpu-time: %U
max-rss-mem: %M
avg-rss-mem: %t
avg-total-mem: %K
page-size: %Z
nb-major-page-fault: %F
nb-minor-page-fault: %R
nb-fs-input: %I
nb-fs-output: %O
nb-socket-msg-received: %r
nb-socket-msg-sent: %s
nb-signal-delivered: %k
exit-status: %x"
export _JAVA_OPTIONS=-Duser.home=/mnt
cd /mnt
# copying saaf software in /mnt (30 MB) as it needs to run and write in its own directory
cp -Rf /workspace/saaf ./
cd saaf
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar /mnt/saaf/dist/SAAF.jar -hl -log /mnt/log.txt -nodb -rprt /mnt/rprt /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr

23
rasta_exp/docker/saaf/run.sh Executable file
View file

@ -0,0 +1,23 @@
#!/usr/bin/env bash
APK_FILENAME=$1
export TIME="time: %e
kernel-cpu-time: %S
user-cpu-time: %U
max-rss-mem: %M
avg-rss-mem: %t
avg-total-mem: %K
page-size: %Z
nb-major-page-fault: %F
nb-minor-page-fault: %R
nb-fs-input: %I
nb-fs-output: %O
nb-socket-msg-received: %r
nb-socket-msg-sent: %s
nb-signal-delivered: %k
exit-status: %x"
/usr/bin/time -o /mnt/report -q /usr/bin/timeout --kill-after=20s ${TIMEOUT} java ${JAVA_PARAM} -jar /workspace/saaf/dist/SAAF.jar -hl -log /mnt/log.txt -nodb -rprt /mnt/rprt /mnt/${APK_FILENAME} > /mnt/stdout 2> /mnt/stderr

176
rasta_exp/docker/saaf/test.py Normal file
View file

@ -0,0 +1,176 @@
import datetime
import importlib.util
import logging
import xml.etree.ElementTree as xmltree
import re
from typing import Any, Type, Optional
from pathlib import Path
from more_itertools import peekable
if __name__ == "__main__":
import sys
sys.path.append(str(Path(__file__).resolve().parent.parent))
import orchestrator
errors = orchestrator.error_collector
utils = orchestrator.utils
TIMEOUT = 900
GUEST_MNT = "/mnt"
PATH_APK = f"{GUEST_MNT}/app.apk"
WORKDIR = "/workspace/saaf"
# JAVA_PARAM = "-Xms500M -Xmx500M" # Default param from script: not enough memory
JAVA_PARAM = "-Xms500M -Xmx64G"
JAR_FILE = "/workspace/saaf/dist/SAAF.jar"
CMD = f"java {JAVA_PARAM} -Dfile.encoding=UTF-8 -jar {JAR_FILE} -hl -log {GUEST_MNT}/log.txt -nodb -rprt {GUEST_MNT}/rprt {PATH_APK}"
TOOL_NAME = "saaf"
# Version name -> folder name
TOOL_VERSIONS = {
"home_build": "home_build",
}
# Name of the default version (default folder = TOOL_VERSIONS[DEFAULT_TOOL_VERSION])
DEFAULT_TOOL_VERSION = "home_build"
class SaafLog4jError(errors.LoggedError):
error_re = re.compile(
r"\d\d .*? \d\d\d\d \d\d:\d\d:\d\d,\d*? \[.*?\] (ERROR|FATAL) (.*?) - (.*)$"
)
def __init__(
self,
first_line_nb: int,
last_line_nb: int,
level: str,
origin: str,
msg: str,
logfile_name: str = "",
):
self.first_line_nb = first_line_nb
self.last_line_nb = last_line_nb
self.level = level
self.origin = origin
self.msg = msg
self.logfile_name = logfile_name
def __str__(self) -> str:
return f"{self.level} {self.origin} {self.msg}"
def get_dict(self) -> dict[str, Any]:
return {
"error_type": "Log4j",
"level": self.level,
"origin": self.origin,
"msg": self.msg,
"first_line": self.first_line_nb,
"last_line": self.last_line_nb,
"logfile_name": self.logfile_name,
}
@staticmethod
def parse_error(logs: peekable) -> Optional["SaafLog4jError"]:
line_nb, line = logs.peek((None, None))
if line is None or line_nb is None:
return None
match = SaafLog4jError.error_re.match(line)
if match is None:
return None
error = SaafLog4jError(
line_nb, line_nb, match.group(1), match.group(2), match.group(3)
)
next(logs)
return error
EXPECTED_ERROR_TYPES: list[Type[errors.LoggedError]] = [
errors.JavaError,
errors.NoPrefixJavaError,
SaafLog4jError,
]
def analyse_artifacts(path: Path) -> dict[str, Any]:
"""Analyse the artifacts of a test located at `path`."""
report = utils.parse_report(path / "report")
report["errors"] = list(
map(
lambda e: e.get_dict(),
errors.get_errors(path / "stdout", EXPECTED_ERROR_TYPES),
)
)
if report["timeout"]:
report["tool-status"] = "TIMEOUT"
elif check_success(path):
report["tool-status"] = "FINISHED"
else:
report["tool-status"] = "FAILED"
report["tool-name"] = TOOL_NAME
report["date"] = str(datetime.datetime.now())
report["apk"] = utils.sha256_sum(path / "app.apk").upper()
return report
def check_success(path: Path) -> bool:
"""Check if the analysis finished without crashing."""
# uncritical = None
critical = None
with (path / "stdout").open("r", errors="replace") as stdout:
for line in stdout:
# if "#Analyses w/ uncritical exceptions:" in line:
# uncritical = int(
# line.removeprefix("#Analyses w/ uncritical exceptions:").strip()
# )
if "#Critical Exceptions:" in line:
critical = int(line.removeprefix("#Critical Exceptions:").strip())
# if uncritical is None or critical is None:
# return False
if critical is None:
return False
if critical != 0:
return False
rprts = list((path / "rprt").glob("*.xml"))
if len(rprts) != 1:
return False
rprt = rprts[0]
tree = xmltree.parse(rprt)
msgs = tree.findall("./status/message")
if len(msgs) != 1:
return False
msg = msgs[0]
if msg.text != "FINISHED":
return False
return True
if __name__ == "__main__":
import docker # type: ignore
args = orchestrator.get_test_args(TOOL_NAME)
tool_folder = Path(__file__).resolve().parent
api_key = orchestrator.get_androzoo_key()
if args.get_apk_info:
orchestrator.load_apk_info(args.apk_refs, args.androzoo_list, api_key)
client = docker.from_env()
logging.info("Command tested: ")
logging.info(f"[{WORKDIR}]$ {CMD}")
for apk_ref in args.apk_refs:
orchestrator.test_tool_on_apk(
client,
tool_folder,
api_key,
apk_ref,
args.tool_version,
args.keep_artifacts,
args.force_test,
)