Open mraashish opened 2 weeks ago
Hi,
can you tell us which Java version you have used to compile the program? If I compile the interprocedural program with Java 11, I only get an IncompleteOperationError
as expected (since a call to doFinal
is missing), there is no RequiredPredicateError
(you can check with the attached file). Note that newer Java versions may produce different byte codes. Currently, we focused mostly on Java 11 and 8, that is, you can expect the best results with compiling your programs with these versions (or versions that are not too new, e.g. Java 17).
Hi, The output of Java 11 is indeed different from Java 19,
However, this still doesn't solve this issue of interprocedural2 for some reasons. Can you check for this file as well. I believe there should not be ImpreciseValueExtractionError for this file.
As for the previous issue, I have deleted all instances of other java versions from my machine and i am sure i am using Java11 now. However, the jar output when using it through a terminal still gives me RequiredPredicateError:
String jarFileName = classFilePath.replace(".class", ".jar");
ProcessBuilder pb = new ProcessBuilder("jar", "-cf", jarFileName, classFilePath);
pb.environment().putAll(env);
Process process = pb.start();
captureProcessOutput(process);
But simply making a Jar file using JarOutputStream doesn't give this error.
String jarFilePath = classFilePath.replace(".class", ".jar");
try (JarOutputStream jarOutputStream = new JarOutputStream(new FileOutputStream(jarFilePath))) {
String entryName = new File(classFilePath).getName();
JarEntry entry = new JarEntry(entryName);
jarOutputStream.putNextEntry(entry);
byte[] fileContent = Files.readAllBytes(Paths.get(classFilePath));
jarOutputStream.write(fileContent);
jarOutputStream.closeEntry();
}
Do you know why?
Okay. So looking at the example you provided, there seems to be a mismatch with the class declaration. Note that the class CorrectedEcbMode
is declared in the package org.cambench.cap.interprocedural2.truepositive.ecbmode
, that is, it is declared as org.cambench.cap.interprocedural2.truepositive.ecbmode.CorrectedEcbMode
. However, the compiled class is only CorrectedEcbMode
. With this, Soot does load the class CorrectedEcbMode
because this is the actual main class, but tries to work with org.cambench.cap.interprocedural2.truepositive.ecbmode.CorrectedEcbMode
because the class is declared like that. To deal with this problem, try to remove the package
statement. For me, it worked after that. What I have done:
package
statementjavac CorrectedEcbMode.java
jar -cf CorrectedEcbMode.jar CorrectedEcbMode.class
After that, there is only the expected IncompleteOperationError
. I hope this helps!
It helped . Thanks
The Interprocedural Analysis fails when key is generated in a different method.
For the two examples below, Cognicrypt gives different results.
SimpleEncryption.java
SimpleEncryption1.java
The output for the 1st code gives a RequiredPredicateError in the last statement cipher.init(Cipher.ENCRYPT_MODE,key);.
This is the output for " HeadlessJavaScanner-4.0.0-jar-with-dependencies.jar ".