The Susi operating problem

[mao646489663]

Hi , I'm very interested in SUSI,I found my INPUTS didn't be used when the program is running ,do i have some mistake in operation or configuration. the error is happened here: pmp.getAllMethods(); in de.ecspride.sourcesinkfinder.SourceSinkFinder.loadMethodsFromFile(String[] sourceFileName) I'm looking forward to your reply,Thank you!

[StevenArzt]

Can you please provide the complete command line with which you started SuSi and the full output (and stack trace in the case of an exception) that was generated by SuSI?

[mao646489663]

I have modified the code and it will start in this :
String[] myArgs = new String[]{ "E:\program\SuSi-develop\android\android.jar", "E:\program\SuSi-develop\sootInput\susiInput.txt", "E:\program\SuSi-develop\sootOutput\sootOutput.txt" }; myMain(myArgs); here is the exception in thread "main" java.lang.NullPointerException at soot.jimple.infoflow.android.data.parsers.PermissionMethodParser.getAllMethods(PermissionMethodParser.java:220) at de.ecspride.sourcesinkfinder.SourceSinkFinder.loadMethodsFromFile(SourceSinkFinder.java:441) at de.ecspride.sourcesinkfinder.SourceSinkFinder.run(SourceSinkFinder.java:196) at de.ecspride.sourcesinkfinder.SourceSinkFinder.myMain(SourceSinkFinder.java:188) at de.ecspride.sourcesinkfinder.SourceSinkFinder.main(SourceSinkFinder.java:130)

[StevenArzt]

Which version of SuSi are you using? My PermissionMethodParser class only has 218 lines, whereas your stack trace references line 220. Did you build SuSi on your own or do you use the nightly build from our server? The nightly build is the safest and most simple option: https://ssebuild.cased.de/nightly/susi/build/jar/SuSi.jar. You still need soot, soot-infoflow, and soot-infoflow-android on your class path, but you can also use the nightly builds of these projects (available from the same server, just have a look at https://ssebuild.cased.de).

Additionally, can you provide the susiInput.txt file that you are using? Where did you obtain that file or did you create it on your own?

[mao646489663]

my SUSI is downloaded on your GITHUB, I have changed some code in the PermissionMethodParser and all the related projects are added. now the question i found is the sourceList, sinkList and neitherList in the PermissionMethodParser class has not been initialized, is still null.

susiIput.txt is a part of Ouput_CatSinks_v0_9.txt and Ouput_CatSources_v0_9.txt as a test.

[StevenArzt]

Can you confirm that the problem exists with the original, unmodified version of SuSi as well? It's hard to tell where a problem comes from if you have modified the code and might have unintentionally broken it.

[mao646489663]

yes I just added some test,Is the any different with the different versions of soot-infoflow-android?

[StevenArzt]

Which different versions of soot-infoflow-android? I assume that you are using the latest version from Github or the nightly build server. Please post the stack trace from the run on the unmodified version of SuSi, otherwise I cannot see where the error happens.

[mao646489663]

so what's the entrance of the program,here is my input file:

<com.p6spy.engine.common.SubclassTask: void loadClass(java.lang.String)> -> _SOURCE_
<com.android.internal.telephony.cdma.CDMAPhone: java.lang.String getDeviceId()> -> _SOURCE_
<android.location.LocationManager: void setTestProviderLocation(java.lang.String,android.location.Location)> -> _SINK_
<com.android.internal.telephony.RIL: void supplyIccPukForApp(java.lang.String,java.lang.String,java.lang.String,android.os.Message)> -> _SINK_
<com.android.internal.telephony.RIL: void getSmscAddress(android.os.Message)> android.permission.WAKE_LOCK -> _SOURCE_

<android.provider.Telephony$Sms: boolean moveMessageToFolder(android.content.Context,android.net.Uri,int,int)> -> _SINK_

Is the lack of any configuration? and the Analysis of AbstractSootFeaturezhong.initializeSoot to android.jar have no result,it's called in the SourceSinkFinder.PrefilterInterfaces , there must be something wrong in it.

[StevenArzt]

That was indeed a bug in the parser, thanks for reporting. Please update your version of soot-infoflow-android and try again.

[Zhongen]

Why I can not reach the server to download nightly build SuSi?

[mra12]

@StevenArzt The link https://ssebuild.cased.de/nightly/susi/build/jar/SuSi.jar is not working. Do you have another one where I could get the nightly version? I saw in another issue that you said that you're currently moving your servers and some links might be inactive. Thanks in advance.