search

soot-oss / soot

Soot - A Java optimization framework
GNU Lesser General Public License v2.1
2.87k stars 708 forks source link

Soot resolved an incorrect method signautre #2021

Open sarser2048 opened 11 months ago

sarser2048 commented 11 months ago

Describe the bug I used Soot to analyze some real-world projects, and found it provides an incorrect method signature, which has redundant single quotes.

Input file Maven Repo Link

The correct signature should be: com.fasterxml.jackson.core.util.JacksonFeatureSet: com.fasterxml.jackson.core.util.JacksonFeatureSet with(com.fasterxml.jackson.core.util.JacksonFeature)

However, I got the incorrect results with redudant single quotes in the method name. 6141700197768_ pic

To reproduce Directly use Soot analyze this class file and retrieve the method signature:

for (SootClass klass : Scene.v().getApplicationClasses()) {
  if (klass.isConcrete() && klass.getName().startsWith(PKG_NAME)) {
      for (SootMethod method : klass.getMethods()) {
          if(method.isJavaLibraryMethod()) {
              continue;
          }
          method.retrieveActiveBody();
          if (!method.hasActiveBody()) {
              System.out.println("No Active Body: " + method.getName());
              continue;
          }
          // .......
sarser2048 commented 11 months ago

There is a similar problem when analyzing the following method:

<com.fasterxml.jackson.core.io.ContentReference: com.fasterxml.jackson.core.io.ContentReference 'unknown'()>

MarcMil commented 11 months ago

This happens when the method name is a reserved name in Jimple: https://github.com/soot-oss/soot/blob/8698b753653b753754e45838cfa266bfb6dd8058/src/main/java/soot/Scene.java#L1535

Otherwise we would have a problem when you write out Jimple files and try to read them back in. See the quotedNameOf method.

canliture commented 10 months ago

look here, same problem: https://github.com/soot-oss/soot/pull/1697

sarser2048 commented 9 months ago

@MarcMil Thanks for your kind reply. Yes, I know Soot has the reserved names. However, the method quotedNameOf cannot work well when I used it.

For the following two used method signatures:

1st signature <com.fasterxml.jackson.databind.introspect.CollectorBase: com.fasterxml.jackson.databind.introspect.AnnotationCollector collectDefaultAnnotations(com.fasterxml.jackson.databind.introspect.AnnotationCollector,java.lang.annotation.Annotation[])

2nd signature <com.fasterxml.jackson.core.util.JacksonFeatureSet: com.fasterxml.jackson.core.util.JacksonFeatureSet with(com.fasterxml.jackson.core.util.JacksonFeature)>

The first signature can be converted to (annotation -> 'annotation'), but we cannot get the quoted version (with -> 'with') of the second signuatre when invoke Scene.v().quotedNameOf().

Soot may only use dot to seperate the given name, however, we often use method signature to get a resovled SootMethod. I think the method quotedNameOf should be improved.

And, another problem is, not all reserved names will be changed to quoted version, e.g., void.