Bad use of primitive type(int)

[xwlin-roy]

Hi,all I did instrumentation in apks,but encountered a problem.My steps:

• I used source code to generate apk, which could run normally.

` public void test(int index) {

    int i = randomArr[index];
}

`

• I used command java -Xmx6g -jar soot-trunk.jar soot.Main -w -allow-phantom-refs -android-jars D:\AndroidSDK\platforms\ -src-prec apk -f jimple -process-dir app-debug.apk to transform apk into jimple files.
• I did my instrumentation according with jimple file generated.

The left of picture was jimple generated form apk,the other was I used soot's api to construct.

• When I did instrumentation with this statement $i0 = $r6[$i0];,Soot reported error:

Stack trace:

Warning: Bad use of primitive type at $i0 = $r1[$i0] in  in 
    at soot.validation.CheckTypesValidator.checkCopy(CheckTypesValidator.java:95)
    at soot.validation.CheckTypesValidator.validate(CheckTypesValidator.java:45)
    at soot.Body.validate(Body.java:258)
    at soot.jimple.JimpleBody.validate(JimpleBody.java:120)
    at soot.jimple.JimpleBody.validate(JimpleBody.java:110)
    at soot.PackManager.runBodyPacks(PackManager.java:988)
    at soot.PackManager.access$000(PackManager.java:138)
    at soot.PackManager$1.run(PackManager.java:633)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)

• To do this instrumentation,I used these api: `if (body.getMethod().getDeclaringClass().getShortName() .equals("InstrumentationHelper") && body.getMethod().getName().equals("test")) {

    // Get method's this local
    Local r0 = body.getThisLocal();
    SootField randomArr = body.getMethod().getDeclaringClass().getField("int[] randomArr");
  
    // Set method's parameter
    List<Type> parameterTypes = new ArrayList<>();
    Type intParam = IntType.v();
    parameterTypes.add(intParam);
    body.getMethod().setParameterTypes(parameterTypes);
    Local intLocal = Jimple.v().newLocal("$i0", intParam);
    body.getLocals().add(intLocal);
  
    Local arrLocal = Jimple.v().newLocal("$r1", ArrayType.v(RefType.v("int"), 1));
    body.getLocals().add(arrLocal);
  
    Chain units = body.getUnits();
    Iterator stmtIt = units.snapshotIterator();
    while (stmtIt.hasNext()) {
        Stmt stmt = (Stmt) stmtIt.next();
        if (stmt.toString().contains("return")) {
  
            units.insertBefore(Jimple.v().newIdentityStmt(intLocal, Jimple.v().newParameterRef(intParam, 0)), stmt);
            units.insertBefore(Jimple.v().newAssignStmt(arrLocal, Jimple.v().newInstanceFieldRef(r0, randomArr.makeRef())), stmt);
            units.insertBefore(Jimple.v().newAssignStmt(intLocal, Jimple.v().newArrayRef(arrLocal, intLocal)), stmt);
  
        }
    }
  
  }`

• Can you give me some advices on this issue?Maybe it's in connection with autoboxing?

Command line:

-android-jars D:\AndroidSDK\platforms -src-prec apk -f jimple -allow-phantom-refs -validate true -include-all -cp D:\Program Files\Java\jdk1.7.0_55\jre\lib\rt.jar;D:\AndroidSDK\platforms\android-21\android.jar;E:\Users\SongJun\workspace\Soot\InstrumentationMap -process-dir F:\Master\AndroidSecurity\APK\app-debug.apk -force-overwrite

[xwlin-roy]

Thank you Marc. @MarcMil According to Marc,I use RefType.v("int") to generate array local,which is wrong. Int isn't a reference type,use IntType.v() instead. This issue has solved,I close it.