soot.jimple.infoflow.aliasing

类 Aliasing

java.lang.Object

soot.jimple.infoflow.aliasing.Aliasing

public class Aliasing
extends Object

Helper class for aliasing operations

作者:

Steven Arzt

字段概要

字段

限定符和类型	字段和说明
protected com.google.common.cache.LoadingCache<soot.SootMethod,soot.jimple.toolkits.pointer.LocalMustAliasAnalysis>	strongAliasAnalysis

构造器概要

构造器

构造器和说明
Aliasing(IAliasingStrategy aliasingStrategy, InfoflowManager manager)

方法概要

限定符和类型	方法和说明
static boolean	baseMatches(soot.Value baseValue, Abstraction source) Checks whether the given base value matches the base of the given taint abstraction
static boolean	baseMatchesStrict(soot.Value baseValue, Abstraction source) Checks whether the given base value matches the base of the given taint abstraction and ends there.
static boolean	canHaveAliases(AccessPath ap) Gets whether the given access path can have aliases
boolean	canHaveAliases(soot.jimple.Stmt stmt, soot.Value val, Abstraction source) Checks whether the given newly created taint can have an alias at the given statement.
void	computeAliases(Abstraction d1, soot.jimple.Stmt src, soot.Value targetValue, Set<Abstraction> taintSet, soot.SootMethod method, Abstraction newAbs) Computes the taints for the aliases of a given tainted variable
void	excludeMethodFromMustAlias(soot.SootMethod method) Adds a new method to be excluded from the must-alias analysis
IAliasingStrategy	getAliasingStrategy()
boolean	isStringConstructorCall(soot.jimple.Stmt iStmt) Checks whether the given statement is a call to a String constructor
AccessPath	mayAlias(AccessPath ap, soot.Value val) Gets whether a value and an access path may potentially point to the same runtime object
boolean	mayAlias(soot.Value val1, soot.Value val2) Gets whether two values may potentially point to the same runtime object
boolean	mustAlias(soot.Local val1, soot.Local val2, soot.jimple.Stmt position) Gets whether the two values must always point to the same runtime object
boolean	mustAlias(soot.SootField field1, soot.SootField field2) Gets whether the two fields must always point to the same runtime object

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料

strongAliasAnalysis

protected final com.google.common.cache.LoadingCache<soot.SootMethod,soot.jimple.toolkits.pointer.LocalMustAliasAnalysis> strongAliasAnalysis

构造器详细资料

Aliasing

public Aliasing(IAliasingStrategy aliasingStrategy,
                InfoflowManager manager)

方法详细资料

computeAliases

public void computeAliases(Abstraction d1,
                           soot.jimple.Stmt src,
                           soot.Value targetValue,
                           Set<Abstraction> taintSet,
                           soot.SootMethod method,
                           Abstraction newAbs)

Computes the taints for the aliases of a given tainted variable

参数:

d1 - The context in which the variable has been tainted

src - The statement that tainted the variable

targetValue - The target value which has been tainted

taintSet - The set to which all generated alias taints shall be added

method - The method containing src

newAbs - The newly generated abstraction for the variable taint

mayAlias

public boolean mayAlias(soot.Value val1,
                        soot.Value val2)

Gets whether two values may potentially point to the same runtime object

参数:

val1 - The first value

val2 - The second value

返回:

True if the two values may potentially point to the same runtime object, otherwise false

mayAlias

public AccessPath mayAlias(AccessPath ap,
                           soot.Value val)

Gets whether a value and an access path may potentially point to the same runtime object

参数:

ap - The access path

val - The value

返回:

The access path that actually matched if the given value and access path alias. In the simplest case, this is the given access path. When using recursive access paths, it can however also be a base expansion. If the given access path and value do not alias, null is returned.

mustAlias

public boolean mustAlias(soot.SootField field1,
                         soot.SootField field2)

Gets whether the two fields must always point to the same runtime object

参数:

field1 - The first field

field2 - The second field

返回:

True if the two fields must always point to the same runtime object, otherwise false

mustAlias

public boolean mustAlias(soot.Local val1,
                         soot.Local val2,
                         soot.jimple.Stmt position)

Gets whether the two values must always point to the same runtime object

参数:

field1 - The first value

field2 - The second value

position - The statement at which to check for an aliasing relationship

返回:

True if the two values must always point to the same runtime object, otherwise false

canHaveAliases

public boolean canHaveAliases(soot.jimple.Stmt stmt,
                              soot.Value val,
                              Abstraction source)

Checks whether the given newly created taint can have an alias at the given statement. Assume a statement a.x = source(). This will check whether tainting a. can induce new aliases or not.

参数:

val - The value which gets tainted

source - The source from which the taints comes from

返回:

True if the analysis must look for aliases for the newly constructed taint, otherwise false

isStringConstructorCall

public boolean isStringConstructorCall(soot.jimple.Stmt iStmt)

Checks whether the given statement is a call to a String constructor

参数:

iStmt - The statement to check

返回:

True if the given statement is a call to a String constructor, false otherwise

canHaveAliases

public static boolean canHaveAliases(AccessPath ap)

Gets whether the given access path can have aliases

参数:

ap - The access path to check

返回:

True if the given access path can have aliases, otherwise false

baseMatches

public static boolean baseMatches(soot.Value baseValue,
                                  Abstraction source)

Checks whether the given base value matches the base of the given taint abstraction

参数:

baseValue - The value to check

source - The taint abstraction to check

返回:

True if the given value has the same base value as the given taint abstraction, otherwise false

baseMatchesStrict

public static boolean baseMatchesStrict(soot.Value baseValue,
                                        Abstraction source)

Checks whether the given base value matches the base of the given taint abstraction and ends there. So a will match a, but not a.x. Not that this function will still match a to a.*.

参数:

baseValue - The value to check

source - The taint abstraction to check

返回:

True if the given value has the same base value as the given taint abstraction and no further elements, otherwise false

excludeMethodFromMustAlias

public void excludeMethodFromMustAlias(soot.SootMethod method)

Adds a new method to be excluded from the must-alias analysis

参数:

method - The method to be excluded

getAliasingStrategy

public IAliasingStrategy getAliasingStrategy()