From 2dc800570bdf75c7d10b78636527a8149fdb0aeb Mon Sep 17 00:00:00 2001 From: Victor Hazali Date: Thu, 17 Nov 2016 21:55:36 +0800 Subject: [PATCH] Added instruction for manually running SuSi Added information that we only support automated SuSi with bash shell script Removed susi.bat file --- README.md | 20 +++++++++++++++++--- susi.bat | 35 ----------------------------------- 2 files changed, 17 insertions(+), 38 deletions(-) delete mode 100644 susi.bat diff --git a/README.md b/README.md index 1c61036..7185ebb 100644 --- a/README.md +++ b/README.md @@ -10,11 +10,25 @@ Very Easy Job — A program to simplify the process of taint analysis using Flow 2. Run the run.py (Windows) or run-mac.py (Mac) for taint analysis 3. Result, if any, will be placed in "sootOutput" folder -### To generate source sink list for a new android platform +### To generate source sink list for a new android platform automatically 1. Create a new directory under android-platforms with the appropriate name 1. You must use the android-\ syntax to ensure that VEJ can find your android-platform -2. Place android.jar into the new directory. +2. Place android.jar into the new directory + 1. Ensure that it is a fully-implemented Android JAR file and not one that ships with Google's Android SDK + 2. Platform JAR files that ships with Google's Android SDK contains method stubs and are not suitable for SuSi + 3. Fully-implemented Android JAR files can be extracted from an emulator or a real phone +3. Run the susi.sh to generate the new source sink lists + 1. For now we only support automation with a bash shell script + 2. Windows users may try running it with a bash shell or performing the steps manually + +### To generate source sink list for a new android platform manually (Windows) +1. Create a new directory under android-platforms with the appropriate name + 1. You must use the android-\ syntax to ensure that VEJ can find your android-platform +2. Place android.jar into the new directory 1. Ensure that it is a fully-implemented Android JAR file and not one that ships with Google's Android SDK 2. Platform JAR files that ships with Google's Android SDK contains method stubs and are not suitable for SuSi 3. Fully-implemented Android JAR files can be extracted from an emulator or a real phone. -3. Run the susi.bat (Windows) or susi.sh (Mac) to generate the new source sink lists +3. Then, open up cmd and go to the folder containing SuSi +4. The command to run SuSi manually is `java -Xmx4g -cp susi\weka.jar;flowdroid\soot-trunk.jar;flowdroid\soot-infoflow.jar;flowdroid\soot-infoflow-android.jar;susi\susi.jar de.ecspride.sourcesinkfinder.SourceSinkFinder permissionMethodWithLabel.pscout out.pscout` +5. Upon completion, SuSi will produce multiple files. What we'll need is the `out_CatSources.pscout` and `out_CatSinks.pscout` files +6. Move the two files into the directory that you have created earlier in step 1 \ No newline at end of file diff --git a/susi.bat b/susi.bat deleted file mode 100644 index 69dc846..0000000 --- a/susi.bat +++ /dev/null @@ -1,35 +0,0 @@ -@echo off -TITLE SuSi - -rem Check for correct usage -if ["%~1"]==[""] ( - echo Usage: susi.bat - goto end -) - -SET filepath=%~s1 - -rem Check for correct filepath supplied -if not exist filepath ( - echo file does not exist. Ensure that you have used the correct file path - goto end -) - -SET folderpath=%~dp1 - -echo Running SuSi on %filepath% - -java -Xmx4g -cp susi\weka.jar;flowdroid\soot-trunk.jar;flowdroid\soot-infoflow.jar;flowdroid\soot-infoflow-android.jar;susi\susi.jar de.ecspride.sourcesinkfinder.SourceSinkFinder %filepath% permissionMethodWithLabel.pscout out.pscout - -rem Move the categorised sink and source to correct folder -move susi\out_CatSources.pscout %folderpath%\out_CatSources.pscout -move susi\out_CatSinks.pscout %folderpath%\out_CatSinks.pscout - -echo SuSi successfully generated sources and sinks list. Stored in %folderpath% - -rem Cleanup files created by susi -del susi\out* -del *.arff - -:end -PAUSE \ No newline at end of file