Currently pysoot uses a symlink to "install" itself into the Jython environment. This prevents building an sdist with python -m build --sdist. An alternative solution needs to be found.

I'm trying to run one of the basic samples (java_crackme1) and I'm receiving the following complaints:

WARNING | 2022-07-23 18:52:39,336 | angr.engines.soot.field_dispatcher | Couldn't find field in in classes [java.lang.System].
WARNING | 2022-07-23 18:52:39,337 | angr.engines.soot.field_dispatcher | Couldn't find field out in classes [java.lang.System].
WARNING | 2022-07-23 18:52:39,352 | angr.engines.soot.expressions.newarray | Array size <BV32 argc_0_32> can exceed maximum size. It gets bounded with the maximum <BV32 0x3e8>.

Similar errors about not being able to find java.lang.System.out are repeated later and no useful output is produced.

I've tried using OpenJDK 8 and OpenJDK 11 and am running this all on an Arm64 system. (Fedora under macOS)

I get this error when running ./test_pysoot.py

OSError: [Errno 2] No such file or directory: '/home/../pysoot-master/test/../..
/binaries-private/java/textcrunchr_libs

Question

Is there any way to run pysoot in Windows environment？

https://docs.angr.io/advanced-topics/java_support

pip uninstall pysmt
git clone https://github.com/pysmt/pysmt.git
cd pysmt
git checkout 6d792db47be5f8734db15848faca9bc6b770085e
pip install -e .
cd ..

Error:

claripy 9.2.11 requires pysmt>=0.9.1.1.dev119 but you have pysmt 0.8.1.dev1 which is incompatible 

This is definitely low priority.
We can continue doing what implemented in 30b3cda, but at some point we may want to consider adding the Android Sdk to the CI.
It is more than 2GB.

@rhelmot ping me if you want to do this at some point

Question

Encountering weird problems when analyzing some APK files

I am a beginner, so please forgive me if these issues are actually easy to solve. I have been stuck with these things for a long time.

Description

When I load different APK files using the following Python code, three weird problems occur that prevent the program from returning the correct results.

Python code:

from pysoot.lifter import Lifter

android_sdk_path = "/home/yyy/Android/Sdk/platforms"
apk_file = "xxx.apk"
lifter = Lifter(apk_file, input_format="apk", ir_format="jimple", android_sdk=android_sdk_path)
print("{} has {} classes".format(apk_file, len(lifter.classes)))

Problem 1: Chosen the wrong API version.

The output is:

pysoot.errors.JythonClientException: JYTHON SOCKET CLOSED
STDOUT:
b'Soot CUSTOM: Scene created! >>> 3\n'b'Chosen APIVersion: [-1, -1, -1] --> 3\n'
STDERR:
......b'java.lang.RuntimeException: java.lang.RuntimeException: error: target android.jar (/home/yyy/Android/Sdk/platforms/android-3/android.jar) does not exist.\n'

or

pysoot.errors.JythonClientException: JYTHON SOCKET CLOSED
STDOUT:
b'Soot CUSTOM: Scene created! >>> 3\n'b'Chosen APIVersion: [63055, 28, 19] --> 63055\n'
STDERR:
......b'java.lang.RuntimeException: java.lang.RuntimeException: Required APIVersion (63055) is not available. maxAPI is: 34\n'

Problem 2: Encountered small uint that is out of range.

The output is:

pysoot.errors.JythonClientException: JYTHON SOCKET CLOSED
STDOUT:
b'Soot CUSTOM: Scene created! >>> 3\n'b'Chosen APIVersion: [29, 28, 19] --> 29\n'b"Using '/home/yyy/Android/Sdk/platforms/android-29/android.jar' as android.jar\n"b"Warning: exception while processing dex file '/home/yyy/apkfiles/testapk/Mijia/v6.0.214.apk'\n"b'Exception: org.jf.util.ExceptionWithContext: Encountered small uint that is out of range at offset 0x38\n'
STDERR:
......b'org.jf.util.ExceptionWithContext: org.jf.util.ExceptionWithContext: Encountered small uint that is out of range at offset 0x38\n'

Problem 3: The program took more than 4 hours to execute and did not return any results.

Environment

OS: Ubuntu 20.04
CPU:
Architecture: x86_64
Model name: Intel(R) Xeon(R) Silver 4216 CPU @ 2.10GHz
CPU(s): 16
MEM: 128G
Python: 3.8.10
pysoot: 7.7.12.1

APK File

• Problem 1: xiaomi.v5.1.1.apk, xiaomi.v5.7.5.apk
• Problem 2: xiaomi.v6.0.214.apk
• Problem 3: alcidae.v2.5.5.apk

Exception in thread "main" java.lang.IllegalArgumentException: Cannot create PyString with non-byte value
at org.python.core.PyString.(PyString.java:64)
at org.python.core.PyString.(PyString.java:70)
at org.python.core.Py.newString(Py.java:641)
at org.python.core.PySystemState.initRegistry(PySystemState.java:800)
at org.python.core.PySystemState.doInitialize(PySystemState.java:1045)
at org.python.core.PySystemState.initialize(PySystemState.java:974)
at org.python.core.PySystemState.initialize(PySystemState.java:930)
at org.python.core.PySystemState.initialize(PySystemState.java:925)
at org.python.util.jython.run(jython.java:263)
at org.python.util.jython.main(jython.java:142)

occur when i' m trying to test my angr-dev
test target is angr doc/example/java_androidnative1
just using solve.py (i changed SDK position)

My environment:
Linux version 4.19.0-10-amd64(Debian 8.3.0-6) (info from cat proc/version)
Python 3.7.3 (using virtual python environment.)

I'm trying to fix this problem, seem it caused by Jython.
i'm a new guy of Jython and angr ,if this is a noob question please forgive me.

An update to the documentation example would need to have the following print statement added instead of the way it is explained currently.
It should be print(classes[list(classes.keys())[0]]) for python3

Description

Currently pysoot's architecture involves the Python (3) library communicating with a Python (2) program running in Jython, in a JVM along with soot. This is less than ideal, especially considering python 2 has been sunset for a while now. To address this, pysoot needs to be refactored away from this architecture.

I've taken a very brief look at what the state of java to python bindings are, and unfortunately it doesn't seem great. However, the library Py4J does seem promising! An implementation based around Py4J would still depend on an external JVM, but it would allow us to ditch our own communication code and replace it with a small java program. I might be too optimistic, but the python side should also be mostly just be adapting the exposed Java types into something ergonomic from Python.

Alternatives

Someone with more experience using java libraries in Python might know how to do this better. If that's you, please get in touch!

Another option is to consider replacing Soot with SootUp, a new library intended to succeed Soot.

Lastly, pypcode also nominally supports lifting JVM bytecode! I'm not aware if anyone has tested this support, but it might also be a suitable replacement for pysoot for some use cases. If anyone gives this a test, feedback would be super cool.

Additional context

Right now improving and modernizing pysoot is not a high priority for the angr team. We're looking for community members who would be interested in undertaking this effort.

I was going to ask if there is a way to loop through and extract each statement?
For example suppose the following shimple code:
`//<pysoot.sootir.soot_class.SootClass object at 0x7fb8ffb91200>
class HelloWorld extends java.lang.Object{

//<pysoot.sootir.soot_method.SootMethod object at 0x7fb8ffbfd848>
void <init>(){
	//<Block 0 [0], 3 statements>
	r0 <- @this[HelloWorld]
	r0.<init>() [specialinvoke java.lang.Object.<init>()]
	return null
}

//<pysoot.sootir.soot_method.SootMethod object at 0x7fb8ffbfdc48>
public static void main(java.lang.String[]){
	//<Block 0 [0], 4 statements>
	r0 <- @parameter0[java.lang.String[]]
	$r1 = StaticFieldRef ('out', 'java.lang.System')
	$r1.println('"Hello, World"') [virtualinvoke java.io.PrintStream.println(java.lang.String)]
	return null
}

}
`

I would let say want to modify $r1 to say instead of "Hello, World" "Hello, World2". How could I do this with the current architecture of pysoot?