Information Technology Reference
In-Depth Information
1
private void
eliminatePremiumRateSMS(Unit u, Body body) {
2
Stmt stmt = (Stmt) u;
3
if
(stmt.containsInvokeExpr()){
4
InvokeExpr iinv = (InvokeExpr) invoke.getInvokeExpr();
5
if
(iinv.getMethod().getSignature().equals(SEND_SMS_SIGNATURE)){
6
Value phoneNumber = invoke.getInvokeExpr().getArg(0);
7
if
(phoneNumber
instanceof
Local){
8
Local phoneNoLocal = (Local)phoneNumber;
9
10
// Invoke startsWith and save result
11
VirtualInvokeExpr inv = generateStartsWith(body, phoneNoLocal);
12
Local invRes = generateNewLocal(body, BooleanType.v());
13
AssignStmt astmt = Jimple.v().newAssignStmt(invRes, inv);
14
body.getUnits().insertBefore(astmt, u);
15
16
//generate condition
17
NopStmt nop = Jimple.v().newNopStmt();
18
IfStmt ifStmt = Jimple.v().newIfStmt(invRes, nop);
19
20
body.getUnits().insertBefore(ifStmt, u);
21
body.getUnits().insertAfter(nop, u);
22
}
23
}
24
}
25
26
private
InvokeExpr generateStartsWith(Body body, Local phoneNoLocal) {
27
SootMethod sm = Scene.v().getMethod(STARTS_WITH_SIGANTURE);
28
return
Jimple.v().newVirtualInvokeExpr(phoneNoLocal , sm.makeRef(),
StringConstant.v(
"0900"
));
29
}
30
31
private
Local generateNewLocal(Body body, Type type){
32
LocalGenerator lg =
new
LocalGenerator(body);
33
return
lg.generateLocal(type);
34
}
Listing 1.14.
Generation of Jimple Statements for Premium Rate SMS Check
SEND SMS SIGNATURE
is a string constant containing the method signature of the
sendTextMessage
.
STARTS WITH SIGNATURE
is the signature of the
startsWith()
method in the
String
class.
Note that we do not directly create new locals by giving a name and a type.
Instead, we defer this task to the
LocalGenerator
class which automatically
creates a unique local name.
Finally, the
eliminatePremiumRateSMS()
method has to be called inside the
code snipped shown in Listing 1.12 so that the instrumentation is performed for
all methods that possibly send SMS messages.
7Con lu on
In this tutorial paper, we have shown how to instrument Android applications
using AspectJ, Tracematches and manual imperative instrumentation based on
Soot. All these techniques can also be applied to classical Java programs. For
Android, there are a number of platform-specific issues to keep in mind such as
the need for signing the APK file before running it on a phone or the emulator.