Information Technology Reference
In-Depth Information
1 private void eliminatePremiumRateSMS(Unit u, Body body) {
2
Stmt stmt = (Stmt) u;
3
if (stmt.containsInvokeExpr()){
4
InvokeExpr iinv = (InvokeExpr) invoke.getInvokeExpr();
5
if (iinv.getMethod().getSignature().equals(SEND_SMS_SIGNATURE)){
6
Value phoneNumber = invoke.getInvokeExpr().getArg(0);
7
if (phoneNumber instanceof Local){
8
Local phoneNoLocal = (Local)phoneNumber;
9
10
// Invoke startsWith and save result
11
VirtualInvokeExpr inv = generateStartsWith(body, phoneNoLocal);
12
Local invRes = generateNewLocal(body, BooleanType.v());
13
AssignStmt astmt = Jimple.v().newAssignStmt(invRes, inv);
14
body.getUnits().insertBefore(astmt, u);
15
16
//generate condition
17
NopStmt nop = Jimple.v().newNopStmt();
18
IfStmt ifStmt = Jimple.v().newIfStmt(invRes, nop);
19
20
body.getUnits().insertBefore(ifStmt, u);
21
body.getUnits().insertAfter(nop, u);
22
}
23
}
24
}
25
26 private InvokeExpr generateStartsWith(Body body, Local phoneNoLocal) {
27
SootMethod sm = Scene.v().getMethod(STARTS_WITH_SIGANTURE);
28
return Jimple.v().newVirtualInvokeExpr(phoneNoLocal , sm.makeRef(),
StringConstant.v( "0900" ));
29 }
30
31 private Local generateNewLocal(Body body, Type type){
32
LocalGenerator lg = new LocalGenerator(body);
33
return lg.generateLocal(type);
34 }
Listing 1.14. Generation of Jimple Statements for Premium Rate SMS Check
SEND SMS SIGNATURE is a string constant containing the method signature of the
sendTextMessage . STARTS WITH SIGNATURE is the signature of the startsWith()
method in the String class.
Note that we do not directly create new locals by giving a name and a type.
Instead, we defer this task to the LocalGenerator class which automatically
creates a unique local name.
Finally, the eliminatePremiumRateSMS() method has to be called inside the
code snipped shown in Listing 1.12 so that the instrumentation is performed for
all methods that possibly send SMS messages.
7Con lu on
In this tutorial paper, we have shown how to instrument Android applications
using AspectJ, Tracematches and manual imperative instrumentation based on
Soot. All these techniques can also be applied to classical Java programs. For
Android, there are a number of platform-specific issues to keep in mind such as
the need for signing the APK file before running it on a phone or the emulator.
 
Search WWH ::




Custom Search