BytecodeDL
diff --git a/‎.gitignore
+1 b/‎.gitignore
+1
diff --git a/‎README.md
+54 b/‎README.md
+54
diff --git a/‎build.gradle
+74 b/‎build.gradle
+74
diff --git a/‎src/main/java/org/clyze/doop/common/ArtifactEntry.java
+26 b/‎src/main/java/org/clyze/doop/common/ArtifactEntry.java
+26
diff --git a/‎src/main/java/org/clyze/doop/common/ArtifactScanner.java
+205 b/‎src/main/java/org/clyze/doop/common/ArtifactScanner.java
+205
@@ -0,0 +1 @@
+build
@@ -1,2 +1,56 @@
 # soot-fact-generator
 generate facts from bytecode (source is https://github.com/plast-lab/doop-mirror/tree/master/generators)
+
+通过soot解析bytecode生成fact，类似于CodeQL创建database的过程，fact等价于codeql的database。
+
+## build 
+执行 `gradle build`进行编译，`soot-fact-generator.jar` 在 `build/libs` 目录
+
+## usage
+
+```
+Usage: soot-fact-generator [options] file...
+Options:
+  --main <class>                        Specify the name of the main class.
+  --ssa                                 Generate SSA facts, enabling flow-sensitive analysis.
+  --full                                Generate facts by full transitive resolution.
+  --allow-phantom                       Allow phantom classes.
+  -d <directory>                        Specify where to generate output fact files.
+  -i <archive>                          Find classes in <archive>.
+  -l <archive>                          Find library classes in <archive>.
+  -ld <archive>                         Find dependency classes in <archive>.
+  -lsystem                              Find classes in default system classes.
+  --facts-subset <subset>               Produce facts only for a subset of the given classes [APP, APP_N_DEPS, PLATFORM].
+  --ignore-factgen-errors               Continue with the analysis even if fact generation fails.
+  --legacy-android-processing           Enable legacy Android XML processing.
+  --no-facts                            Don't generate facts (just empty files -- used for debugging).
+  --ignore-wrong-staticness             Ignore "wrong static-ness" errors in Soot.
+  --lowMem                              Consume less memory.
+  --failOnMissingClasses <file>         Terminate if classes are missing (and record them to <file>).
+  --also-resolve <class>                Force resolution of class that may not be found automatically.
+  --debug                               Enable debug mode (verbose output).
+  --log-dir <dir>                       Write logs in directory <dir>.
+  --args-file <file>                    Read command-line arguments from <file> (one per line).
+  --write-artifacts-map                 Write artifacts map.
+Jimple/Shimple generation:
+  --generate-jimple                     Generate Jimple/Shimple files in addition to other facts.
+  --stdout                              Write Jimple/Shimple to stdout.
+Android options:
+  --android-jars <archive>              The main Android library JAR (for Android APK inputs). The same jar should be provided in the -l option.
+  --decode-apk                          Decompress APK input in facts directory.
+  --scan-native-code                    Scan native code found in JAR/APK inputs.
+  --R-out-dir <directory>               Specify where to generate R code (when linking AAR inputs).
+
+Supported input archive formats: AAR, APK, JAR, ZIP
+```
+常见的用法是
+```
+java -jar soot-fact-generator.jar -i input.jar  -l /usr/lib/jvm/java-8-oracle/jre/lib/rt.jar --generate-jimple --allow-phantom --full -d out
+```
+其中
+- `-i` 指定待分析的jar包
+- `-l` 指定依赖库
+-  `--generate-jimple` 表示生成中间语言jimple
+-  `--allow-phantom` 大概是允许解析依赖不存在的类
+-  `--full` 表示对所有class进行解析
+-  `-d` 指定输出目录
@@ -0,0 +1,74 @@
+plugins {
+    id 'application'
+    id 'groovy'
+    id 'java-library'
+    id 'java'
+}
+
+gradle.rootProject.ext.antlrVersion='4.9.1'
+gradle.rootProject.ext.commonsCliVersion='1.2'
+gradle.rootProject.ext.metadataVersion='2.4.1'
+gradle.rootProject.ext.groovyVersion='3.0.9'
+gradle.rootProject.ext.clueCommonVersion='3.25.3'
+gradle.rootProject.ext.log4jVersion='1.2.17'
+gradle.rootProject.ext.spockVersion='2.1-M2-groovy-3.0'
+gradle.rootProject.ext.asmVersion = '8.0.1'
+
+sourceCompatibility = 1.8
+targetCompatibility = 1.8
+
+mainClassName = 'org.clyze.doop.soot.Main'
+
+repositories {
+    mavenCentral()
+    maven {
+        name "soot-snapshot"
+        url "https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-snapshot"
+    }
+    maven {
+        name "soot-release"
+        url "https://soot-build.cs.uni-paderborn.de/nexus/repository/soot-release"
+    }
+    maven { url 'https://clyze.jfrog.io/artifactory/default-maven-local' }
+}
+
+dependencies {
+    //api project(path: ':generators:fact-generator-common', configuration: 'shadow')
+
+    // implementation "ca.mcgill.sable:soot:4.0.0"
+    implementation "org.soot-oss:soot:4.2.1"
+
+    api("org.clyze:clue-common:${clueCommonVersion}") {
+        exclude group: 'com.google.code.gson', module: 'gson'
+        exclude group: 'org.apache.ivy', module: 'ivy'
+        exclude group: 'org.codehaus.groovy', module: 'groovy-all'
+    }
+    api "org.clyze:metadata-model:${metadataVersion}"
+    implementation "org.ow2.asm:asm-tree:${asmVersion}",    // Java bytecode library
+                   "org.ow2.asm:asm-util:${asmVersion}"
+    implementation 'org.smali:dexlib2:2.4.0'                // Dexlib2: library for reading/modifying/writing Android dex files
+    implementation 'net.dongliu:apk-parser:2.6.10'          // needed for reading binary XML entries from APK inputs
+    implementation "org.antlr:antlr4-runtime:${antlrVersion}"
+    api 'org.clyze:native-scanner:0.6.6'
+    api "log4j:log4j:${log4jVersion}"            // Logging implementation
+    implementation 'org.apache.commons:commons-collections4:4.1'
+
+    testImplementation "org.codehaus.groovy:groovy-all:${groovyVersion}"  // Groovy
+    testImplementation "org.spockframework:spock-core:${spockVersion}"
+}
+
+//fatJar already exists
+task fatJar(type: Jar) {
+    manifest {
+        attributes 'Main-Class': mainClassName
+    }
+    from { configurations.compileClasspath.collect { it.directory ? it : zipTree(it) } }
+    with jar
+    duplicatesStrategy = DuplicatesStrategy.INCLUDE
+}
+
+test {
+    useJUnitPlatform()
+}
+
+startScripts.dependsOn fatJar
@@ -0,0 +1,26 @@
+package org.clyze.doop.common;
+
+import java.util.HashSet;
+import java.util.Set;
+
+public class ArtifactEntry {
+    // Class name inside an artifact.
+    public final String className;
+    // Sub artifact (such as "classes.dex" in an APK or "classes.jar" in an AAR).
+    public final String subArtifact;
+    // Size of entry.
+    public final int size;
+
+    public ArtifactEntry(String className, String subArtifact, int size) {
+        this.className = className;
+        this.subArtifact = subArtifact;
+        this.size = size;
+    }
+
+    public static Set<String> toClassNames(Iterable<ArtifactEntry> s) {
+        Set<String> ret = new HashSet<>();
+        for (ArtifactEntry ae : s)
+            ret.add(ae.className);
+        return ret;
+    }
+}
@@ -0,0 +1,205 @@
+package org.clyze.doop.common;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.util.*;
+import java.util.concurrent.*;
+import java.util.function.Consumer;
+import java.util.zip.ZipEntry;
+import java.util.zip.ZipFile;
+import java.util.zip.ZipInputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.log4j.Logger;
+import org.clyze.scanner.BinaryAnalysis;
+import org.clyze.scanner.NativeDatabaseConsumer;
+import org.clyze.scanner.NativeScanner;
+import org.clyze.utils.TypeUtils;
+import org.jf.dexlib2.Opcodes;
+import org.jf.dexlib2.dexbacked.DexBackedDexFile;
+import org.jf.dexlib2.iface.MultiDexContainer;
+import org.jf.dexlib2.dexbacked.DexBackedClassDef;
+import org.objectweb.asm.ClassReader;
+//import org.objectweb.asm.ClassVisitor;
+//import org.objectweb.asm.tree.ClassNode;
+
+import static org.clyze.scanner.BinaryAnalysis.AnalysisType.*;
+import static org.jf.dexlib2.DexFileFactory.loadDexContainer;
+//import static org.objectweb.asm.Opcodes.*;
+
+/**
+ * This class scans input artifacts (.jar, .aar, or .apk files) and
+ * registers each found class. Optional actions can also be performed
+ * on the artifact entries, when they are scanned.
+ */
+public class ArtifactScanner {
+
+    private final Map<String, Set<ArtifactEntry>> artifactToClassMap = new ConcurrentHashMap<>();
+    private final Logger logger = Logger.getLogger(getClass());
+    private final Set<GenericFieldInfo> genericFields = ConcurrentHashMap.newKeySet();
+
+    Set<GenericFieldInfo> getGenericFields() { return genericFields; }
+
+    public Map<String, Set<ArtifactEntry>> getArtifactToClassMap() {
+        return artifactToClassMap;
+    }
+
+    /**
+     * Registers a class with its container artifact.
+     * @param artifact     the file name of the artifact containing the class
+     * @param className    the name of the class
+     * @param subArtifact  the sub-artifact (such as "classes.dex" for APKs)
+     * @param size         the size of the class
+     */
+    public void registerArtifactClass(String artifact, String className, String subArtifact, int size) {
+        ArtifactEntry ae = new ArtifactEntry(className, subArtifact, size);
+        artifactToClassMap.computeIfAbsent(artifact, x -> new CopyOnWriteArraySet<>()).add(ae);
+    }
+
+    /**
+     * Register .dex entries and perform actions over .dex entries (if
+     * processor is not null).
+     *
+     * @param inputApk    the path of the input APK file
+     * @param classProc   the processor for .class entries (takes entry name)
+     */
+    public void processAPKClasses(String inputApk, Consumer<String> classProc) {
+        try {
+            Opcodes opcodes = Opcodes.getDefault();
+            File apk = new File(inputApk);
+            MultiDexContainer<? extends DexBackedDexFile> multiDex = loadDexContainer(apk, opcodes);
+            for (String dexEntry : multiDex.getDexEntryNames()) {
+                MultiDexContainer.DexEntry<?> dex = multiDex.getEntry(dexEntry);
+                if (dex == null)
+                    logger.debug("No .dex entry for " + dexEntry);
+                else
+                    for (DexBackedClassDef dexClass : ((DexBackedDexFile)dex.getDexFile()).getClasses()) {
+                        String className = TypeUtils.raiseTypeId(dexClass.getType());
+                        registerArtifactClass(apk.getName(), className, dexEntry, dexClass.getSize());
+                        if (classProc != null)
+                            classProc.accept(className);
+                    }
+            }
+        } catch (Exception ex) {
+            logger.debug("Error while calculating artifacts on Android: " + ex.getMessage());
+        }
+    }
+
+    public void processClass(InputStream is, File f, Consumer<String> classProc) throws IOException {
+        String className = BytecodeUtil.getClassName(new ClassReader(is));
+        String artifact = f.getName();
+        registerArtifactClass(artifact, className, "-", IOUtils.toByteArray(is).length);
+        if (classProc != null)
+            classProc.accept(className);
+
+//        ClassNode cn = new ClassNode(ASM5);
+//        reader.accept(cn, ClassReader.EXPAND_FRAMES);
+//        ClassVisitor genericSignaturesRetriever = new GenericSignaturesRetriever(ASM5);
+//        cn.accept(genericSignaturesRetriever);
+//        Set<GenericFieldInfo> classGenericFields = ((GenericSignaturesRetriever) genericSignaturesRetriever).getGenericFields();
+//        this.genericFields.addAll(classGenericFields);
+    }
+
+    /**
+     * Register archive (.class) entries and perform actions over
+     * other types of entries (if processors are not null).
+     *
+     * @param input       the path of the input archive
+     * @param classProc   the processor for .class entries (takes entry name)
+     * @param generalProc the general processor for all other entries
+     */
+    public void processArchive(String input, Consumer<String> classProc,
+                               EntryProcessor generalProc) throws IOException {
+        try (ZipInputStream zin = new ZipInputStream(new FileInputStream(input)); ZipFile zipFile = new ZipFile(input)) {
+            ZipEntry entry;
+            while ((entry = zin.getNextEntry()) != null) {
+                /* Skip directories */
+                if (entry.isDirectory())
+                    continue;
+
+                String entryName = entry.getName().toLowerCase();
+                if (entryName.endsWith(".class")) {
+                    try {
+                        processClass(zipFile.getInputStream(entry), new File(zipFile.getName()), classProc);
+                    } catch (Exception ex) {
+                        ex.printStackTrace();
+                        System.err.println("Error while preprocessing entry \"" + entryName + "\", it will be ignored.");
+                    }
+                } else if (generalProc != null)
+                    generalProc.accept(zipFile, entry, entryName);
+            }
+        }
+    }
+
+    /**
+     * Helper method to extract an entry inside a ZIP archive and save
+     * it as a file.
+     *
+     * @param tmpDirName   a name for the intermediate temporary directory
+     * @param zipFile      the ZIP archive
+     * @param entry        the archive entry
+     * @param entryName    the name of the entry
+     * @return             the output file
+     */
+    public static File extractZipEntryAsFile(String tmpDirName, ZipFile zipFile, ZipEntry entry, String entryName) throws IOException {
+        File tmpDir = Files.createTempDirectory(tmpDirName).toFile();
+        tmpDir.deleteOnExit();
+        String tmpName = entryName.replaceAll(File.separator, "_");
+        File libTmpFile = new File(tmpDir, tmpName);
+        libTmpFile.deleteOnExit();
+        Files.copy(zipFile.getInputStream(entry), libTmpFile.toPath());
+        return libTmpFile;
+    }
+
+    public static void scanNativeCode(Database db, Parameters parameters,
+				      Set<String> methodStrings) {
+        NativeDatabaseConsumer dbc = new DatabaseConnector(db);
+        BinaryAnalysis.AnalysisType analysisType;
+        if (parameters._nativeRadare)
+            analysisType = RADARE;
+        else if (parameters._nativeBuiltin)
+            analysisType = BUILTIN;
+        else if (parameters._nativeBinutils)
+            analysisType = BINUTILS;
+        else {
+            analysisType = BUILTIN;
+            System.out.println("No binary analysis type given, using default: " + analysisType.name());
+        }
+        scanNativeInputs(dbc, analysisType, parameters._preciseNativeStrings, methodStrings, parameters.getInputs());
+    }
+
+    private static void scanNativeInputs(NativeDatabaseConsumer dbc,
+                                         BinaryAnalysis.AnalysisType binAnalysisType,
+                                         boolean preciseNativeStrings,
+                                         Set<String> methodStrings,
+                                         Iterable<String> inputs) {
+        final boolean demangle = false;
+        final boolean truncateAddresses = true;
+        final NativeScanner scanner = new NativeScanner(true, methodStrings);
+
+        EntryProcessor gProc = (file, entry, entryName) -> scanner.scanArchiveEntry(dbc, binAnalysisType, preciseNativeStrings, truncateAddresses, demangle, file, entry, entryName);
+        for (String input : inputs) {
+            System.out.println("Processing native code in input: " + input);
+            try {
+                (new ArtifactScanner()).processArchive(input, null, gProc);
+            } catch (IOException ex) {
+                ex.printStackTrace();
+            }
+        }
+    }
+
+    @FunctionalInterface
+    public interface EntryProcessor {
+        /**
+         * Process an entry inside a .zip (JAR/AAR/APK) file.
+         *
+         * @param file       the ZIP file
+         * @param entry      the ZIP entry
+         * @param entryName  the name of the ZIP entry
+         */
+        void accept(ZipFile file, ZipEntry entry, String entryName) throws IOException;
+    }
+}