KUNAI Static Analyzer
Kunai is a library for doing static binary analysis of Dalvik.
Loading...
Searching...
No Matches
analysis.hpp
1//--------------------------------------------------------------------*- C++ -*-
2// Kunai-static-analyzer: library for doing analysis of dalvik files
3// @author Farenain <kunai.static.analysis@gmail.com>
4// @author Ernesto Java <javaernesto@gmail.com>
5//
6// @file analysis.hpp
7// @brief Here we will have all the classes useful for analyst, for example
8// accessing to cross-references, and easy accessing data from the DEX file.
9
10#ifndef KUNAI_DEX_ANALYSIS_ANALYSIS_HPP
11#define KUNAI_DEX_ANALYSIS_ANALYSIS_HPP
12
13#include "Kunai/DEX/parser/parser.hpp"
14#include "Kunai/DEX/DVM/disassembler.hpp"
15#include "Kunai/DEX/analysis/external_class.hpp"
16#include "Kunai/DEX/DVM/dalvik_instructions.hpp"
17#include "Kunai/Exceptions/analysis_exception.hpp"
18
19#include <set>
20#include <variant>
21
22namespace KUNAI
23{
24 namespace DEX
25 {
26 // forward declaration for the xrefs
27 class ClassAnalysis;
28 class MethodAnalysis;
29 class FieldAnalysis;
30 class BasicBlocks;
31
34 class DVMBasicBlock
35 {
37 std::vector<Instruction *> instructions;
38
40 bool try_block = false;
42 bool catch_block = false;
44 bool start_block = false;
46 bool end_block = false;
48 DVMType * handler_type;
49
52 std::string name;
53 public:
54 DVMBasicBlock() = default;
55
58 size_t get_nb_instructions() const
59 {
60 return instructions.size();
61 }
62
65 void add_instruction(Instruction *instr)
66 {
67 instructions.push_back(instr);
68 }
69
72 const std::vector<Instruction *> &get_instructions() const
73 {
74 return instructions;
75 }
76
79 std::vector<Instruction *> &get_instructions()
80 {
81 return instructions;
82 }
83
86 Instruction *get_terminator()
87 {
88 if (instructions.size() > 0 && instructions.back()->is_terminator())
89 return instructions.back();
90 return nullptr;
91 }
92
95 std::uint64_t get_first_address()
96 {
97 if (instructions.size() > 0)
98 return instructions[0]->get_address();
99 throw exceptions::AnalysisException("get_first_address(): basic block has no instructions");
100 }
101
104 std::uint64_t get_last_address()
105 {
106 if (instructions.size() > 0)
107 return instructions.back()->get_address();
108 throw exceptions::AnalysisException("get_last_address(): basic block has no instructions");
109 }
110
111 std::string& get_name()
112 {
113 if (!name.empty())
114 return name;
115
116 std::stringstream s;
117
118 if (start_block)
119 name = "BB.(start block)";
120 else if (end_block)
121 name = "BB.(end block)";
122 else
123 {
124 s << "BB." << get_first_address()
125 << "-" << get_last_address();
126 name = s.str();
127 }
128
129 return name;
130 }
131
134 bool is_try_block() const
135 {
136 return try_block;
137 }
138
141 void set_try_block(bool try_block)
142 {
143 this->try_block = try_block;
144 }
145
148 bool is_catch_block() const
149 {
150 return catch_block;
151 }
152
155 void set_catch_block(bool catch_block)
156 {
157 this->catch_block = catch_block;
158 }
159
162 DVMType * get_handler_type()
163 {
164 return handler_type;
165 }
166
169 void set_handler_type(DVMType * handler)
170 {
171 handler_type = handler;
172 }
173
176 bool is_start_block() const
177 {
178 return start_block;
179 }
180
183 void set_start_block(bool start_block)
184 {
185 this->start_block = start_block;
186 }
187
190 bool is_end_block() const
191 {
192 return end_block;
193 }
194
197 void set_end_block(bool end_block)
198 {
199 this->end_block = end_block;
200 }
201 };
202
204 class BasicBlocks
205 {
206 public:
208 using connected_blocks_t = std::unordered_map<DVMBasicBlock *,
209 std::set<DVMBasicBlock *>>;
211 using edges_t = std::vector<std::pair<DVMBasicBlock *, DVMBasicBlock *>>;
212
214 enum node_type_t
215 {
216 JOIN_NODE = 0, // len(predecessors) > 1
217 BRANCH_NODE, // len(sucessors) > 1
218 REGULAR_NODE, // other cases
219 };
220
221 private:
223 std::vector<DVMBasicBlock *> nodes;
224
226 connected_blocks_t predecessors;
227
229 connected_blocks_t sucessors;
230
232 edges_t edges;
233
234 public:
235 BasicBlocks() = default;
236
239 ~BasicBlocks()
240 {
241 // free memory
242 for (auto p : nodes)
243 delete p;
244 // clear de vector of nodes
245 nodes.clear();
246 }
247
250 size_t get_number_of_basic_blocks() const
251 {
252 return nodes.size();
253 }
254
257 const connected_blocks_t& get_predecessors() const
258 {
259 return predecessors;
260 }
261
264 connected_blocks_t& get_predecessors()
265 {
266 return predecessors;
267 }
268
272 void add_predecessor(DVMBasicBlock *node, DVMBasicBlock *pred)
273 {
274 predecessors[node].insert(pred);
275 }
276
279 const connected_blocks_t& get_sucessors() const
280 {
281 return sucessors;
282 }
283
286 connected_blocks_t& get_sucessors()
287 {
288 return sucessors;
289 }
290
294 void add_sucessor(DVMBasicBlock *node, DVMBasicBlock *suc)
295 {
296 sucessors[node].insert(suc);
297 }
298
302 void add_node(DVMBasicBlock *node)
303 {
304 if (std::find(nodes.begin(), nodes.end(), node) == nodes.end())
305 nodes.push_back(node);
306 }
307
311 void add_edge(DVMBasicBlock *src, DVMBasicBlock *dst)
312 {
313 add_node(src);
314 add_node(dst);
315 // now insert the edge
316 auto edge_pair = std::make_pair(src, dst);
317 if (std::find(edges.begin(), edges.end(), edge_pair) == edges.end())
318 edges.push_back(edge_pair);
320 add_sucessor(src, dst);
321 add_predecessor(dst, src);
322 }
323
326 const edges_t& get_edges() const
327 {
328 return edges;
329 }
330
333 edges_t& get_edges()
334 {
335 return edges;
336 }
337
341 node_type_t get_node_type(DVMBasicBlock *node)
342 {
343 if (predecessors[node].size() > 1)
344 return JOIN_NODE;
345 else if (sucessors[node].size() > 1)
346 return BRANCH_NODE;
347 else
348 return REGULAR_NODE;
349 }
350
354 void remove_node(DVMBasicBlock *node);
355
360 DVMBasicBlock *get_basic_block_by_idx(std::uint64_t idx);
361
364 const std::vector<DVMBasicBlock *>& get_nodes() const
365 {
366 return nodes;
367 }
368
371 std::vector<DVMBasicBlock *>& get_nodes()
372 {
373 return nodes;
374 }
375 };
376
378 class FieldAnalysis
379 {
381 EncodedField *field;
383 std::string &name;
385 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> xrefread;
387 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> xrefwrite;
388
389 public:
390 FieldAnalysis(EncodedField *field)
391 : field(field), name(field->get_field()->get_name())
392 {
393 }
394
395 EncodedField *get_field()
396 {
397 return field;
398 }
399
400 std::string &get_name()
401 {
402 return name;
403 }
404
405 const std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
406 get_xrefread() const
407 {
408 return xrefread;
409 }
410
411 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
412 get_xrefread()
413 {
414 return xrefread;
415 }
416
417 const std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
418 get_xrefwrite() const
419 {
420 return xrefwrite;
421 }
422
423 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
424 get_xrefwrite()
425 {
426 return xrefwrite;
427 }
428
433 void add_xrefread(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
434 {
435 xrefread.push_back(std::make_tuple(c, m, offset));
436 }
437
442 void add_xrefwrite(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
443 {
444 xrefwrite.push_back(std::make_tuple(c, m, offset));
445 }
446 };
447
449 class StringAnalysis
450 {
452 std::string &value;
454 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> xreffrom;
455
456 public:
457 StringAnalysis(std::string &value) : value(value)
458 {
459 }
460
461 const std::string &get_value() const
462 {
463 return value;
464 }
465
466 const std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
467 get_xreffrom() const
468 {
469 return xreffrom;
470 }
471
472 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
473 get_xreffrom()
474 {
475 return xreffrom;
476 }
477
482 void add_xreffrom(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
483 {
484 xreffrom.push_back(std::make_tuple(c, m, offset));
485 }
486 };
487
490 class MethodAnalysis
491 {
492 public:
494 const std::vector<std::string> known_apis{
495 "Landroid/", "Lcom/android/internal/util", "Ldalvik/", "Ljava/", "Ljavax/", "Lorg/apache/",
496 "Lorg/json/", "Lorg/w3c/dom/", "Lorg/xml/sax", "Lorg/xmlpull/v1/", "Ljunit/", "Landroidx/"};
497
498 private:
500 bool is_external = false;
501
503 std::variant<
504 EncodedMethod *,
505 ExternalMethod *>
506 method_encoded;
507
510 mutable std::string name;
511
513 mutable std::string descriptor;
514
517 mutable std::string access_flag;
518
520 mutable std::string class_name;
521
523 mutable std::string full_name;
524
526 std::uint16_t regs_from_method;
527
529 std::uint16_t num_of_params;
530
532 std::vector<std::unique_ptr<Instruction>> instructions;
533
535 BasicBlocks basic_blocks;
536
538 std::vector<Disassembler::exceptions_data> exceptions;
539
541 std::vector<std::tuple<ClassAnalysis *, FieldAnalysis *, std::uint64_t>> xrefread;
543 std::vector<std::tuple<ClassAnalysis *, FieldAnalysis *, std::uint64_t>> xrefwrite;
544
546 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> xrefto;
548 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> xreffrom;
549
551 std::vector<std::pair<ClassAnalysis *, std::uint64_t>> xrefnewinstance;
553 std::vector<std::pair<ClassAnalysis *, std::uint64_t>> xrefconstclass;
554
558 void dump_instruction_dot(std::ofstream& dot_file, Instruction* instr);
559
563 void dump_block_dot(std::ofstream& dot_file, DVMBasicBlock* bb);
564
568 void dump_method_dot(std::ofstream& dot_file);
569
573 void create_basic_blocks();
574
575 public:
576 MethodAnalysis(
577 std::variant<EncodedMethod *, ExternalMethod *> method_encoded,
578 std::vector<std::unique_ptr<Instruction>> &instructions) : method_encoded(method_encoded), instructions(std::move(instructions))
579 {
580 is_external = method_encoded.index() == 0 ? false : true;
581
582 if (!is_external)
583 {
584 auto em = std::get<EncodedMethod*>(method_encoded);
585
586 regs_from_method = em->get_code_item().get_registers_size();
587
588 num_of_params = em->getMethodID()->get_proto()->get_parameters().size();
589 }
590
591 if (this->instructions.size() > 0)
592 create_basic_blocks();
593 }
594
599 void dump_dot_file(std::string& file_path)
600 {
601 std::ofstream dot_file;
602
603 dot_file.open(file_path);
604
605 dump_method_dot(dot_file);
606 }
607
610 bool external() const
611 {
612 return is_external;
613 }
614
615 const BasicBlocks& get_basic_blocks() const
616 {
617 return basic_blocks;
618 }
619
620 BasicBlocks& get_basic_blocks()
621 {
622 return basic_blocks;
623 }
624
625 std::uint32_t get_number_of_registers() const
626 {
627 return regs_from_method;
628 }
629
630 std::uint32_t get_number_of_parameters() const
631 {
632 return num_of_params;
633 }
634
637 bool is_android_api() const;
638
639 const std::string &get_name() const;
640
641 const std::string &get_descriptor() const;
642
643 const std::string &get_access_flags() const;
644
645 const std::string &get_class_name() const;
646
647 const std::string &get_full_name() const;
648
649 std::vector<std::unique_ptr<Instruction>>& get_instructions()
650 {
651 return instructions;
652 }
653
654 std::variant<EncodedMethod *, ExternalMethod *> get_encoded_method() const
655 {
656 return method_encoded;
657 }
658
659 const std::vector<std::tuple<ClassAnalysis *, FieldAnalysis *, std::uint64_t>> &
660 get_xrefread() const
661 {
662 return xrefread;
663 }
664
665 std::vector<std::tuple<ClassAnalysis *, FieldAnalysis *, std::uint64_t>> &
666 get_xrefread()
667 {
668 return xrefread;
669 }
670
671 const std::vector<std::tuple<ClassAnalysis *, FieldAnalysis *, std::uint64_t>> &
672 get_xrefwrite() const
673 {
674 return xrefwrite;
675 }
676
677 std::vector<std::tuple<ClassAnalysis *, FieldAnalysis *, std::uint64_t>> &
678 get_xrefwrite()
679 {
680 return xrefwrite;
681 }
682
683 const std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
684 get_xrefto() const
685 {
686 return xrefto;
687 }
688
689 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
690 get_xrefto()
691 {
692 return xrefto;
693 }
694
695 const std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
696 get_xreffrom() const
697 {
698 return xreffrom;
699 }
700
701 std::vector<std::tuple<ClassAnalysis *, MethodAnalysis *, std::uint64_t>> &
702 get_xreffrom()
703 {
704 return xreffrom;
705 }
706
707 const std::vector<std::pair<ClassAnalysis *, std::uint64_t>> &
708 get_xrefnewinstance() const
709 {
710 return xrefnewinstance;
711 }
712
713 std::vector<std::pair<ClassAnalysis *, std::uint64_t>> &
714 get_xrefnewinstance()
715 {
716 return xrefnewinstance;
717 }
718
719 const std::vector<std::pair<ClassAnalysis *, std::uint64_t>> &
720 get_xrefconstclass() const
721 {
722 return xrefconstclass;
723 }
724
725 std::vector<std::pair<ClassAnalysis *, std::uint64_t>> &
726 get_xrefconstclass()
727 {
728 return xrefconstclass;
729 }
730
731 void add_xrefread(ClassAnalysis *c, FieldAnalysis *f, std::uint64_t offset)
732 {
733 xrefread.push_back(std::make_tuple(c, f, offset));
734 }
735
736 void add_xrefwrite(ClassAnalysis *c, FieldAnalysis *f, std::uint64_t offset)
737 {
738 xrefwrite.push_back(std::make_tuple(c, f, offset));
739 }
740
741 void add_xrefto(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
742 {
743 xrefto.push_back(std::make_tuple(c, m, offset));
744 }
745
746 void add_xreffrom(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
747 {
748 xreffrom.push_back(std::make_tuple(c, m, offset));
749 }
750
751 void add_xrefnewinstance(ClassAnalysis *c, std::uint64_t offset)
752 {
753 xrefnewinstance.push_back(std::make_pair(c, offset));
754 }
755
756 void add_xrefconstclass(ClassAnalysis *c, std::uint64_t offset)
757 {
758 xrefconstclass.push_back(std::make_pair(c, offset));
759 }
760 };
761
764 class ClassAnalysis
765 {
766 public:
767 using classxref = std::unordered_map<ClassAnalysis *,
768 std::set<std::tuple<TYPES::REF_TYPE, MethodAnalysis *, std::uint64_t>>>;
769
770 private:
773 std::variant<ClassDef *, ExternalClass *> class_def;
774
776 bool is_external;
777
779 mutable std::string extends_;
780
782 mutable std::string name_;
783
785 std::unordered_map<std::string, MethodAnalysis *> methods;
787 std::unordered_map<EncodedField *, std::unique_ptr<FieldAnalysis>> fields;
788
790 classxref xrefto;
792 classxref xreffrom;
793
795 std::vector<std::pair<MethodAnalysis *, std::uint64_t>> xrefnewinstance;
796
798 std::vector<std::pair<MethodAnalysis *, std::uint64_t>> xrefconstclass;
799
800 public:
801 ClassAnalysis(std::variant<ClassDef *, ExternalClass *> class_def) : class_def(class_def)
802 {
803 is_external = class_def.index() == 0 ? false : true;
804 }
805
808 void add_method(MethodAnalysis *method_analysis);
809
810 size_t get_nb_methods() const
811 {
812 return methods.size();
813 }
814
815 size_t get_nb_fields() const
816 {
817 return fields.size();
818 }
819
822 std::variant<ClassDef *, ExternalClass *> get_class_definition() const
823 {
824 return class_def;
825 }
826
829 bool is_class_external() const
830 {
831 return is_external;
832 }
833
834 std::string& extends() const;
835
836 std::string& name() const;
837
841 std::vector<DVMClass *> &implements();
842
845 const std::unordered_map<std::string, MethodAnalysis *> &
846 get_methods() const
847 {
848 return methods;
849 }
850
853 std::unordered_map<std::string, MethodAnalysis *> &
854 get_methods()
855 {
856 return methods;
857 }
858
859 const std::unordered_map<EncodedField *, std::unique_ptr<FieldAnalysis>> &
860 get_fields() const
861 {
862 return fields;
863 }
864
865 std::unordered_map<EncodedField *, std::unique_ptr<FieldAnalysis>> &
866 get_fields()
867 {
868 return fields;
869 }
870
874 MethodAnalysis *get_method_analysis(std::variant<EncodedMethod *, ExternalMethod *> method);
875
879 FieldAnalysis *get_field_analysis(EncodedField *field);
880
881 void add_field_xref_read(MethodAnalysis *method,
882 ClassAnalysis *classobj,
883 EncodedField *field,
884 std::uint64_t off)
885 {
886 if (fields.find(field) == fields.end())
887 fields[field] = std::make_unique<FieldAnalysis>(field);
888 fields[field]->add_xrefread(classobj, method, off);
889 }
890
891 void add_field_xref_write(MethodAnalysis *method,
892 ClassAnalysis *classobj,
893 EncodedField *field,
894 std::uint64_t off)
895 {
896 if (fields.find(field) == fields.end())
897 fields[field] = std::make_unique<FieldAnalysis>(field);
898 fields[field]->add_xrefwrite(classobj, method, off);
899 }
900
901 void add_method_xref_to(MethodAnalysis *method1,
902 ClassAnalysis *classobj,
903 MethodAnalysis *method2,
904 std::uint64_t off)
905 {
906 auto method_key = method1->get_full_name();
907
908 if (methods.find(method_key) == methods.end())
909 add_method(method1);
910 methods[method_key]->add_xrefto(classobj, method2, off);
911 }
912
913 void add_method_xref_from(MethodAnalysis *method1,
914 ClassAnalysis *classobj,
915 MethodAnalysis *method2,
916 std::uint64_t off)
917 {
918 auto method_key = method1->get_full_name();
919
920 if (methods.find(method_key) == methods.end())
921 add_method(method1);
922 methods[method_key]->add_xreffrom(classobj, method2, off);
923 }
924
925 void add_xref_to(TYPES::REF_TYPE ref_kind,
926 ClassAnalysis *classobj,
927 MethodAnalysis *methodobj,
928 std::uint64_t offset)
929 {
930 xrefto[classobj].insert(std::make_tuple(ref_kind, methodobj, offset));
931 }
932
933 void add_xref_from(TYPES::REF_TYPE ref_kind,
934 ClassAnalysis *classobj,
935 MethodAnalysis *methodobj,
936 std::uint64_t offset)
937 {
938 xreffrom[classobj].insert(std::make_tuple(ref_kind, methodobj, offset));
939 }
940
941 void add_xref_new_instance(MethodAnalysis *methodobj, std::uint64_t offset)
942 {
943 xrefnewinstance.push_back(std::make_pair(methodobj, offset));
944 }
945
946 void add_xref_const_class(MethodAnalysis *methodobj, std::uint64_t offset)
947 {
948 xrefconstclass.push_back(std::make_pair(methodobj, offset));
949 }
950
951 const classxref &
952 get_xrefto() const
953 {
954 return xrefto;
955 }
956
957 classxref &
958 get_xrefto()
959 {
960 return xrefto;
961 }
962
963 const classxref &
964 get_xreffrom() const
965 {
966 return xreffrom;
967 }
968
969 classxref &
970 get_xreffrom()
971 {
972 return xreffrom;
973 }
974
975 const std::vector<std::pair<MethodAnalysis *, std::uint64_t>>
976 get_xrefnewinstance() const
977 {
978 return xrefnewinstance;
979 }
980
981 std::vector<std::pair<MethodAnalysis *, std::uint64_t>>
982 get_xrefnewinstance()
983 {
984 return xrefnewinstance;
985 }
986
987 const std::vector<std::pair<MethodAnalysis *, std::uint64_t>>
988 get_xrefconstclass() const
989 {
990 return xrefconstclass;
991 }
992
993 std::vector<std::pair<MethodAnalysis *, std::uint64_t>>
994 get_xrefconstclass()
995 {
996 return xrefconstclass;
997 }
998 };
999 } // namespace DEX
1000} // namespace KUNAI
1001
1002#endif
KUNAI::DEX::BasicBlocks
Class to keep all the Dalvik Basic Blocks from a method.
Definition analysis.hpp:205
KUNAI::DEX::BasicBlocks::get_node_type
node_type_t get_node_type(DVMBasicBlock *node)
Get the node type between JOIN_NODE, BRANCH_NODE or REGULAR_NODE.
Definition analysis.hpp:341
KUNAI::DEX::BasicBlocks::remove_node
void remove_node(DVMBasicBlock *node)
Remove a node from the graph, this operation can be expensive on time.
KUNAI::DEX::BasicBlocks::connected_blocks_t
std::unordered_map< DVMBasicBlock *, std::set< DVMBasicBlock * > > connected_blocks_t
blocks that are connected with others
Definition analysis.hpp:209
KUNAI::DEX::BasicBlocks::get_nodes
std::vector< DVMBasicBlock * > & get_nodes()
Get a reference to the nodes of the graph.
Definition analysis.hpp:371
KUNAI::DEX::BasicBlocks::~BasicBlocks
~BasicBlocks()
Destructor of the BasicBlocks, we need to free the memory.
Definition analysis.hpp:239
KUNAI::DEX::BasicBlocks::add_sucessor
void add_sucessor(DVMBasicBlock *node, DVMBasicBlock *suc)
Add a node to the list of sucessors of another.
Definition analysis.hpp:294
KUNAI::DEX::BasicBlocks::add_node
void add_node(DVMBasicBlock *node)
Add a node to the vector of nodes, we will transfer the ownership.
Definition analysis.hpp:302
KUNAI::DEX::BasicBlocks::edges_t
std::vector< std::pair< DVMBasicBlock *, DVMBasicBlock * > > edges_t
edges between nodes
Definition analysis.hpp:211
KUNAI::DEX::BasicBlocks::add_predecessor
void add_predecessor(DVMBasicBlock *node, DVMBasicBlock *pred)
Add a node to the list of predecessors of another.
Definition analysis.hpp:272
KUNAI::DEX::BasicBlocks::get_predecessors
connected_blocks_t & get_predecessors()
Get all predecessors from all the blocks.
Definition analysis.hpp:264
KUNAI::DEX::BasicBlocks::get_number_of_basic_blocks
size_t get_number_of_basic_blocks() const
Return the number of basic blocks in the graph.
Definition analysis.hpp:250
KUNAI::DEX::BasicBlocks::node_type_t
node_type_t
Type of a node.
Definition analysis.hpp:215
KUNAI::DEX::BasicBlocks::get_predecessors
const connected_blocks_t & get_predecessors() const
Get all predecessors from all the blocks.
Definition analysis.hpp:257
KUNAI::DEX::BasicBlocks::get_basic_block_by_idx
DVMBasicBlock * get_basic_block_by_idx(std::uint64_t idx)
Get a basic block given an idx, the idx can be one address from the first to the last address of the ...
KUNAI::DEX::BasicBlocks::get_edges
const edges_t & get_edges() const
Get a constant reference to the edges of the graph.
Definition analysis.hpp:326
KUNAI::DEX::BasicBlocks::add_edge
void add_edge(DVMBasicBlock *src, DVMBasicBlock *dst)
Add an edge to the basic blocks.
Definition analysis.hpp:311
KUNAI::DEX::BasicBlocks::get_sucessors
const connected_blocks_t & get_sucessors() const
Get all sucessors from all the blocks.
Definition analysis.hpp:279
KUNAI::DEX::BasicBlocks::get_sucessors
connected_blocks_t & get_sucessors()
Get all sucessors from all the blocks.
Definition analysis.hpp:286
KUNAI::DEX::BasicBlocks::get_nodes
const std::vector< DVMBasicBlock * > & get_nodes() const
Get a constant reference to the nodes of the graph.
Definition analysis.hpp:364
KUNAI::DEX::BasicBlocks::get_edges
edges_t & get_edges()
Get a reference to the edges of the graph.
Definition analysis.hpp:333
KUNAI::DEX::ClassAnalysis
Specification of the class analysis, this class contains fields, strings, methods....
Definition analysis.hpp:765
KUNAI::DEX::ClassAnalysis::get_class_definition
std::variant< ClassDef *, ExternalClass * > get_class_definition() const
Get the class definition object.
Definition analysis.hpp:822
KUNAI::DEX::ClassAnalysis::get_methods
std::unordered_map< std::string, MethodAnalysis * > & get_methods()
get a reference to the methods
Definition analysis.hpp:854
KUNAI::DEX::ClassAnalysis::get_field_analysis
FieldAnalysis * get_field_analysis(EncodedField *field)
Given an encoded field return a FieldAnalysis pointer.
KUNAI::DEX::ClassAnalysis::implements
std::vector< DVMClass * > & implements()
Return a vector of implemented interfaces, in the case of external class raise exception.
KUNAI::DEX::ClassAnalysis::is_class_external
bool is_class_external() const
Is the current class an external class?
Definition analysis.hpp:829
KUNAI::DEX::ClassAnalysis::get_methods
const std::unordered_map< std::string, MethodAnalysis * > & get_methods() const
get a constant reference to the methods
Definition analysis.hpp:846
KUNAI::DEX::ClassAnalysis::add_method
void add_method(MethodAnalysis *method_analysis)
add a method to the current class
KUNAI::DEX::ClassAnalysis::get_method_analysis
MethodAnalysis * get_method_analysis(std::variant< EncodedMethod *, ExternalMethod * > method)
Given an Encoded or ExternalMethod returns a MethodAnalysis pointer.
KUNAI::DEX::DVMBasicBlock
Class that contain the instructions of basic block different DVMBasicBlock exists.
Definition analysis.hpp:35
KUNAI::DEX::DVMBasicBlock::set_try_block
void set_try_block(bool try_block)
Set the block is a try block.
Definition analysis.hpp:141
KUNAI::DEX::DVMBasicBlock::get_first_address
std::uint64_t get_first_address()
Get the first address of the basic block in case there are instructions.
Definition analysis.hpp:95
KUNAI::DEX::DVMBasicBlock::set_end_block
void set_end_block(bool end_block)
Set the block as an end block.
Definition analysis.hpp:197
KUNAI::DEX::DVMBasicBlock::is_start_block
bool is_start_block() const
Get if current block is a starting block.
Definition analysis.hpp:176
KUNAI::DEX::DVMBasicBlock::is_end_block
bool is_end_block() const
Get if current block is an end block.
Definition analysis.hpp:190
KUNAI::DEX::DVMBasicBlock::get_handler_type
DVMType * get_handler_type()
Get the type of handler in case is a catch block.
Definition analysis.hpp:162
KUNAI::DEX::DVMBasicBlock::get_nb_instructions
size_t get_nb_instructions() const
Obtain the number of instructions from the instructions vector.
Definition analysis.hpp:58
KUNAI::DEX::DVMBasicBlock::get_last_address
std::uint64_t get_last_address()
Get the last address of the basic block in case there are instructions.
Definition analysis.hpp:104
KUNAI::DEX::DVMBasicBlock::get_terminator
Instruction * get_terminator()
Return the last instruction in case this is a terminator instruction.
Definition analysis.hpp:86
KUNAI::DEX::DVMBasicBlock::get_instructions
std::vector< Instruction * > & get_instructions()
Get a reference to the vector of instructions.
Definition analysis.hpp:79
KUNAI::DEX::DVMBasicBlock::set_catch_block
void set_catch_block(bool catch_block)
Set the block is a catch block.
Definition analysis.hpp:155
KUNAI::DEX::DVMBasicBlock::get_instructions
const std::vector< Instruction * > & get_instructions() const
Get a constant reference to the vector of instructions.
Definition analysis.hpp:72
KUNAI::DEX::DVMBasicBlock::add_instruction
void add_instruction(Instruction *instr)
Add an instruction to the basic block.
Definition analysis.hpp:65
KUNAI::DEX::DVMBasicBlock::is_try_block
bool is_try_block() const
Is the current block a try-block?
Definition analysis.hpp:134
KUNAI::DEX::DVMBasicBlock::set_handler_type
void set_handler_type(DVMType *handler)
Set a handler type.
Definition analysis.hpp:169
KUNAI::DEX::DVMBasicBlock::set_start_block
void set_start_block(bool start_block)
Set the block as a start block.
Definition analysis.hpp:183
KUNAI::DEX::DVMBasicBlock::is_catch_block
bool is_catch_block() const
Is the current block a catch-block?
Definition analysis.hpp:148
KUNAI::DEX::DVMType
Represents the base class of a Type in the DVM we have different types.
Definition types.hpp:26
KUNAI::DEX::EncodedField
Class that represent field information it contains a FieldID and also the access flags.
Definition encoded.hpp:266
KUNAI::DEX::EncodedField::get_field
const FieldID * get_field() const
Get a constant pointer to the FieldID.
Definition encoded.hpp:288
KUNAI::DEX::EncodedMethod
Class that represent the information from a Method.
Definition encoded.hpp:635
KUNAI::DEX::ExternalMethod
Definition external_method.hpp:23
KUNAI::DEX::FieldAnalysis
specification of a field analysis
Definition analysis.hpp:379
KUNAI::DEX::FieldAnalysis::add_xrefwrite
void add_xrefwrite(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
Add a cross reference where the field is written in code.
Definition analysis.hpp:442
KUNAI::DEX::FieldAnalysis::add_xrefread
void add_xrefread(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
Add a cross reference where the field is read in code.
Definition analysis.hpp:433
KUNAI::DEX::FieldID::get_name
const std::string & get_name() const
Get a constant reference to the name of the field.
Definition fields.hpp:93
KUNAI::DEX::Instruction
Base class for the Instructions of the Dalvik Bytecode.
Definition dalvik_instructions.hpp:69
KUNAI::DEX::MethodAnalysis
Specification of the method analysis, a method contains instructions, exceptions data,...
Definition analysis.hpp:491
KUNAI::DEX::MethodAnalysis::dump_dot_file
void dump_dot_file(std::string &file_path)
Dump the method as a dot file into the current path.
Definition analysis.hpp:599
KUNAI::DEX::MethodAnalysis::external
bool external() const
Check if the method is external.
Definition analysis.hpp:610
KUNAI::DEX::MethodAnalysis::is_android_api
bool is_android_api() const
Check if current method is an android api.
KUNAI::DEX::MethodAnalysis::known_apis
const std::vector< std::string > known_apis
vector of known apis of Android
Definition analysis.hpp:494
KUNAI::DEX::StringAnalysis
specification of a string analysis
Definition analysis.hpp:450
KUNAI::DEX::StringAnalysis::add_xreffrom
void add_xreffrom(ClassAnalysis *c, MethodAnalysis *m, std::uint64_t offset)
Add a cross reference where the string is read.
Definition analysis.hpp:482
exceptions::AnalysisException
Exception raised in the analysis of dalvik.
Definition analysis_exception.hpp:16
KUNAI
utilities
Definition analysis.hpp:23
Generated by doxygen 1.9.8