Optimize default config for "rule", now it is all *.json files in the…

… $rulePath directory
bytedance · Jan 5, 2023 · 4dc2bde · 4dc2bde
1 parent 0a61b62
commit 4dc2bde
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 16 deletions.
diff --git a/.gitignore b/.gitignore
@@ -10,4 +10,5 @@ build/*
 .DS_Store
 flowdroidAndSoot.src/*
 out/
-.vscode/
+.vscode/
+bin/*
diff --git a/README.md b/README.md
@@ -44,21 +44,21 @@ The `config.json5` has the following configuration contents.
 
 ```JSON
 {
-  "apkPath": "/Users/apks/app1.apk",
-  "out": "out",
-  "rules": "unZipSlip.json",
-  "maxPointerAnalyzeTime": 600
+  "apkPath": "/Users/apks/app1.apk"
 } 
 ```
 
-Each JSON field is explained below.
+Each JSON has these basic field.
 
 - apkPath: the path of the apk file to analyze
 - out: the path of the output directory
-- rules: the path(s) of the rule file(s), can be more than 1 rules
+- rules: specifies the rules, split by `,`. Default is all *.json files in the $rulePath directory
+- rulePath: specifies the rule's parent directory, default is ./config/rules
 - maxPointerAnalyzeTime: the timeout duration in seconds set for the analysis started from an entry point
 - debugRule: specify the rule name that enables logging for debugging
 
+For more config field, please visit `net.bytedance.security.app.ArgumentConfig`
+
 If you provide a configuration JSON file which sets the output path as `out` in the project root directory, you will
 find the result file `out/results.json` after running the analysis.
 

diff --git a/config/config.json5 b/config/config.json5
@@ -2,9 +2,11 @@
   //apk to anlayze
   "apkPath": "/Users/aaa/Downloads/app.apk",
   //result output directory
-  "out": "out",
-  "rules": "unZipSlip.json",
-  "maxPointerAnalyzeTime": 600,
+//  "out": "out",
+  //specifies the rules, default is all *.json files in the $rulePath directory
+//  "rules": "unZipSlip.json",
+  //specifies the rule's parent directory, default is ./config/rules
+//  "rulePath": "config/rules"
   //print more info about this rule
-  "debugRule": "unZipSlip"
+//  "debugRule": "unZipSlip"
 }
diff --git a/src/main/kotlin/net/bytedance/security/app/AnalyzeStepByStep.kt b/src/main/kotlin/net/bytedance/security/app/AnalyzeStepByStep.kt
@@ -30,14 +30,22 @@ import soot.Scene
 import soot.SootClass
 import soot.options.Options
 import java.io.File
+import java.nio.file.Files
+import java.nio.file.Paths
+import kotlin.io.path.pathString
+import kotlin.streams.toList
 
 class AnalyzeStepByStep {
     suspend fun loadRules(
-        ruleList: List<String>,
+        ruleList: String,
     ): Rules {
-        val rulePathList = ruleList.map {
-            "${getConfig().rulePath}/$it"
-        }.toList()
+        val rulePathList = if (ruleList.isNotEmpty())
+            ruleList.split(",").map { "${getConfig().rulePath}/$it" }.toList()
+        else
+            withContext(Dispatchers.IO) {
+                Files.walk(Paths.get(getConfig().rulePath),1)
+            }.filter { it.pathString.endsWith(".json") }.map { it.pathString }
+                .toList()
         val rules = Rules(rulePathList, RuleFactory())
         rules.loadRules()
         return rules

diff --git a/src/main/kotlin/net/bytedance/security/app/StaticAnalyzeMain.kt b/src/main/kotlin/net/bytedance/security/app/StaticAnalyzeMain.kt
@@ -54,7 +54,7 @@ object StaticAnalyzeMain {
         profiler.parseApk.end()
 
         profiler.preProcessor.start()
-        val rules = v3.loadRules(argumentConfig.rules.split(","))
+        val rules = v3.loadRules(argumentConfig.rules)
         logInfo("rules loaded")
         val ctx = v3.createContext(rules)
         profiler.preProcessor.end()