Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: java.lang.RuntimeException: File format error, res0 was not zero #25

Open
TasnimFabiha opened this issue Oct 30, 2023 · 2 comments
Open

[Bug]: java.lang.RuntimeException: File format error, res0 was not zero #25

TasnimFabiha opened this issue Oct 30, 2023 · 2 comments
Assignees
@LightningRS
Labels
bug Something isn't working

Comments

@TasnimFabiha
Copy link

TasnimFabiha commented Oct 30, 2023
edited
Loading

Contact Details

[email protected]

ICCBot Command Line

java -jar ICCBot.jar -path apk/ -name 6PM_Shoes_Clothes_More_3_0_0_Apkpure_unpack.apk -androidJar lib/platforms -time 30 -maxPathNumber 100 -client ICCSpecClient -outputDir results/output

java -jar ICCBot.jar -path apk/ -name 6PM_Shoes_Clothes_More_3_0_0_Apkpure_unpack.apk -androidJar lib/platforms -time 30 -maxPathNumber 100 -client CTGClient -outputDir results/output

Technical Details

When I using ICCBot to analyze APK [6PM_Shoes_Clothes_More_3_0_0_Apkpure_unpack.apk], for CTGClient and for ICCSpecClient, I get the following error.

java.lang.RuntimeException: File format error, res0 was not zero
        at soot.jimple.infoflow.android.resources.ARSCFileParser.readTypeTable(ARSCFileParser.java:2495)
        at soot.jimple.infoflow.android.resources.ARSCFileParser.readResourceHeader(ARSCFileParser.java:2228)
        at soot.jimple.infoflow.android.resources.ARSCFileParser.parse(ARSCFileParser.java:2092)
        at soot.jimple.infoflow.android.resources.ARSCFileParser$1.handleResourceFile(ARSCFileParser.java:2082)
        at soot.jimple.infoflow.android.resources.AbstractResourceParser.handleAndroidResourceFiles(AbstractResourceParser.java:54)
        at soot.jimple.infoflow.android.resources.ARSCFileParser.parse(ARSCFileParser.java:2076)
        at main.java.client.cg.CgConstructor.collectFragmentClasses(CgConstructor.java:185)
        at main.java.client.cg.CgConstructor.analyze(CgConstructor.java:81)
        at main.java.client.cg.CallGraphClient.clientAnalyze(CallGraphClient.java:30)
        at main.java.client.BaseClient.start(BaseClient.java:21)
        at main.java.client.obj.target.ctg.ICCSpecClient.clientAnalyze(ICCSpecClient.java:48)
        at main.java.client.BaseClient.start(BaseClient.java:21)
        at main.java.MainClass.startAnalyze(MainClass.java:83)
        at main.java.MainClass.main(MainClass.java:52)
        at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
        at java.base/java.lang.reflect.Method.invoke(Method.java:580)
        at com.simontuffs.onejar.Boot.run(Boot.java:340)
        at com.simontuffs.onejar.Boot.main(Boot.java:166)
The analysis is stopped, caused by File format error, res0 was not zero

It can successfully run and produce results for IROutputClient.

The error is coming from the soot jar, can anyone tell me what is the source of soot-infoflow-dummy.jar? I assume most of the codes are similar from the flowdroid repo, but can it be the case that the codes inside the soot-infoflow-dummy.jar is not updated?

APK File

(https://drive.google.com/file/d/1YipyGRJAzi0FJVZZIWuSSWc8rl-ScSPt/view?usp=sharing)

Version of ICCBot

1.0-stable

Version of Java

openjdk version "21"

Relevant log output

java.lang.RuntimeException: File format error, res0 was not zero
        at soot.jimple.infoflow.android.resources.ARSCFileParser.readTypeTable(ARSCFileParser.java:2495)
        at soot.jimple.infoflow.android.resources.ARSCFileParser.readResourceHeader(ARSCFileParser.java:2228)
        at soot.jimple.infoflow.android.resources.ARSCFileParser.parse(ARSCFileParser.java:2092)
        at soot.jimple.infoflow.android.resources.ARSCFileParser$1.handleResourceFile(ARSCFileParser.java:2082)
        at soot.jimple.infoflow.android.resources.AbstractResourceParser.handleAndroidResourceFiles(AbstractResourceParser.java:54)
        at soot.jimple.infoflow.android.resources.ARSCFileParser.parse(ARSCFileParser.java:2076)
        at main.java.client.cg.CgConstructor.collectFragmentClasses(CgConstructor.java:185)
        at main.java.client.cg.CgConstructor.analyze(CgConstructor.java:81)
        at main.java.client.cg.CallGraphClient.clientAnalyze(CallGraphClient.java:30)
        at main.java.client.BaseClient.start(BaseClient.java:21)
        at main.java.client.obj.target.ctg.ICCSpecClient.clientAnalyze(ICCSpecClient.java:48)
        at main.java.client.BaseClient.start(BaseClient.java:21)
        at main.java.MainClass.startAnalyze(MainClass.java:83)
        at main.java.MainClass.main(MainClass.java:52)
        at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
        at java.base/java.lang.reflect.Method.invoke(Method.java:580)
        at com.simontuffs.onejar.Boot.run(Boot.java:340)
        at com.simontuffs.onejar.Boot.main(Boot.java:166)
The analysis is stopped, caused by File format error, res0 was not zero
@TasnimFabiha TasnimFabiha added the bug Something isn't working label Oct 30, 2023
@LightningRS
Copy link
Collaborator

Hello @TasnimFabiha,

It seems you've encountered an issue related to FlowDroid, specifically related to the dependency de.fraunhofer.sit.sse.flowdroid:soot-infoflow-android.
ICCBot is using version 2.10.0 of this dependency, and unfortunately, the problem still exists in the latest published version, which is 2.12.0.
You can find more information about these versions here:
https://mvnrepository.com/artifact/de.fraunhofer.sit.sse.flowdroid/soot-infoflow-android
https://central.sonatype.com/artifact/de.fraunhofer.sit.sse.flowdroid/soot-infoflow-android

It appears that the issue has recently been fixed on the development branch of the FlowDroid project this month. Once an official release is made, we will consider upgrading the dependency.
You can track the progress of this issue on GitHub here:
secure-software-engineering/FlowDroid#657

If you need to use it urgently, you may need to update the soot-infoflow-android dependency to the latest version from the develop branch on GitHub:
https://github.com/secure-software-engineering/FlowDroid/tree/develop/soot-infoflow-android

@TasnimFabiha
Copy link
Author

@LightningRS , Thank you for your quick response!

While I wait for the official fix, can you please suggest some set of apps (the exact version) from https://f-droid.org/ that you used to evaluate the tool? I'm mostly looking for shopping or news related apps to get some results with. So at least if I can get results for some of the older versions of the apks on which this tool used to work that will be great. Can I get at least some portions of the list of 2000 apps (apk versions) that was mentioned in the paper to get start with?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@LightningRS LightningRS

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@TasnimFabiha @LightningRS