Exception encountered when using the Soot framework for Java bytecode analysis

[bananashipsBBQ]

📝 Overall Description

Hello, I encountered an error regarding bytecode analysis while using the Tai-e framework on WebLogic. The specific error is as follows：
Exception in thread "main" java.lang.RuntimeException: Failed to convert <weblogic.jndi.WLInitialContextFactoryDelegate: weblogic.security.acl.internal.AuthenticatedSubject authenticateLocally(weblogic.security.acl.UserInfo)> at soot.asm.AsmMethodSource.getBody(AsmMethodSource.java:2249) at soot.SootMethod.retrieveActiveBody(SootMethod.java:447) at soot.jimple.toolkits.annotation.LineNumberAdder.internalTransform(LineNumberAdder.java:63) at soot.PackManager.runPacksNormally(PackManager.java:496) at soot.PackManager.runPacks(PackManager.java:425) at soot.Main.run(Main.java:266) at pascal.taie.frontend.soot.SootWorldBuilder.runSoot(SootWorldBuilder.java:253) at pascal.taie.frontend.soot.SootWorldBuilder.build(SootWorldBuilder.java:83) at pascal.taie.Main.lambda$buildWorld$3(Main.java:134) at pascal.taie.util.Timer.lambda$runAndCount$0(Timer.java:112) at pascal.taie.util.Timer.runAndCount(Timer.java:93) at pascal.taie.util.Timer.runAndCount(Timer.java:111) at pascal.taie.util.Timer.runAndCount(Timer.java:107) at pascal.taie.Main.buildWorld(Main.java:126) at pascal.taie.Main.lambda$main$0(Main.java:61) at pascal.taie.util.Timer.lambda$runAndCount$0(Timer.java:112) at pascal.taie.util.Timer.runAndCount(Timer.java:93) at pascal.taie.util.Timer.runAndCount(Timer.java:111) at pascal.taie.util.Timer.runAndCount(Timer.java:107) at pascal.taie.Main.main(Main.java:52) Caused by: java.lang.RuntimeException: Trying to create interface invoke expression for non-interface type: weblogic.security.service.PrincipalAuthenticator Use JVirtualInvokeExpr or JSpecialInvokeExpr instead! at soot.jimple.internal.JInterfaceInvokeExpr.<init>(JInterfaceInvokeExpr.java:47) at soot.jimple.Jimple.newInterfaceInvokeExpr(Jimple.java:491) at soot.asm.AsmMethodSource.convertMethodInsn(AsmMethodSource.java:1436) at soot.asm.AsmMethodSource.convert(AsmMethodSource.java:1965) at soot.asm.AsmMethodSource.getBody(AsmMethodSource.java:2247) ... 19 more

🎯 Expected Behavior

I would like to ask how to solve this problem

🐛 Current Behavior

I am using Tai-e to verify the CVE-224-20931 vulnerability and I am unsure if it is feasible

🔄 Reproducible Example

No response

⚙️ Tai-e Arguments

🔍 Click here to see Tai-e Options

{{The content of 'output/options.yml' file}}

🔍 Click here to see Tai-e Analysis Plan

{{The content of 'output/tai-e-plan.yml' file}}

📜 Tai-e Log

🔍 Click here to see Tai-e Log

{{The content of 'output/tai-e.log' file}}

ℹ️ Additional Information

No response

[jjppp]

This seems to be an upstream issue due to Soot, according to your stacktrace.
We have been developing a new bytecode frontend as a substitution for Soot, which will be released soon, I think.

---

Please continue to track this in #206 going forward.

[bananashipsBBQ]

好的感谢回复，期待发布