Write a Blog >>
ICSE 2021
Mon 17 May - Sat 5 June 2021

Java Native Interface (JNI) provides a way for Java applications to access native libraries, but it is difficult to develop correct JNI programs. By leveraging native code, the JNI enables Java developers to implement efficient applications and to reuse code written in other programming languages such as C and C++. Besides, the core Java libraries already use the JNI to provide system features like a graphical user interface. As a result, many mainstream Java Virtual Machines (JVMs) support the JNI. However, due to the complex interoperation semantics between different programming languages, implementing correct JNI programs is not trivial. Moreover, because of the performance overhead, JVMs do not validate erroneous JNI interoperations by default, but they validate them only when the debug feature, the -Xcheck:jni option, is enabled. Therefore, the correctness of JNI programs highly relies on the checks by the -Xcheck:jni option of JVMs. Questions remain, however, on the quality of the checks provided by the feature. Are there any properties that the -Xcheck:jni option fails to validate? If so, what potential issues can arise due to the lack of such validation? To the best of our knowledge, no research has explored these questions in-depth.

In this paper, we empirically study the validation quality and impacts of the -Xcheck:jni option on mainstream JVMs using unspecified corner cases in the JNI specification. Such unspecified cases may lead to unexpected run-time behaviors because their semantics is not defined in the specification. For a systematic study, we propose JUSTGEN, a semi-automated approach to identify unspecified cases from a specification and generate test programs. JUSTGEN receives the JNI specification written in our domain specific language (DSL), and automatically discovers unspecified cases using an SMT solver. It then generates test programs that trigger the behaviors of unspecified cases. Using the generated tests, we empirically study the validation ability of the -Xcheck:jni option. Our experimental result shows that the JNI debug feature does not validate thousands of unspecified cases on JVMs, and they can cause critical run-time errors such as violation of the Java type system and memory corruption. We reported 792 unspecified cases that are not validated by JVMs to their corresponding JVM vendors. Among them, 563 cases have been fixed and the remaining cases will be fixed in near future. Based on our empirical study, we believe that the JNI specification should specify the semantics of the missing cases clearly and the debug feature should be supported completely.

Thu 27 May

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

10:00 - 11:00
3.1.4. Vulnerabilities in Android #2Journal-First Papers / Technical Track at Blended Sessions Room 4 +12h
Chair(s): Ignacio Panach Universidad de Valencia
10:00
20m
Paper
JUSTGen: Effective Test Generation for Unspecified JNI Behaviors on JVMsArtifact ReusableTechnical TrackArtifact Available
Technical Track
Sungjae Hwang KAIST, Sungho Lee KAIST, Jihoon Kim KAIST, Sukyoung Ryu KAIST
Pre-print Media Attached
10:20
20m
Paper
Why an Android App is Classified as Malware? Towards Malware Classification InterpretationJournal-First
Journal-First Papers
bozhi wu Nanyang Technological University, Sen Chen Tianjin University, Cuiyun Gao Harbin Institute of Technology, Lingling Fan Nankai University, Yang Liu Nanyang Technological University, Weiping Wen Peking University, Michael Lyu The Chinese University of Hong Kong
DOI Pre-print Media Attached
10:40
20m
Paper
Security Analysis of Permission Re-delegation Vulnerabilities in Android AppsJournal-First
Journal-First Papers
Biniam Fisseha Demissie Fondazione Bruno Kessler, Mariano Ceccato University of Verona, Lwin Khin Shar Singapore Management University
Link to publication DOI Media Attached
22:00 - 23:00
3.1.4. Vulnerabilities in Android #2Journal-First Papers / Technical Track at Blended Sessions Room 4
22:00
20m
Paper
JUSTGen: Effective Test Generation for Unspecified JNI Behaviors on JVMsArtifact ReusableTechnical TrackArtifact Available
Technical Track
Sungjae Hwang KAIST, Sungho Lee KAIST, Jihoon Kim KAIST, Sukyoung Ryu KAIST
Pre-print Media Attached
22:20
20m
Paper
Why an Android App is Classified as Malware? Towards Malware Classification InterpretationJournal-First
Journal-First Papers
bozhi wu Nanyang Technological University, Sen Chen Tianjin University, Cuiyun Gao Harbin Institute of Technology, Lingling Fan Nankai University, Yang Liu Nanyang Technological University, Weiping Wen Peking University, Michael Lyu The Chinese University of Hong Kong
DOI Pre-print Media Attached
22:40
20m
Paper
Security Analysis of Permission Re-delegation Vulnerabilities in Android AppsJournal-First
Journal-First Papers
Biniam Fisseha Demissie Fondazione Bruno Kessler, Mariano Ceccato University of Verona, Lwin Khin Shar Singapore Management University
Link to publication DOI Media Attached