search

CalebFenton / simplify

Android virtual machine and deobfuscator
Other
4.41k stars 438 forks source link

How do I handle exceptions ? Real exception was thrown executing ExecutionNode #119

Open unoexperto opened 5 years ago

unoexperto commented 5 years ago

Provide link to specific APK, DEX, or file hash

https://yelp.en.uptodown.com/android/download/60457 MD5: 1de46895fdc3708bd121e3b9bc3309ba

Describe the bug

Multiple thrown exceptions:

Caused by: java.lang.RuntimeException: Real exception was thrown executing ExecutionNode{signature=Lcom/yelp/android/appdata/webrequests/ApiRequest;-><init>(Lcom/yelp/android/appdata/webrequests/ApiRequest$RequestType;Ljava/lang/String;Lorg/apache/http/client/HttpClient;Landroid/content/Context;Lcom/yelp/android/appdata/webrequests/p;)V, op=new-instance r2, Lcom/yelp/android/services/u;, @=35} and was not handled. This could be a bug in smalivm.
    at org.cf.smalivm.NodeExecutor.execute(NodeExecutor.java:91)
    at org.cf.smalivm.MethodExecutor.execute(MethodExecutor.java:61)
    at org.cf.smalivm.VirtualMachine.execute(VirtualMachine.java:103)
    at org.cf.smalivm.VirtualMachine.execute(VirtualMachine.java:82)
    at org.cf.smalivm.opcode.InvokeOp.executeLocalMethod(InvokeOp.java:353)
    at org.cf.smalivm.opcode.InvokeOp.execute(InvokeOp.java:128)
    at org.cf.smalivm.context.ExecutionNode.execute(ExecutionNode.java:52)
    at org.cf.smalivm.NodeExecutor.execute(NodeExecutor.java:80)
    ... 27 more
Caused by: java.lang.NullPointerException
    at org.cf.smalivm.context.ExecutionContext.staticallyInitializeClassIfNecessary(ExecutionContext.java:220)
    at org.cf.smalivm.context.ExecutionContext.readClassState(ExecutionContext.java:132)
    at org.cf.smalivm.opcode.NewInstanceOp.execute(NewInstanceOp.java:37)
    at org.cf.smalivm.context.ExecutionNode.execute(ExecutionNode.java:52)
    at org.cf.smalivm.NodeExecutor.execute(NodeExecutor.java:80)
    ... 34 more

To Reproduce

-it 'com/yelp' --output-api-level 23 yelp-5-6-1-en-android.apk
Output file: text
Include filter: com/yelp
Exclude filter: null
Max execution time: 300
Max address visits: 10000
Max call depth: 50
Max method visits: 1000000
Max optimization passes: 100
Output API level: 23

Attempted work-arounds I tried to limit package to deobfuscate.

CalebFenton commented 4 years ago

Thanks for the bug report. I'm going to prioritize bugs dealing with malware obfuscation before this, but it does look legitimate.