search

Storyyeller / Krakatau

Java decompiler, assembler, and disassembler
GNU General Public License v3.0
1.95k stars 219 forks source link

Problem with for-loop syntax #169

Closed Janmm14 closed 4 years ago

Janmm14 commented 4 years ago

A variable used in the incrementation slot of the for-loop syntax might just got initialized in the for loop body, creating a compile error

Storyyeller commented 4 years ago

Do you have a reproduction case?

Janmm14 commented 4 years ago

Method Z(Ljava/lang/Object;)Ljava/lang/String; Krakatau disassemble: https://gist.github.com/Janmm14/17d31cf17c3c60111df6dbf5a1320f07

Problematic variable: i15

if (i5 % 8 == 0) {
    int i10 = i ^ a1[0];
    int i11 = i0 ^ a1[1];
    int i12 = i1 ^ a1[2];
    int i13 = i2 ^ a1[3];
    int i14 = 4;
    for(; i14 < 36; i14 = i15 + 4) {
        int i16 = a2[i10 & 255] ^ a3[i11 >> 8 & 255] ^ a4[i12 >> 16 & 255] ^ a5[i13 >>> 24] ^ a1[i14];
        int i17 = a2[i11 & 255] ^ a3[i12 >> 8 & 255] ^ a4[i13 >> 16 & 255] ^ a5[i10 >>> 24] ^ a1[i14 + 1];
        int i18 = a2[i12 & 255] ^ a3[i13 >> 8 & 255] ^ a4[i10 >> 16 & 255] ^ a5[i11 >>> 24] ^ a1[i14 + 2];
        int i19 = a2[i13 & 255] ^ a3[i10 >> 8 & 255] ^ a4[i11 >> 16 & 255] ^ a5[i12 >>> 24] ^ a1[i14 + 3];
        int i15 = i14 + 4;
        i10 = a2[i16 & 255] ^ a3[i17 >> 8 & 255] ^ a4[i18 >> 16 & 255] ^ a5[i19 >>> 24] ^ a1[i15];
        i11 = a2[i17 & 255] ^ a3[i18 >> 8 & 255] ^ a4[i19 >> 16 & 255] ^ a5[i16 >>> 24] ^ a1[i15 + 1];
        i12 = a2[i18 & 255] ^ a3[i19 >> 8 & 255] ^ a4[i16 >> 16 & 255] ^ a5[i17 >>> 24] ^ a1[i15 + 2];
        i13 = a2[i19 & 255] ^ a3[i16 >> 8 & 255] ^ a4[i17 >> 16 & 255] ^ a5[i18 >>> 24] ^ a1[i15 + 3];
    }
    int i20 = a2[i10 & 255] ^ a3[i11 >> 8 & 255] ^ a4[i12 >> 16 & 255] ^ a5[i13 >>> 24] ^ a1[i14];
    int i21 = a2[i11 & 255] ^ a3[i12 >> 8 & 255] ^ a4[i13 >> 16 & 255] ^ a5[i10 >>> 24] ^ a1[i14 + 1];
    int i22 = a2[i12 & 255] ^ a3[i13 >> 8 & 255] ^ a4[i10 >> 16 & 255] ^ a5[i11 >>> 24] ^ a1[i14 + 2];
    int i23 = a2[i13 & 255] ^ a3[i10 >> 8 & 255] ^ a4[i11 >> 16 & 255] ^ a5[i12 >>> 24] ^ a1[i14 + 3];
    int i24 = i14 + 4;
    i = (int)a6[i20 & 255] & 255 ^ ((int)a6[i21 >> 8 & 255] & 255) << 8 ^ ((int)a6[i22 >> 16 & 255] & 255) << 16 ^ (int)a6[i23 >>> 24] << 24 ^ a1[i24 + 0];
    i0 = (int)a6[i21 & 255] & 255 ^ ((int)a6[i22 >> 8 & 255] & 255) << 8 ^ ((int)a6[i23 >> 16 & 255] & 255) << 16 ^ (int)a6[i20 >>> 24] << 24 ^ a1[i24 + 1];
    i1 = (int)a6[i22 & 255] & 255 ^ ((int)a6[i23 >> 8 & 255] & 255) << 8 ^ ((int)a6[i20 >> 16 & 255] & 255) << 16 ^ (int)a6[i21 >>> 24] << 24 ^ a1[i24 + 2];
    i2 = (int)a6[i23 & 255] & 255 ^ ((int)a6[i20 >> 8 & 255] & 255) << 8 ^ ((int)a6[i21 >> 16 & 255] & 255) << 16 ^ (int)a6[i22 >>> 24] << 24 ^ a1[i24 + 3];
}

Jar: ProtocolHelp.zip (string obfuscation expired, no harm left, but before it was a malicious bukkit (minecraft) plugin, allowing control over the server and access to the underlying server)

Storyyeller commented 4 years ago

Should be fixed now. Thanks for the report!