Closed samczsun closed 7 years ago
Storyyeller
commented
7 years ago I don't have time to look into it in depth right now, but the assertion on line 33 means it is trying to read past the end of some data. Which means that commenting it out is likely to lead to garbage results.
samczsun
commented
7 years ago Sometime in the next week (also slightly overrun with stuff to do) I'll take a look through and see if it's actually disobeying the class file format somewhere. However, it does load without verification errors which leads me to believe that this is an edge case in Krakatau
Storyyeller
commented
7 years ago Well if it loads without verification errors, then I'll try to support it, whether it follows the official format or not. One of the goals of Krakatau is to support the classfile format as actually implemented, including all the obscure undocumented features.
Storyyeller
commented
7 years ago It turns out the class was valid. The problem is that I misread the format of the SourceDebugExtension attribute. Anyway, it's fixed now. Thanks for the report!
Storyyeller
commented
7 years ago P.S. If you don't mind me asking, what is the context of that code? I find the half-hearted obfuscation pretty interesting. It has a string decryption method, but no strings to decrypt. It has local variable tables, even in the obfuscator inserted decryption method, but all the variable names are replaced with unicode spaces. I'm curious why whoever wrote that obfuscator even compiled the obfuscator with debug info in the first place. Also, there's a ton of int pushs and pops added, but no obfuscation that actually matters. I wonder what obfsucator it was.
samczsun
commented
7 years ago It was the only class in a Spigot plugin, obfuscated by some random person on the forums. I got interested because he claimed that no decompiler could decompile it, and.. well, that's just begging to be decompiled (or at least disassembled).
Storyyeller
commented
7 years ago Did he even try? It's barely obfuscated. Krakatau handles it no problem. I tried decompiling it out of curiosity, and the code is pretty readable.
samczsun
commented
7 years ago shakes magic 8 ball reply hazy try again
I'm not quite sure. For the sake of benefit of the doubt I'll assume that he (or she) found this bug instead of accidentally stumbling upon it. Maybe he/she assumed that because it couldn't be decompiled it was impenetrable(?). Whatever the case, the rest of the obfuscation was fairly disappointing.
Storyyeller
commented
7 years ago I found the thread (https://www.spigotmc.org/threads/ffa-beta.186926/#post-1963496). It sounds like the person who obfuscated it is not the original author, which explains a lot.
If I had to guess, it is most likely that he never even tried Krakatau. It's not as well known as the other decompilers. Either that, or he tried it, but got the missing class error and gave up. The whole requiring referenced jars thing makes a bit user-unfriendly to set up.
Hitting the assertion on line 33 in reader.py.
Not sure if invalid class fileLooks like it's valid, haven't bothered to look too closely because removing it disassembles the class properly and that's really all that I cared about.archive.zip