skylot / jadx

Dex to Java decompiler
Apache License 2.0
42.04k stars 4.9k forks source link

Anti-disassemble tricks with illegal opcodes totally break JADX decompilation #224

Open enovella opened 6 years ago

enovella commented 6 years ago

This protector destroys all the JADX decompilation. It may be interesting to take a peek at how this protector confuses DEX decompilers by adding junk opcodes.

APK: https://koodous.com/apks/a5722d6ab8a2de93f94901129f9793a4b898a31fe33250e2466d4d877af1dcd3

More info: https://github.com/rednaga/APKiD/issues/52 https://github.com/JesusFreke/smali/issues/562#issuecomment-340075562

APKiD output:

$ apkid /tmp/GODDESS_KISS_v1.040.12_apkpure.com.apk 
[+] APKiD 1.0.0 :: from RedNaga :: rednaga.io
[*] /tmp/GODDESS_KISS_v1.040.12_apkpure.com.apk!classes.dex
 |-> anti_vm : Build.FINGERPRINT check, Build.MANUFACTURER check, Build.MODEL check, Build.PRODUCT check, Build.TAGS check, network operator name check, subscriber ID check
 |-> compiler : dexlib 2.x
 |-> protector : CNProtect (anti-disassemble)
enovella commented 6 years ago

Any workaround on this topic?

manizzle commented 6 years ago

https://github.com/JesusFreke/smali/issues/562#issuecomment-340124461 looks like a way smali deals with it?

zhangmengfeigithub commented 6 years ago

mistake

skylot commented 6 years ago

I made incorrect instructions removing in branch issue-224. In most cases this is enough, for others I need to implement proper instructions checking and dead code elimination. This is not hard but need to change a lot of code. Also I don't see any correct and usable code in these classes (correct me if I wrong), so I think these classes can be just ignored. Another problem: if I enable this 'remove bad instructions' behavior by default it will hide jadx internal errors and you will see incorrect code instead error :(

P.S. Did anyone trying to use simplify or dex-oracle on this apk?

enovella commented 6 years ago

Hi all,

@manizzle:

Basically, uses the concept of dead code which is bad (from Dex Education presentation) to insert bad opcodes/junk. Baksmali handles this correctly by ignoring the class.

You suggest to skip the class decompilation too?

@skylot: Are you saying that these classes are intentionally included as a bait and they are pointless? If so, can I see the decompilation of any of them? I do understand that it might not be smart to add this specific behaviour and affect thousands of normal cases. I didnt try Simplify, but will do. I'll come back to you with more insight.

Cheers

enovella commented 6 years ago

I see the other branch issue-224, I will test it.

enovella commented 6 years ago

Testing the branch issue-224 and seems that the decompilation doesn't break as before. However, method signatures which should return java.lang.String are returning nothing.

package com.igaworks;

/* compiled from: pLcuvtHYMV33kSB2Tg4Q5xibvvXNoLrd8MvLCSa8VytUtHJHtMTRwRCb1xvlJds1CnSsqtO7LUEeQyrYWAUDx4VdLVgBP3M0w7ngpQwTKxUqSyQBSIah3pJXHo3H1QUuSabqGJAhfuMKW8HcjaQEm4CwqwEx3XkDeVsyU45m5R5UgTj324DO */
public class bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG {
    public int gCB9HY1RwJamUM0tn5Sbe3RwD0lVgxDl7tptnar9HhV1jAs8yiBtuVPPZKXETFD9OQGDKazAz4mFlKwVWl2XxvipjhgfqXJIzsC3mXchDXyCBwZBhpBE5h6Z1P9p8iQRlLKji6PHlYJPzAqJmiSc6t103Qpoy2wFFrkgFE2cSJFNTU8SRRw6() {
        return;
    }

    public String yAY9Vzgw8nofaAWHMNgoZMGykBxEc8AUp86q1FjzX42OlCCLGl0fq1ZtvzKgwRavy34NJRy8IztuhpBecxCPAKSI0gzsAIb7M6bXW5AN1HBnposh5Y1jddBqjEbhSHdNuQHNECNJEsvYyUoJYjlJofN8yfWQMntW6yMESf3QnIMBRtsUg8Qv() {
    }
}

Previous decompilation looked like this:

package com.igaworks;

/* compiled from: pLcuvtHYMV33kSB2Tg4Q5xibvvXNoLrd8MvLCSa8VytUtHJHtMTRwRCb1xvlJds1CnSsqtO7LUEeQyrYWAUDx4VdLVgBP3M0w7ngpQwTKxUqSyQBSIah3pJXHo3H1QUuSabqGJAhfuMKW8HcjaQEm4CwqwEx3XkDeVsyU45m5R5UgTj324DO */
public class bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG {
    public int gCB9HY1RwJamUM0tn5Sbe3RwD0lVgxDl7tptnar9HhV1jAs8yiBtuVPPZKXETFD9OQGDKazAz4mFlKwVWl2XxvipjhgfqXJIzsC3mXchDXyCBwZBhpBE5h6Z1P9p8iQRlLKji6PHlYJPzAqJmiSc6t103Qpoy2wFFrkgFE2cSJFNTU8SRRw6() {
        /* JADX: method processing error */
/*
Error: jadx.core.utils.exceptions.DecodeException: Load method exception: bogus opcode: 0079 in method: com.igaworks.bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.gCB9HY1RwJamUM0tn5Sbe3RwD0lVgxDl7tptnar9HhV1jAs8yiBtuVPPZKXETFD9OQGDKazAz4mFlKwVWl2XxvipjhgfqXJIzsC3mXchDXyCBwZBhpBE5h6Z1P9p8iQRlLKji6PHlYJPzAqJmiSc6t103Qpoy2wFFrkgFE2cSJFNTU8SRRw6():int, dex: classes.dex
    at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:116)
    at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:249)
    at jadx.core.ProcessClass.process(ProcessClass.java:31)
    at jadx.api.JadxDecompiler.processClass(JadxDecompiler.java:282)
    at jadx.api.JavaClass.decompile(JavaClass.java:62)
    at jadx.api.JavaClass.getCode(JavaClass.java:48)
Caused by: java.lang.IllegalArgumentException: bogus opcode: 0079
    at com.android.dx.io.OpcodeInfo.get(OpcodeInfo.java:1217)
    at com.android.dx.io.OpcodeInfo.getName(OpcodeInfo.java:1224)
    at jadx.core.dex.instructions.InsnDecoder.decode(InsnDecoder.java:590)
    at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:74)
    at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:102)
    ... 5 more
*/
        /*
        // Can't load method instructions.
        */
        throw new UnsupportedOperationException("Method not decompiled: com.igaworks.bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.gCB9HY1RwJamUM0tn5Sbe3RwD0lVgxDl7tptnar9HhV1jAs8yiBtuVPPZKXETFD9OQGDKazAz4mFlKwVWl2XxvipjhgfqXJIzsC3mXchDXyCBwZBhpBE5h6Z1P9p8iQRlLKji6PHlYJPzAqJmiSc6t103Qpoy2wFFrkgFE2cSJFNTU8SRRw6():int");
    }

    public java.lang.String yAY9Vzgw8nofaAWHMNgoZMGykBxEc8AUp86q1FjzX42OlCCLGl0fq1ZtvzKgwRavy34NJRy8IztuhpBecxCPAKSI0gzsAIb7M6bXW5AN1HBnposh5Y1jddBqjEbhSHdNuQHNECNJEsvYyUoJYjlJofN8yfWQMntW6yMESf3QnIMBRtsUg8Qv() {
        /* JADX: method processing error */
/*
Error: jadx.core.utils.exceptions.DecodeException: Load method exception: index:38211, length=33787 in method: com.igaworks.bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.yAY9Vzgw8nofaAWHMNgoZMGykBxEc8AUp86q1FjzX42OlCCLGl0fq1ZtvzKgwRavy34NJRy8IztuhpBecxCPAKSI0gzsAIb7M6bXW5AN1HBnposh5Y1jddBqjEbhSHdNuQHNECNJEsvYyUoJYjlJofN8yfWQMntW6yMESf3QnIMBRtsUg8Qv():java.lang.String, dex: classes.dex
    at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:116)
    at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:249)
    at jadx.core.ProcessClass.process(ProcessClass.java:31)
    at jadx.api.JadxDecompiler.processClass(JadxDecompiler.java:282)
    at jadx.api.JavaClass.decompile(JavaClass.java:62)
    at jadx.api.JavaClass.getCode(JavaClass.java:48)
Caused by: java.lang.IndexOutOfBoundsException: index:38211, length=33787
    at com.android.dex.Dex.checkBounds(Dex.java:147)
    at com.android.dex.Dex.access$1100(Dex.java:52)
    at com.android.dex.Dex$FieldIdTable.get(Dex.java:758)
    at com.android.dex.Dex$FieldIdTable.get(Dex.java:756)
    at jadx.core.dex.nodes.DexNode.getFieldId(DexNode.java:172)
    at jadx.core.dex.info.FieldInfo.fromDex(FieldInfo.java:29)
    at jadx.core.dex.instructions.InsnDecoder.decode(InsnDecoder.java:488)
    at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:74)
    at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:102)
    ... 5 more
*/
        /*
        // Can't load method instructions.
        */
        throw new UnsupportedOperationException("Method not decompiled: com.igaworks.bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.yAY9Vzgw8nofaAWHMNgoZMGykBxEc8AUp86q1FjzX42OlCCLGl0fq1ZtvzKgwRavy34NJRy8IztuhpBecxCPAKSI0gzsAIb7M6bXW5AN1HBnposh5Y1jddBqjEbhSHdNuQHNECNJEsvYyUoJYjlJofN8yfWQMntW6yMESf3QnIMBRtsUg8Qv():java.lang.String");
    }
}

This is indeed odd and I should reverse engineer the app to understand what's happening under the hood. For instance, there is an asset file that looks like packed code (libData.so).

cnprotector

I do not know if these changes can be merged within the master branch without altering the behaviour of other stuff. If not, let's leave this extreme case out for the moment.

enovella commented 6 years ago

Looking at little bit deeper with Radare2 and I observe many nops over the Dalvik bytecode:

$ r2 apk://cnprotector.apk
[0x0016c654]> ic~e8RD41S7WxJNiT3P6Ak5ogOzUXT1tkq
0x0016c654 [0x007f0734 - 0x007f07a2] (sz 110) class 7658 Lcom/igaworks/bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG super: Ljava/lang/Object;
0x007f0734 method 0 pC   Lcom/igaworks/bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.method.<init>()V
0x007f074c method 1 p    Lcom/igaworks/bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.method.gCB9HY1RwJamUM0tn5Sbe3RwD0lVgxDl7tptnar9HhV1jAs8yiBtuVPPZKXETFD9OQGDKazAz4mFlKwVWl2XxvipjhgfqXJIzsC3mXchDXyCBwZBhpBE5h6Z1P9p8iQRlLKji6PHlYJPzAqJmiSc6t103Qpoy2wFFrkgFE2cSJFNTU8SRRw6()I
0x007f0780 method 2 p    Lcom/igaworks/bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.method.yAY9Vzgw8nofaAWHMNgoZMGykBxEc8AUp86q1FjzX42OlCCLGl0fq1ZtvzKgwRavy34NJRy8IztuhpBecxCPAKSI0gzsAIb7M6bXW5AN1HBnposh5Y1jddBqjEbhSHdNuQHNECNJEsvYyUoJYjlJofN8yfWQMntW6yMESf3QnIMBRtsUg8Qv()Ljava/lang/String;

[0x0016c654]> s 0x007f0780

[0x007f0780]> pd
            ;-- Lcom/igaworks/bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.method.yAY9Vzgw8nofaAWHMNgoZMGykBxEc8AUp86q1FjzX42OlCCLGl0fq1ZtvzKgwRavy34NJRy8IztuhpBecxCPAKSI0gzsAIb7M6bXW5AN1HBnposh5Y1jddBqjEbhSHdNuQHNECNJEsvYyUoJYjlJofN8yfWQMntW6yMESf3QnIMBRtsUg8Qv()Ljava/lang/String;:
            ;-- method.public.Lcom_igaworks_bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG.Lcom_igaworks_bryGPqeke8RD41S7WxJNiT3P6Ak5ogOz:
            0x007f0780      008e           nop                         ; pLcuvtHYMV33kSB2Tg4Q5xibvvXNoLrd8MvLCSa8VytUtHJHtMTRwRCb1xvlJds1CnSsqtO7LUEeQyrYWAUDx4VdLVgBP3M0w7ngpQwTKxUqSyQBSIah3pJXHo3H1QUuSabqGJAhfuMKW8HcjaQEm4CwqwEx3XkDeVsyU45m5R5UgTj324DO.java:12
            0x007f0782      671b4395       sput v27, field+38211
            0x007f0786      6a9f9352       sput-boolean v159, Lcom/google/android/gms/internal/zzhj$zza;->zzKa Ljava/lang/String;
            0x007f078a      993d1b49       shr-int v61, v27, v73
            0x007f078e      8465           long-to-int v5, v6
            0x007f0790      1a0d439b       const-string v13, str.getCharSequenceExtra ; 0x3469d1
            0x007f0794      1b553a4a1f8d   const-string/jumbo v85, string+977936269 ; 0xfffffffb ; 5
            0x007f079a      453f0b1c       aget-wide v63, v11, v28
            0x007f079e      0f1f           return v31
            0x007f07a0      0d4e           move-exception v78
            0x007f07a2      0000           nop
            0x007f07a4      0100           move v0, v0
            0x007f07a6      0100           move v0, v0
            0x007f07a8      0100           move v0, v0
            0x007f07aa      0000           nop
            0x007f07ac      de744c00       or-int/lit8 v116, v76, 0
            0x007f07b0      0400           move-wide v0, v0
            0x007f07b2      0000           nop
            ;-- method.public.constructor.Lcom_igaworks_commerce_8s0GKjIChkfZn1BdgQLARyp04PVw1hmIzy88oCYXhkWNPaeNBGoP6sQQJFsPzLHfFwBIxt2DzpRKws83tXyy2JJhYqTtbPqoetPJBqLFI5JM0Is6LXT3L9uhOfA28A6UaU96SsHUZk3IlnpeqqEA7cZEhGdAtIh5PvHVFNOVKXF6r5C1xF1z.Lcom_igaworks_commerce_8s:
            0x007f07b4      70100cf50000   invoke-direct {v0}, Ljava/lang/Object.<init>()V ; 0xf50c ; I24trZx2VpS7TB8VEr26dBXNJQQFnJrV7sGf8KtC6OoTSiqGbdPmMkqYDorAiMM10gExKkeqUDqH3ARQq8Q83hr03YYbowqppA171Xl3XDcScV1FXeckaUobUWse2NGegaBb1xgxSIZrygiu80bPUXO29wdIKghuJLsrQFvvFagpQZsUZR9I.java:3
            0x007f07ba      0e00           return-void
            0x007f07bc      02000100       move/from16 v0, v1
            0x007f07c0      0000           nop
            0x007f07c2      0000           nop
            0x007f07c4      e3744c00       +iget-volatile v4, v7, Landroid/content/pm/ServiceInfo;->permission Ljava/lang/String;
            0x007f07c8      1100           return-object v0
            0x007f07ca      0000           nop
            0x007f07cc      0072           nop                         ; I24trZx2VpS7TB8VEr26dBXNJQQFnJrV7sGf8KtC6OoTSiqGbdPmMkqYDorAiMM10gExKkeqUDqH3ARQq8Q83hr03YYbowqppA171Xl3XDcScV1FXeckaUobUWse2NGegaBb1xgxSIZrygiu80bPUXO29wdIKghuJLsrQFvvFagpQZsUZR9I.java:12
            0x007f07ce      43c7           invalid
            0x007f07d0      55808180       iget-boolean v0, v8, Lcom/nhn/android/naverlogin/ui/OAuthLoginImage;->drawableByteStringNaverIconSeq02 Ljava/lang/String;
            0x007f07d4      4d475148       aput-object v71, v81, v72
            0x007f07d8      1b8f91bd8884   const-string/jumbo v143, string+-1849849724 ; 0xfffffff8 ; 8
            0x007f07de      30ab1b60       cmpg-double v171, v27, v96
            0x007f07e2      587f2ab2       iget-short v15, v7, field+45610
        ,=< 0x007f07e6      2803           goto 0x007f07ec
        |   0x007f07e8      b72b           xor-int/2addr v11, v2
        |   0x007f07ea      a170c352       or-long v112, v195, v82
            0x007f07ee      0000           nop
            0x007f07f0      02000100       move/from16 v0, v1
            0x007f07f4      0000           nop
            0x007f07f6      0000           nop
            0x007f07f8      e8744c00       +iget-wide-volatile v4, v7, Landroid/content/pm/ServiceInfo;->permission Ljava/lang/String;
            0x007f07fc      1100           return-object v0
            0x007f07fe      0000           nop
            ;-- Lcom/igaworks/commerce/8s0GKjIChkfZn1BdgQLARyp04PVw1hmIzy88oCYXhkWNPaeNBGoP6sQQJFsPzLHfFwBIxt2DzpRKws83tXyy2JJhYqTtbPqoetPJBqLFI5JM0Is6LXT3L9uhOfA28A6UaU96SsHUZk3IlnpeqqEA7cZEhGdAtIh5PvHVFNOVKXF6r5C1xF1z.method.wdrcFKmZpIONnH2Ps2ZdR6IZN1zppmgTRmrK0MIFxTuqwZpIUuoBSTT1KPzYMVT6ZAEyhOlxYUmO8xQAMDbs1UpEaD5dlYujVWQpNBnpKqCcNqke9IKaXm76mc2qzSq2iGa4gCkmc32bRQLcRRGImtNelQuUTvv4AfvhRbzmYP9WQ8q2vGv5()I:
            ;-- method.public.Lcom_igaworks_commerce_8s0GKjIChkfZn1BdgQLARyp04PVw1hmIzy88oCYXhkWNPaeNBGoP6sQQJFsPzLHfFwBIxt2DzpRKws83tXyy2JJhYqTtbPqoetPJBqLFI5JM0Is6LXT3L9uhOfA28A6UaU96SsHUZk3IlnpeqqEA7cZEhGdAtIh5PvHVFNOVKXF6r5C1xF1z.Lcom_igaworks_commerce_8s0GKjIChkfZn1:
            0x007f0800      00c5           nop                         ; I24trZx2VpS7TB8VEr26dBXNJQQFnJrV7sGf8KtC6OoTSiqGbdPmMkqYDorAiMM10gExKkeqUDqH3ARQq8Q83hr03YYbowqppA171Xl3XDcScV1FXeckaUobUWse2NGegaBb1xgxSIZrygiu80bPUXO29wdIKghuJLsrQFvvFagpQZsUZR9I.java:7
            0x007f0802      7dc5           neg-long v5, v12
            0x007f0804      4f359dc7       aput-byte v53, v157, v199
            0x007f0808      18b869571bbc.  const-wide v184:v185, 0xa36ba072bc1b5769
            0x007f0812      aa0e1b5d       rem-float v14, v27, v93
            0x007f0816      ad5bae23       mul-double v91, v174, v35
            0x007f081a      655b1dbf       sget-char v91, field+48925
            0x007f081e      5dacae89       iput-byte v12, v10, field+35246
            0x007f0822      0000           nop
            0x007f0824      030000000300   move/16 v0, v3
            0x007f082a      0000           nop
            0x007f082c      ed744c00       ^throw-verification-error v116, 0x3e0f0
            0x007f0830      59000000       iput v0, v0, Landroid/accounts/Account;->CREATOR Landroid/os/Parcelable$Creator;
            ;-- Lcom/igaworks/commerce/IgawCommerce$Currency.method.<clinit>()V:
            ;-- method.static.constructor.Lcom_igaworks_commerce_IgawCommerce_Currency.Lcom_igaworks_commerce_IgawCommerce_Currency.method._clinit___V:
            0x007f0834      22006221       new-instance v0, Lcom/igaworks/commerce/IgawCommerce$Currency; ; IgawCommerce.java:145 ; 0x46548
            0x007f0838      1a018a27       const-string v1, 0x1fb778
            0x007f083c      1a028b27       const-string v2, 0x1fb77c
            0x007f0840      7030f0c61002   invoke-direct {v0, v1, v2}, Lcom/igaworks/commerce/IgawCommerce$Currency.<init>(Ljava/lang/String;Ljava/lang/String;)V ; 0xc6f0
            0x007f0846      69001469       sput-object v0, Lcom/igaworks/commerce/IgawCommerce$Currency;->KR_KRW Lcom/igaworks/commerce/IgawCommerce$Currency;
            0x007f084a      22006221       new-instance v0, Lcom/igaworks/commerce/IgawCommerce$Currency; ; IgawCommerce.java:147 ; 0x46548
            0x007f084e      1a014971       const-string v1, 0x2ea05f
            0x007f0852      1a024b71       const-string v2, 0x2ea06d
[0x007f0780]>
enovella commented 6 years ago

JEB2 also fails with this sample in the decompilation

.class public bryGPqeke8RD41S7WxJNiT3P6Ak5ogOzUXT1tkqQqwOv1vovebnJHAbXeqmsNMRPaVLVwfHsO3u8zr08PxyFUd9hw1qITJ57JLIVYLaBpa6wAj08fXufp1PMYrvU0YdUb3SSsJ12pZGERL923lz1MY43OGZc5eeoQh7kCC7Hk1aiOIvhajZG
.super Object

.method public constructor <init>()V
          .registers 1
00000000  invoke-direct       Object-><init>()V, p0
00000006  return-void
.end method

.method public gCB9HY1RwJamUM0tn5Sbe3RwD0lVgxDl7tptnar9HhV1jAs8yiBtuVPPZKXETFD9OQGDKazAz4mFlKwVWl2XxvipjhgfqXJIzsC3mXchDXyCBwZBhpBE5h6Z1P9p8iQRlLKji6PHlYJPzAqJmiSc6t103Qpoy2wFFrkgFE2cSJFNTU8SRRw6()I
          .registers 2
          # Bytecode parsing errors! Not all instructions are shown, proceed carefully.
00000000  nop
00000002  invalid-opcode-79
00000004  move-object/from16  p36, p32284
.end method

.method public yAY9Vzgw8nofaAWHMNgoZMGykBxEc8AUp86q1FjzX42OlCCLGl0fq1ZtvzKgwRavy34NJRy8IztuhpBecxCPAKSI0gzsAIb7M6bXW5AN1HBnposh5Y1jddBqjEbhSHdNuQHNECNJEsvYyUoJYjlJofN8yfWQMntW6yMESf3QnIMBRtsUg8Qv()String
          .registers 2
00000000  nop
00000002  sput                p26, INVALID_FIELD_38211
00000006  sput-boolean        p158, zzhj$zza->zzKa:String
0000000A  shr-int             p60, p26, p72
0000000E  long-to-int         p4, p5
00000010  const-string        p12, "getCharSequenceExtra"
00000014  const-string/jumbo  p84, INVALID_STRING_-1927329222
0000001A  aget-wide           p62, p10, p27
0000001E  return              p30
.end method
enovella commented 6 years ago

@skylot @sergey-wowwow should we close this issue?

skylot commented 6 years ago

I think we can leave it open. I will make correct handling for bad instructions, like: