search

zhkl0228 / unidbg

Allows you to emulate an Android native library, and an experimental iOS emulation
Apache License 2.0
3.82k stars 962 forks source link

调用函数出现NPE,求大佬们帮忙看下具体是啥原因 #383

Open 18463105800 opened 2 years ago

18463105800 commented 2 years ago

调用gaode app的时候出现npe问题,用最新代码没发现具体是啥原因导致的。 image

代码样例: package com.github.unidbg.gaode;

import com.github.unidbg.AndroidEmulator; import com.github.unidbg.Module; import com.github.unidbg.linux.android.AndroidEmulatorBuilder; import com.github.unidbg.linux.android.AndroidResolver; import com.github.unidbg.linux.android.dvm.*; import com.github.unidbg.memory.Memory;

import java.io.File;

public class TestGaodeCallInitMethod extends AbstractJni { private final AndroidEmulator emulator;

private final static String NameSpace = "/Users/zenglei11/Downloads";

private final Module module;

private final DvmClass Native;

private VM vm;

public TestGaodeCallInitMethod() {
    emulator = AndroidEmulatorBuilder
            .for32Bit()
            .setProcessName("com.autonavi.minimap")
            .build();

    File apkFile = new File(NameSpace + "/gaode7.8.apk");
    final Memory memory = emulator.getMemory();
    memory.setLibraryResolver(new AndroidResolver(23));

    vm = emulator.createDalvikVM(apkFile);
    vm.setJni(this);
    vm.setVerbose(true);
    String processName = emulator.getProcessName();
    emulator.showRegs();
    System.out.println("---" + processName);

    DalvikModule dm = vm.loadLibrary(new File(NameSpace + "/libserverkey-2.2.3.so"), false);
    dm.callJNI_OnLoad(emulator);

    module = dm.getModule();

    Native = vm.resolveClass("com/autonavi/server/aos/serverkey");

// System.out.println(Native.callStaticJniMethodObject(emulator, "getAosKey()Ljava/lang/String;"));

    final DvmObject<?> dvmObject = Native.newObject(null);

    String result = dvmObject.callJniMethodObject(emulator, "getAosKey()Ljava/lang/String;").toString();
    System.out.println(result);
}

@Override
public DvmObject<?> callStaticObjectMethodV(BaseVM vm, DvmClass dvmClass, String signature, VaList vaList) {
    System.out.println("++++" + signature);
    if ("com/autonavi/common/CC->getApplication()Landroid/app/Application;".equals(signature)) {
        return vm.resolveClass("android/app/Application").newObject(signature);
    }

    return super.callStaticObjectMethodV(vm, dvmClass, signature, vaList);
}

public static void main(String[] args) throws Exception {
    TestGaodeCallInitMethod test = new TestGaodeCallInitMethod();
}

}

apk文件和so文件在下面的腾讯链接中: 链接:https://share.weiyun.com/mbdqeWHA 密码:rdnibe

Pr0214 commented 2 years ago

复现并无问题呀

18463105800 commented 2 years ago

复现并无问题呀

请问下你用的是哪个版本的unidbg代码呢?我用最新代码会有npe问题,用v0.9.5包也是这个问题,而且还会提升具体哪里,可以看下面截图: image

Pr0214 commented 2 years ago 
@Override
public int getStaticIntField(BaseVM vm, DvmClass dvmClass, String signature) {
    switch (signature){
        case "android/content/pm/PackageManager->GET_SIGNATURES:I":{
            return 64;
        }
    }
    return super.getStaticIntField(vm, dvmClass, signature);
}

正常补

18463105800 commented 2 years ago 
@Override
public int getStaticIntField(BaseVM vm, DvmClass dvmClass, String signature) {
    switch (signature){
        case "android/content/pm/PackageManager->GET_SIGNATURES:I":{
            return 64;
        }
    }
    return super.getStaticIntField(vm, dvmClass, signature);
}

正常补

点赞,感谢大佬,可以了。

Pr0214 commented 2 years ago

客气了,加油