RE: JAVA Classes - Recompilation condition errors!!

["V. Poddubnyy" <vpoddubniy () mail ru>]

Hello,

If you use decompilation (and it looks so), then this is decompilation
error. We investigated this issue this summer and found that:

- some exception handlers are not decompiled correctly (and this looks like
synchronized statements too - your monitor* and class1);
- some JVM instructions are not decompiled at all (your JVM INSTRs);
- if the code is obfuscated, some of the functions may be overloaded by only
the return value, not a name or arguments (this is prohibited in Java, but
not in bytecode);
- and some other problems.

We wrote a tool, which tries to repair the code, but it is not the best
thing. You should modify the code without any decompilation: just modify
bytecode in *.class files. This really helps.
Also you can try to switch decompiler and file a bug to it... :) But this
won't help if to talk about free decompilers.

Hope this answered your question.

--
Best regards,
 Vladimir Poddubnyy


> -----Original Message-----
> From: George Fekkas [mailto:G.Fekkas () encode-sec com] 
> Sent: Friday, December 03, 2004 12:01 PM
> To: pen-test () securityfocus com; webappsec () securityfocus com
> Subject: JAVA Classes - Recompilation condition errors!!
>
> Hi Pen-Testers
>
> I am performing a code injection into JAVA classes. I am 
> working with the Java Object Inspector Tool (COMPASS). I 
> injected the desirable code in order to inspect JAVA objects. 
> However, when I am trying to recompile the classes then the 
> following errors are occurred. I have already checked all the 
> "imports" for the right paths and all seems to be correct.
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:89: ';' expected
>
> JVM INSTR monitorenter ;
>
> ^
>
> C:\Documents and
>
> Settings\Administrator\Desktop\HackClasses\*****.java:112:not 
> a statement
>
> class1;
>
> ^
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:113:
>
> ';' expected
>
> JVM INSTR monitorexit ;
>
> ^
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:116: 
> not a statement exception;
>
> ^
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:87: u ndefined
> label: MISSING_BLOCK_LABEL_247
>
> break MISSING_BLOCK_LABEL_247;
>
> ^
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:89: c 
> annot resolve symbol symbol : class JVM
>
> location: class com.edi.commerce.********
>
> JVM INSTR monitorenter ;
>
> ^
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:91: u ndefined
> label: MISSING_BLOCK_LABEL_237
>
> break MISSING_BLOCK_LABEL_237;
>
> ^
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:113:cann
> ot resolve symbol
>
> symbol : class JVM
>
> location: class com.edi.commerce.*********
>
> JVM INSTR monitorexit ;
>
> ^
>
> C:\Documents and
> Settings\Administrator\Desktop\HackClasses\*****.java:114:
>
> undefined label: MISSING_BLOCK_LABEL_247
>
> break MISSING_BLOCK_LABEL_247;
>
> ^
>
> However, the recompilation was succeeded by comment out the 
> lines in the source code (Decompile Java Classes).
>
>  //if(_type !=3D null) 
>
> // break MISSING_BLOCK_LABEL_247; 
>
> //Class class1 =3D org.omg.CORBA.TypeCode.class; 
>
> //JVM INSTR monitorenter; 
>
> //if(_type !=3D null)
>
> // break MISSING_BLOCK_LABEL_237;
>
> //class1;
>
> //JVM INSTR monitorexit;
>
> //break MISSING_BLOCK_LABEL_247;
>
> Is this a big problem? If it is what can I do in order to 
> avoid these errors?
>
> Thank you for your time.
>
>
>
> ******************************************************************
> Any views expressed in this message are those of the 
> individual sender, except where the sender specifically 
> states them to be the views of ENCODE S.A.
> ******************************************************************